IAXT: AI you can trust. | Audit AI coding agents on macOS
Intelligent Agent eXecution Tracker (IAXT)
See what your AI coding
agent actually did.
IAXT is a quiet menu-bar app that records what Claude Code, Cursor, Aider, Codex, and Copilot
actually do on your Mac: commands run, files changed, packages installed, git operations, launch agents.
No blocking. No workflow changes. No cloud upload for individuals. Just a<br>local audit trail you can review after the coding session ends.
Get IAXT
How it works
The thesis
AI coding agents run commands and change files on your machine, with<br>broad permissions and at high speed.
Two things make that hard to keep up with.<br>Fatigue: over a long session the permission dialogs<br>blur into an illusion of control, and most of us click through.<br>Prompt injection: attackers now hide instructions for<br>the AI inside ordinary text, and the attacks keep getting more frequent<br>and more sophisticated.
IAXT doesn't block. IAXT doesn't restrict. IAXT watches, attributes, and<br>remembers, so whether it was a tired click or a hidden instruction, you<br>can answer the question most teams can't answer today:<br>what did the AI actually do?
Two audiences
Who's installing
and why.
Solo developer auditing your own machine, or a founder rolling an<br>audit trail up to the whole team. IAXT fits both — and they care<br>about different things.
For individuals<br>For companies
Peace of mind for
your own machine.
Install the app, go back to coding. IAXT sits in your menu<br>bar, logs every AI agent's activity locally, and surfaces a<br>30-second review screen when you're done.
Catches the accidents (the AI deleted half the repo), flags<br>the rarer intentional exfil (a prompt-injected README<br>triggered a curl -X POST on your SSH key), and<br>stays out of your face the rest of the time.
01
Free to download.<br>No account, no signup, no upsell. Drag-and-drop DMG, launch once, done.
02
Nothing leaves your machine.<br>No telemetry. No analytics. Zero network calls unless you explicitly click Check for Updates. Data sits in ~/Library/Logs/IAXT/, openable with sqlite3, deletable with rm -rf.
03
No noticeable slowdown.<br>Passive observation only — IAXT never blocks, intercepts, or modifies anything. Your agents don't know it exists, and neither will your build times.
Download IAXT for Mac FREE
macOS 13 Ventura or later. Apple Silicon & Intel. ~2 MB.
Download the latest release
Notarized DMG, verified by Apple
The audit trail
due diligence asks for.
Your engineers install IAXT — same app as the individual<br>tier, no extra friction. Once a day, a review summary<br>(not raw logs ) pushes to a central endpoint<br>you control. Your security lead, CTO, or founder sees a<br>per-engineer roll-up.
When a customer's security review, an investor's due<br>diligence, or an acquirer's tech audit asks "how do you<br>manage AI-agent risk?", you open the dashboard. That's the<br>answer. Few teams can show this today, which is why having<br>it now sets you apart in the room.
We use Claude Code, Cursor, and Aider across the team.<br>Every session is logged locally. Review-tier events —<br>persistence mechanisms, credential access, exfiltration<br>patterns — are flagged automatically and rolled up to<br>our security review. Here's last week's report.
— What you tell a customer, investor, or acquirer
01
Frictionless for engineers.<br>Same menu-bar app as the individual tier. Install once, forget. No workflow changes, no IDE plugin, no prompts.
02
Summaries, not raw logs.<br>Only aggregated review data leaves each engineer's machine. Full forensic trail stays local.
03
Self-host or managed.<br>Run the endpoint on your own infra, or let us host it. Design-partner pricing during private beta.
Request beta access
The team endpoint is invite-only while we harden it with<br>founding design partners. Tell us about your team and<br>we'll be in touch.
Request beta access
Or email [email protected]
How it works
Three things
IAXT does quietly.
01 — OBSERVE
Observes every<br>agent action.
Commands run, files created or modified, packages installed, git operations, cron entries, launch agents. Every action attributed to the tool that made it — confirmed, likely, or possible.
02 — FLAG
Flags what's<br>worth reviewing.
A gold stripe for actions that deserve attention — filesystem writes outside the project, unexpected network calls, changes to scheduled tasks. Violet for things simply worth a look.
03 — REPORT
Gives you<br>the full story.
A daily Overview of your AI usage patterns. Session cards, stats, attention items. Because it watches every agent at once, it also becomes a clear picture of how you actually code with AI across all your tools, Claude Code, Cursor, and the rest, not just one. CSV export for team review. Everything local, no telemetry, no cloud.
Use cases
Who reaches for<br>a record like this.
Developers
An impartial observer of what your AI coding<br>agents actually did on your machine. Catch the accidents, and<br>spot the rare action that does not belong, without...