agent-audit-logger-mcp

v1.1.2 safe
1.0
Low Risk

Hash-chained HMAC-signed audit log MCP for A2A (agent-to-agent) calls. Every tool-call, agent-handoff, decision gets a tamper-evident signed record. EU AI Act Art 12 automatic logs, DORA Art 17 ICT incident logs, ISO 42001 clause 9 monitoring — auditor-ready end-of-day attestations. By MEOK AI Labs.

🤖 AI Analysis

Final verdict: SAFE

The package shows no signs of malicious activity based on the provided analysis notes. It does not engage in network calls, shell executions, obfuscations, or credential harvesting.

  • No network calls detected
  • No shell execution patterns detected
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external communication for its functionality.
  • Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: meok.ai>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-audit-logger-mcp 
Create a simple yet robust application that monitors and logs interactions between different agents within a simulated environment, ensuring compliance with regulatory requirements such as the EU AI Act, DORA, and ISO standards. Your task is to develop an application that records every interaction between agents, including tool calls, handoffs, and decisions, and ensures these records are tamper-evident and signed using HMAC. This will serve as a critical component for auditing purposes and maintaining transparency in agent-to-agent communications.

### Key Features:
1. **Agent Interaction Logging**: Implement a system where each time an agent interacts with another (e.g., calling a tool, handing off tasks), a record is created. These records must include timestamps, details of the interaction, and the identities of the involved agents.
2. **HMAC Signing and Hash-Chaining**: Utilize the 'agent-audit-logger-mcp' package to ensure all interaction logs are HMAC-signed and hash-chained, providing tamper-evidence and non-repudiation.
3. **Compliance Reporting**: Develop a feature that generates daily reports summarizing all logged interactions, formatted according to compliance requirements specified by the EU AI Act, DORA, and ISO 42001 clause 9.
4. **User Interface**: Create a basic UI that allows users to view logs, search through them based on various criteria (such as date range, agent ID, etc.), and download compliance reports.
5. **Security Measures**: Ensure the application includes robust security measures to protect the integrity and confidentiality of the logged data.

### Implementation Steps:
1. **Setup Environment**: Begin by setting up your Python development environment. Install the necessary packages, including 'agent-audit-logger-mcp'.
2. **Design Data Models**: Define data models for agents, tools, and interaction logs, ensuring they capture all necessary information for logging and reporting.
3. **Implement Interaction Logging**: Write functions to handle agent interactions, utilizing 'agent-audit-logger-mcp' to generate and sign logs.
4. **Develop Compliance Reports**: Use the logged data to generate daily reports that comply with regulatory standards.
5. **Build User Interface**: Develop a simple web-based UI using a framework like Flask or Django to allow users to interact with the logged data.
6. **Testing and Validation**: Thoroughly test the application to ensure it meets all specified requirements, particularly focusing on the integrity and compliance of the logs.
7. **Documentation**: Provide comprehensive documentation detailing how to use the application, including setup instructions and API references.