Show HN: IAXT – macOS menu-bar app that records what AI coding agents do

laurencoral1 pts0 comments

IAXT: AI you can trust. | Audit AI coding agents on macOS

Intelligent Agent eXecution Tracker (IAXT)

See what your AI coding

agent actually did.

IAXT is a quiet menu-bar app that records what Claude Code, Cursor, Aider, Codex, and Copilot

actually do on your Mac: commands run, files changed, packages installed, git operations, launch agents.

No blocking. No workflow changes. No cloud upload for individuals. Just a<br>local audit trail you can review after the coding session ends.

Get IAXT

How it works

The thesis

AI coding agents run commands and change files on your machine, with<br>broad permissions and at high speed.

Two things make that hard to keep up with.<br>Fatigue: over a long session the permission dialogs<br>blur into an illusion of control, and most of us click through.<br>Prompt injection: attackers now hide instructions for<br>the AI inside ordinary text, and the attacks keep getting more frequent<br>and more sophisticated.

IAXT doesn't block. IAXT doesn't restrict. IAXT watches, attributes, and<br>remembers, so whether it was a tired click or a hidden instruction, you<br>can answer the question most teams can't answer today:<br>what did the AI actually do?

Two audiences

Who's installing

and why.

Solo developer auditing your own machine, or a founder rolling an<br>audit trail up to the whole team. IAXT fits both — and they care<br>about different things.

For individuals<br>For companies

Peace of mind for

your own machine.

Install the app, go back to coding. IAXT sits in your menu<br>bar, logs every AI agent's activity locally, and surfaces a<br>30-second review screen when you're done.

Catches the accidents (the AI deleted half the repo), flags<br>the rarer intentional exfil (a prompt-injected README<br>triggered a curl -X POST on your SSH key), and<br>stays out of your face the rest of the time.

01

Free to download.<br>No account, no signup, no upsell. Drag-and-drop DMG, launch once, done.

02

Nothing leaves your machine.<br>No telemetry. No analytics. Zero network calls unless you explicitly click Check for Updates. Data sits in ~/Library/Logs/IAXT/, openable with sqlite3, deletable with rm -rf.

03

No noticeable slowdown.<br>Passive observation only — IAXT never blocks, intercepts, or modifies anything. Your agents don't know it exists, and neither will your build times.

Download IAXT for Mac FREE

macOS 13 Ventura or later. Apple Silicon & Intel. ~2 MB.

Download the latest release

Notarized DMG, verified by Apple

The audit trail

due diligence asks for.

Your engineers install IAXT — same app as the individual<br>tier, no extra friction. Once a day, a review summary<br>(not raw logs ) pushes to a central endpoint<br>you control. Your security lead, CTO, or founder sees a<br>per-engineer roll-up.

When a customer's security review, an investor's due<br>diligence, or an acquirer's tech audit asks "how do you<br>manage AI-agent risk?", you open the dashboard. That's the<br>answer. Few teams can show this today, which is why having<br>it now sets you apart in the room.

We use Claude Code, Cursor, and Aider across the team.<br>Every session is logged locally. Review-tier events —<br>persistence mechanisms, credential access, exfiltration<br>patterns — are flagged automatically and rolled up to<br>our security review. Here's last week's report.

— What you tell a customer, investor, or acquirer

01

Frictionless for engineers.<br>Same menu-bar app as the individual tier. Install once, forget. No workflow changes, no IDE plugin, no prompts.

02

Summaries, not raw logs.<br>Only aggregated review data leaves each engineer's machine. Full forensic trail stays local.

03

Self-host or managed.<br>Run the endpoint on your own infra, or let us host it. Design-partner pricing during private beta.

Request beta access

The team endpoint is invite-only while we harden it with<br>founding design partners. Tell us about your team and<br>we'll be in touch.

Request beta access

Or email [email protected]

How it works

Three things

IAXT does quietly.

01 — OBSERVE

Observes every<br>agent action.

Commands run, files created or modified, packages installed, git operations, cron entries, launch agents. Every action attributed to the tool that made it — confirmed, likely, or possible.

02 — FLAG

Flags what's<br>worth reviewing.

A gold stripe for actions that deserve attention — filesystem writes outside the project, unexpected network calls, changes to scheduled tasks. Violet for things simply worth a look.

03 — REPORT

Gives you<br>the full story.

A daily Overview of your AI usage patterns. Session cards, stats, attention items. Because it watches every agent at once, it also becomes a clear picture of how you actually code with AI across all your tools, Claude Code, Cursor, and the rest, not just one. CSV export for team review. Everything local, no telemetry, no cloud.

Use cases

Who reaches for<br>a record like this.

Developers

An impartial observer of what your AI coding<br>agents actually did on your machine. Catch the accidents, and<br>spot the rare action that does not belong, without...

iaxt review coding agents agent machine

Related Articles