aiglare
Run an audit
AI governance · static analysis · CI gate

Lint your AI features for governance guardrails.

Point aiglare at any JS/TS repo. It finds every place an LLM output reaches a user or triggers a side-effect — payment, booking, email, DB write — then flags which have no confidence handling, no fallback, no validation, and no human-in-the-loop.

Run an audit View on GitHub
$ npx @nugehs/aiglare ./src --ci
aiglare ./src

scanned 38 files · 3 AI surfaces · 1 blocking

routes/checkout.ts:42 side-effectful

confidence human-in-loop validation

api/summarize.ts:18 user-facing

confidence fallback validation

jobs/autotag.ts:7 internal

all guardrails present

✗ CI gate failed — 1 red side-effectful surface

Most AI incidents aren't model failures. They're governance failures — the output flowed straight to a user or an irreversible action with nothing in between.

aiglare makes those paths visible, and lets you block the dangerous ones in CI before they ship.

How it works

Scan, classify, score, gate

A static pass over your code — no runtime, no keys, no data leaving the repo. Run it locally or wire it into CI.

1

Scan

Finds every AI/LLM call site with a provider-agnostic registry — no config, no annotations. Raw fetch/axios to inference hosts count too.

2

Classify by sink

Traces where each output goes: returned to a user, feeding a side-effect, or internal-only. The sink decides how much the risk matters.

3

Score guardrails

Checks five governance dimensions per surface and rolls them into a red / amber / green severity you can read at a glance.

4

Gate in CI

--ci fails the build only on red side-effectful surfaces — the irreversible-action case — so you adopt it without warning fatigue.

Sinks

Where the output goes decides the risk

Every AI surface is classified by sink. A model writing a log line is not the same as a model issuing a refund.

user-facing

Returned from a route or controller, or rendered in a component. The model is talking directly to a person.

side-effectful

Feeds a payment, booking, email, database/file write, or shell. The model can trigger something irreversible.

internal

Logged or cached only. Lowest blast radius — flagged for awareness, never blocks your build.

Guardrails

Five dimensions, scored per surface

Each surface is checked on five governance signals. Full coverage is green; a side-effect with none is red.

  1. 01

    Confidence handling

    Does the code read and act on a confidence / probability signal before trusting the output?

  2. 02

    Fallback path

    Is there an uncertain-or-failed branch — a default, a retry, a safe no-op — when the model is unsure?

  3. 03

    Output validation

    Is the output schema-checked, parsed, or constrained before it's used downstream?

  4. 04

    Human-in-the-loop

    For side-effects: does a person confirm before the irreversible action fires?

  5. 05

    Error isolation

    Is the call wrapped so a model failure can't take down the surrounding request?

A severity you can adopt

The CI gate fails only on red side-effectful surfaces — the "AI auto-triggers an irreversible action with no confirmation" case. Safe to turn on today without drowning a team in warnings.

red · review now amber · partial green · covered
ci 
$ npx @nugehs/aiglare ./src --ci

scanning…  3 surfaces, 1 blocking
✗ red  routes/checkout.ts:42  side-effectful
────────────────────────────────────
exit 1 · build blocked

Provider-agnostic

It already knows your stack

Detection is driven by a provider registry — SDKs and raw inference calls alike. Adding a provider is a one-line PR.

OpenAI
Anthropic
Google
Cohere
Mistral
Replicate
Vercel AI SDK
LangChain
LangGraph
Ollama
AWS Bedrock
Cloudflare Workers AI
Hugging Face
fetch / axios

MCP server

Let your agents run the audit

aiglare ships a built-in Model Context Protocol server — no SDK dependency. Three tools, wired straight into your agent host.

ai_surface_audit

Full audit of a repo → the same structured report as --json.

ai_surface_gate

CI-gate verdict: passed + count of blocking red side-effectful surfaces.

list_providers

The provider registry the scanner detects.

claude_desktop_config.json 
{
  "mcpServers": {
    "aiglare": {
      "command": "npx",
      "args": ["-y", "@nugehs/aiglare", "mcp"]
    }
  }
}

⚡ Optional: repoctx acceleration

If a repoctx index is present, aiglare uses it to sharpen sink classification with real kind/domain data. Same tool, two fidelity levels — standalone for everyone, richer for repoctx users.

Honest limitations

It's a linter, not a verifier.

This is static, advisory analysis. It produces false positives (a guardrail two call-hops away can be missed) and false negatives (a confidence variable that doesn't actually gate anything reads as present). Treat the output as surfaces to review, not violations. The repoctx adapter exists precisely to close the call-graph gap.

See your AI surfaces in one command

No install, no config, no keys. Run it on any JS/TS repo right now.

$ npx @nugehs/aiglare # audit current repo
$ npx @nugehs/aiglare ./src --ci # fail the build on red
Star on GitHub View on npm