Local-only CLI and GitHub Action that audits Cursor / Claude Code / Codex session transcripts for risky agent runtime behavior — credential reads, curl|sh, unknown MCP servers, scope escapes.
Drift inferred · capture-to-capture
No drift recorded — single capability capture; advisories appear once its surface changes.
transport — counts 0 tools · 0 res
· 0 prompts
permission surface via README inference
no tools enumerated yet for this server.
evidence-backed
findings quoted directly from the published source artifact — not inferred
this server hasn't been statically analyzed yet (npm/PyPI artifacts only).