Generate reviewable safety evidence for AI-agent-generated pull requests.
Project description
agent-pr-evidence
Languages: English | 中文
Generate reviewable safety evidence for AI-agent-generated pull requests.
Status
P1 - v0.4.1 production hardening.
Purpose
Move Safe Agent Operations from config scanning into PR review and CI evidence.
First Production Surface
Local CLI and GitHub Action that produce a Markdown/JSON PR evidence packet from a git base/head diff. The GitHub App surface is deferred until the required permissions and real PR samples are available.
Install
From PyPI after publication:
python3 -m pip install xone-agent-pr-evidence
agent-pr-evidence --version
From Homebrew after tap update:
brew install x-one-ai/tap/agent-pr-evidence
agent-pr-evidence --version
From this repository:
python3 -m pip install -e .
agent-pr-evidence --version
Usage
Collect local PR evidence from a git diff:
agent-pr-evidence collect --base origin/main --head HEAD --format markdown
agent-pr-evidence collect --base origin/main --head HEAD --format json --output pr-evidence.json
agent-pr-evidence collect --base origin/main --head HEAD --test-log pytest.log
agent-pr-evidence collect --base origin/main --head HEAD --config .agent-pr-evidence.yml --profile strict
agent-pr-evidence baseline --base origin/main --head HEAD --output agent-pr-evidence-baseline.json
agent-pr-evidence gate --base origin/main --head HEAD --baseline agent-pr-evidence-baseline.json --profile strict
The first production surface is local-first. It does not need GitHub App permissions and does not upload repository data.
Configuration
agent-pr-evidence automatically reads .agent-pr-evidence.yml from the repository root. Use --config to point at another file, and --profile to override the file for a single run.
schema_version: 1
profile: strict
disabled_risk_flags:
- dependency-change
Profiles:
default: lower-noise review evidence for teams adopting the tool.strict: addsmissing-test-evidencewhen no test logs are provided.
Reports include schema_version: agent-pr-evidence.report.v1 so downstream workflow steps can check compatibility before consuming JSON.
Baseline Gate
Use a baseline when adopting the tool in an existing repository. The baseline records known risk flags, then gate fails only when a PR introduces new risk flags that are not already accepted.
agent-pr-evidence baseline --base origin/main --head HEAD --output agent-pr-evidence-baseline.json
agent-pr-evidence gate --base origin/main --head HEAD --baseline agent-pr-evidence-baseline.json --profile strict
Baseline files use schema_version: agent-pr-evidence.baseline.v1.
Rule Boundaries
Rules are backed by a versioned PR fixture corpus under tests/fixtures/pr-corpus. The corpus covers quiet changes, false-positive boundaries, and high-signal risks so rule changes can be reviewed before they affect real teams.
Current boundary examples:
- documentation-only changes stay quiet
- placeholder credentials such as
<your-api-key>stay quiet - real-looking token values still raise
secret-like-content - nested package manifests and lockfiles raise
dependency-change
GitHub Action
Use the Action after actions/checkout with enough history for the base/head diff:
name: Agent PR Evidence
on:
pull_request:
permissions:
contents: read
jobs:
evidence:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: X-One-AI/agent-pr-evidence@v0.4.1
with:
base: ${{ github.event.pull_request.base.sha }}
head: ${{ github.event.pull_request.head.sha }}
output: agent-pr-evidence.md
profile: strict
baseline: agent-pr-evidence-baseline.json
The Action writes the report to GITHUB_STEP_SUMMARY and exposes report-path, summary-json, gate-failed, and new-risk-flags outputs. It does not request write permissions or post PR comments by default.
Required Evidence
- scope summary
- sensitive file changes
- test evidence
- dependency and CI/auth/infra changes
- reviewer checklist
Current Limits
- PR comments are intentionally not posted by default.
- GitHub App permissions are still skipped until real review workflows are available.
- Rule boundaries still need more real PR false-positive and false-negative tuning beyond the public fixture corpus.
Non-Goals
- not a generic code review bot
- not an autonomous merge gate
- not a hosted dashboard in the first version
OPT Operating Model
This project references the shared One Person Team workflow through ops/opt-overlay.md. Project-specific constraints live under ops/constraints, and evolvable local skills live under ops/skills.
Blocked Inputs
Inputs that require user or real-world data are recorded in ../x-one-skipped-inputs.md and should not block foundation work.
Docs
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file xone_agent_pr_evidence-0.4.1.tar.gz.
File metadata
- Download URL: xone_agent_pr_evidence-0.4.1.tar.gz
- Upload date:
- Size: 23.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9dbc882d0e43c289ef8e0bdb9fa1c850e8d58316bbf9b29cf46c3a942bbb2cce
|
|
| MD5 |
58c83076fbb3c22ab47beaed3949be69
|
|
| BLAKE2b-256 |
08be9e908a8d226f5a818042682d94cc97fbffdd12144bcb63e2e1f027fe885b
|
Provenance
The following attestation bundles were made for xone_agent_pr_evidence-0.4.1.tar.gz:
Publisher:
publish.yml on X-One-AI/agent-pr-evidence
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
xone_agent_pr_evidence-0.4.1.tar.gz -
Subject digest:
9dbc882d0e43c289ef8e0bdb9fa1c850e8d58316bbf9b29cf46c3a942bbb2cce - Sigstore transparency entry: 1809090066
- Sigstore integration time:
-
Permalink:
X-One-AI/agent-pr-evidence@1bffafc0db508b28ac22424a509e448dff0b7a0e -
Branch / Tag:
refs/tags/v0.4.1 - Owner: https://github.com/X-One-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@1bffafc0db508b28ac22424a509e448dff0b7a0e -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file xone_agent_pr_evidence-0.4.1-py3-none-any.whl.
File metadata
- Download URL: xone_agent_pr_evidence-0.4.1-py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3dd65d301cbfd6f03e41174365cb4d5da048474980f62bbbb6cb3dd6324646e3
|
|
| MD5 |
cb93aa2737c971a0a8c553475d070883
|
|
| BLAKE2b-256 |
ab77b5ebc38f164d548a9a62e6f47eccb1270bcfa92f8487c625112f7c01f4ae
|
Provenance
The following attestation bundles were made for xone_agent_pr_evidence-0.4.1-py3-none-any.whl:
Publisher:
publish.yml on X-One-AI/agent-pr-evidence
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
xone_agent_pr_evidence-0.4.1-py3-none-any.whl -
Subject digest:
3dd65d301cbfd6f03e41174365cb4d5da048474980f62bbbb6cb3dd6324646e3 - Sigstore transparency entry: 1809090069
- Sigstore integration time:
-
Permalink:
X-One-AI/agent-pr-evidence@1bffafc0db508b28ac22424a509e448dff0b7a0e -
Branch / Tag:
refs/tags/v0.4.1 - Owner: https://github.com/X-One-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@1bffafc0db508b28ac22424a509e448dff0b7a0e -
Trigger Event:
workflow_dispatch
-
Statement type:
