Show HN: Logira – eBPF runtime auditing for AI agent runs
melonattacker Sunday, March 01, 2026
I started using Claude Code (claude --dangerously-skip-permissions) and Codex (codex --yolo) and realized I had no reliable way to know what they actually did. The agent's own output tells you a story, but it's the agent's story.
logira records exec, file, and network events at the OS level via eBPF, scoped per run. Events are saved locally in JSONL and SQLite. It ships with default detection rules for credential access, persistence changes, suspicious exec patterns, and more. Observe-only – it never blocks.
https://github.com/melonattacker/logira
Summary
Logira is an open-source project that provides a simple and lightweight logging library for Go. It offers a structured logging approach, supporting different log levels and providing options for customizing the output format.
6
0
Summary
github.com