Show HN: CanaryAI v0.2.5 – Security monitoring on Claude Code actions
github.comI've been using Claude Code a lot recently and wanted visibility into security-relevant executions — the kind of thing you may not necessarily catch while the agent is running.
CanaryAI is a macOS menu bar app that monitors Claude Code session logs and alerts on suspicious behaviour: reverse shells, credential file access, LaunchAgent/cron persistence, download-and-execute patterns, shell profile modification. It parses the JSON logs Claude Code writes locally — no interception, no proxying. Alert-only; it never blocks the agent.
All processing is local. Detection rules are YAML so can be expanded on.
> https://github.com/jx887/homebrew-canaryai
Let me know if you have any questions.
No comments yet.