insa-its 4.9.1

Open-core multi-LLM communication monitoring, hallucination detection & deciphering for agent systems

InsAIts — Runtime Security for Multi-Agent AI

See what your agents actually do. Stop the bad stuff before it ships. Open-core. 100% local.

Open-core, not open-source. This SDK + the MCP server are Apache-2.0. The live dashboard, tamper-evident evidence chain, and 9 additional detectors ship under a separate paid tier (14-day full trial). If you pip install insa-its and expect the dashboard, you'll be disappointed — that's the licensed download. The numbers in the badges are honest, the licensing label is honest.

Latest demo • Dashboard walkthrough • Website

---

The problem

AI-to-AI communication is a blind spot. Microsoft, CrowdStrike and Cisco can see that an agent exists; they cannot see inside a spawn chain. When an agent spawns a subagent that spawns another subagent, the behaviour at every depth is invisible to every enterprise monitoring tool on the market.

Meanwhile, agent-to-agent interactions fail silently. Hallucinations propagate as "facts." Agents invent citations. Sensitive data leaks into tool chains. Meaning drifts across messages. Tool descriptions change between discovery and invocation. The agents nobody watches are the agents that cause the most damage.

InsAIts makes this visible and acts on it.

---

What it does

A runtime security layer that plugs into your agent stack. It observes every message and every tool call, detects a wide class of multi-agent failures and attacks, and can actively intervene — blocking, quarantining, rerouting, or escalating to a human operator.

• Full spawn-tree visibility — every agent, every subagent, every tool call. Attribution down to the exact caller. No blind spots.
• OWASP-mapped runtime coverage — 10/10 OWASP MCP Top 10 categories, 8/10+ OWASP Agentic AI Top 10. 41 mapped anomaly types. CVE references.
• Active protection, not just alerting — critical anomalies can be quarantined, rerouted, or escalated. Configurable per severity.
• 100% local by default — agent traffic never leaves the box. No cloud round-trips. Audit logs store hashes, not raw content. GDPR-aligned.
• Tamper-evident audit trail — SHA-256 hash-chained, verifiable on demand.
• Live dashboard — real-time threat score, agent intelligence, anomaly stream, circuit-breaker grid (paid tier).
• Drop-in integrations — LangChain, CrewAI, LangGraph, AutoGen / ag2, Slack, Notion, Airtable, Webhook, File. Editors via MCP server (Claude Code, Cline, Cursor, Windsurf, Codex, Aider, Continue.dev, Kiro).

---

Install

pip install insa-its[full]

[full] adds optional embeddings + graph + TUI dashboard extras. Either install variant exposes the MCP server.

MCP server quick start (Claude Code / Cline / Cursor / etc.)

{
  "mcpServers": {
    "insaits": {
      "command": "python",
      "args": ["-m", "insa_its.mcp.server"],
      "env": {
        "INSAITS_PROJECT": "<your project>",
        "INSAITS_MODEL": "claude-opus",
        "INSAITS_AUDIT_DIR": "~/.insaits/audit",
        "INSAITS_LICENSE_KEY": ""
      }
    }
  }
}

The four MCP tools exposed: insaits_check (quality gate), insaits_preflight (ambiguity detection), insaits_session_stats, insaits_alert.

Smoke test: python -m insa_its.mcp.server --demo.

Full LLM-friendly install guide: llms-install.md at the monorepo root.

Three-line Python integration

from insa_its import insAItsMonitor

monitor = insAItsMonitor()
result = monitor.send_message(
    text=agent_response,
    sender_id="OrderBot",
    receiver_id="InventoryBot",
    llm_id="gpt-4o",
)

That's the whole public surface you need to start. The rest is configured via the dashboard or .insaits_config.json — no code changes required.

---

What you get (honest open-core split)

Capability	pip install insa-its (Apache-2.0)	Paid tier (proprietary)
Anomaly detectors	21	+ 9 more
Framework integrations	9	—
MCP server tools	4	—
Local audit log	✅	✅
Tamper-evident SHA-256 evidence chain	—	✅
Live HTTP dashboard (http://localhost:5001)	—	✅
Collector HTTP API (http://localhost:5003, 27 endpoints)	—	✅
RABE forensic export	—	✅
Inter-session dialog bus + session vault	—	✅
Threat-Readiness Score (TRS)	—	✅
OWASP MCP Top 10 coverage	9/10	10/10

30 detectors total. 9 integrations. 27-endpoint API. 2,500+ tests passing.

---

Coverage

OWASP MCP Top 10: 10/10 categories with primary detectors (MCP01–MCP10 — MCP07 via architectural daemon-token authentication). OWASP Agentic AI Top 10: 8/10+ confirmed (ASI01–03, ASI06–10). 41 mapped anomaly_type → OWASP code entries. 5 explicit CVE references. Single source of truth: services/owasp_mappings.py in the API monorepo.

---

Pricing

14-day full-feature trial. No card required. Then:

Tier	Monthly	Lifetime	Get
Starter	€10	€99	Buy €10/mo · Lifetime €99
Pro	€49	€299	Buy €49/mo · Lifetime €299
Enterprise	from €200	custom	info@yuyai.pro

Starter unlocks: full detection + reliability gates + session vault + dashboard. Pro adds: advanced context engineering, inter-session dialog, RABE forensic export, Decipher engine, priority support. Enterprise adds: SOC2-ready audit export, multi-seat, white-label, dedicated support.

export INSAITS_LICENSE_KEY="insaits_live_..."

Passive mode

When the trial lapses and no key is set, detection still runs and anomalies still surface. What unlocks with a paid key is active intervention — the corrective signals the layer sends back to your agents. You always see everything InsAIts catches.

---

For AI agents (machine-readable surface)

• MCP Registry manifest: server.json at the monorepo root (schema 2025-12-11). Namespace io.github.Nomadu27/insaits.
• Agent manifest: AGENT_MANIFEST.json — version, pricing, capabilities, OWASP coverage, install command.
• Collector OpenAPI 3.1: docs/openapi-collector.yaml — 27 endpoints with full schemas.
• Per-framework integration docs: docs/integrations.md.
• Canonical numbers: FEATURE_INVENTORY.md. Always cite this file before claiming a number elsewhere.

---

Live dashboard (paid tier)

The web dashboard renders in real time on http://localhost:5001:

• Session threat score with stage label (safe → watch → alert → isolate)
• Live anomaly stream with severity colour coding
• Per-agent intelligence and trust scores
• Circuit-breaker grid for blocked agents
• OWASP alignment panel
• Tool-call inspector with full spawn-tree drill-down
• Token-usage panel with cost estimates

A companion terminal dashboard ships in the SDK extras:

pip install insa-its[dashboard]
insaits-tui

---

Audit & compliance

• Hash-chained audit log — SHA-256 per entry, verifiable integrity.
• Prometheus metrics endpoint for existing monitoring stacks.
• RABE forensic export of rogue agent behaviour — timeline, intent, threat score.
• SOC2-ready evidence chain (Pro / Enterprise).
• 100% local processing. Audit logs store hashes, never raw content. API keys hashed before storage. GDPR-aligned by default.

---

Integrations

LangChain · CrewAI · LangGraph · AutoGen / ag2 · Slack · Notion · Airtable · Webhook · File. Editor-level (Claude Code, Cline, Cursor, Windsurf, Codex, Aider, Continue.dev, Kiro) via the MCP server.

Per-integration usage and code snippets: docs/integrations.md at the monorepo root.

---

Architecture (high-level)

Your multi-agent system
        │
        ▼
┌─────────────────────────┐
│   InsAIts runtime layer │   ← detection, intervention, circuit-breakers
└─────────────────────────┘
        │
        ├── MCP server (stdio)               — open-core (in this wheel)
        ├── local audit log                  — open-core (in this wheel)
        ├── collector HTTP API (port 5003)   — paid tier (separate licensed download)
        ├── live dashboard (port 5001)       — paid tier
        └── tamper-evident evidence chain    — paid tier

The collector + dashboard files (insaits_collector.py, insaits_web_dashboard.py) live at the InsAIts.API monorepo root and are NOT shipped in the PyPI wheel. The console scripts insaits-collector / insaits-dashboard registered by setup.py look for those files at runtime — pip-only users see a friendly FileNotFoundError telling them to install the full package. This is by design.

---

Who uses InsAIts

Three customer types matching three pricing tiers:

• Solo developer using Claude Code / Cline / Cursor → Starter €10/mo. "Catch agent mistakes before they compound. Resume briefs after context compaction. pip install insa-its."
• Dev team using multiple AI coding assistants → Pro €49/mo. "Trace which tool call introduced a bug. Audit trails your team can review."
• Company deploying autonomous agents in production (LangChain / CrewAI / LangGraph / AutoGen) → Enterprise from €200/mo. "Detect and intervene in real time when an agent goes rogue. Zero cloud dependency."

Future Type 4: companies whose AI procurement agents evaluate and buy SaaS autonomously — InsAIts is the guardian watching those buyer-agents.

---

Measured results

Active intervention is only worth running if the corrective signals InsAIts injects save more tokens than they cost. Target: every 1 token in saves 10–50 tokens back (avoiding redundant re-reads, premature-done loops, unverified-fact spirals). The dashboard surfaces the per-session ratio; the evidence chain makes it auditable. If your ratio drops below 1, the product ships passive mode out of the box. Honesty about its own cost.

---

Use cases by industry

Industry	What InsAIts catches
E-commerce	Order bots losing context mid-transaction
Customer service	Agents developing incomprehensible shorthand
Finance	Analysis pipelines hallucinating metrics between agents
Healthcare	Multi-agent decisions where errors have consequences
Research	Fabricated citations, phantom papers
Legal	AI-generated documents with ungrounded references
Security	Red-team AI exercises, exfiltration attempts, compliance
DevOps	Claude Code / Copilot tool calls in CI/CD pipelines

---

What's new

Each release focuses on a specific reliability or cost axis. The most recent work targeted token efficiency under long multi-agent runs, plus a Wave-3 audit pass on collector / dashboard / launcher reliability (16 fixes + 2 follow-ups, ~80 new tests). Full notes on the releases page.

---

Documentation & support

• LLM-friendly install: llms-install.md
• Integrations: docs/integrations.md
• Collector OpenAPI: docs/openapi-collector.yaml
• Live API reference: https://insaits-api.onrender.com/docs
• Privacy policy: PRIVACY_POLICY.md
• Email: info@yuyai.pro
• Issues: GitHub Issues
• API status: https://insaits-api.onrender.com

---

License

Open-core model.

• SDK (this wheel) — Apache License 2.0. Free to use, modify, redistribute.
• Proprietary components (collector + dashboard + 9 paid-tier detectors) — separate proprietary license, gated by license key, distributed via the licensed download.

---

InsAIts — Runtime security monitor for AI agents.
30 detectors · 9 integrations · 4 MCP tools · 27-endpoint collector API · OWASP MCP 10/10 + Agentic 8/10 · 2,500+ tests · 100% local · 14-day trial
Starter €10/mo · Pro €49/mo · Lifetime from €99 · Enterprise custom
Contact: info@yuyai.pro