Harpax — Full Documentation

Antivirus for AI.
Full visibility, real-time control.

Harpax monitors every action your AI coding assistant takes — files, commands, network calls — and gives you complete session-by-session visibility with configurable protection.

FOR EVERYONE

Download Harpax

One-click install. Runs quietly in the background. Protects your files and flags anything suspicious — no technical knowledge needed.

Download for Mac / Windows
$9 / month — 14-day free trial, cancel anytime
FOR DEVELOPERS

Install via CLI

Full configuration control. YAML rules, custom detection tiers, webhook alerts, local-only data. Open source, self-hosted option available.

View on GitHub →
git clone github.com/nullevent/harpax && ./install.sh
// QUICK INSTALL
GUI

Download for Mac / Windows

Graphical installer. No terminal, no dependencies. Runs as a background service and launches on startup.

Download Installer
macOS 12+ / Windows 10+ 50 MB disk space
CLI

Install via Terminal

Clone, build, and configure from source. Full access to YAML rules, detection tiers, and export tooling.

git clone github.com/nullevent/harpax && cd harpax && go build ./...
View on GitHub →
Go 1.21+ Claude Code with hooks enabled
// HOW IT WORKS
01
Install
One-click GUI install or git clone for developers. Under two minutes either way.
02
Monitor
Harpax watches every file access, command execution, and network call your AI makes. Real-time.
03
Review
Session summaries, cost tracking, exportable logs. Know what happened and what it cost.
// FULL FEATURE BREAKDOWN
01
Session Visibility
Every AI session is logged with a full timeline of actions — file reads, writes, command executions, and network calls. Browse sessions individually, search by date or severity, and drill into any event for full context. Nothing your AI does goes unrecorded.
02
Real-Time Protection
Two modes. Passive mode logs every action without interference — ideal for auditing. Active mode enforces your rules in real time, blocking critical actions before they execute and warning on anything flagged. Switch between modes with a single config line.
03
Cost Tracking
Every session records token usage and dollar cost. Set warning thresholds to catch runaway sessions before they drain your budget. See cost-per-session, cost-per-day, and cumulative spend over any time range.
04
AI Summaries
After every session, Harpax generates a plain-English summary of what happened, what was flagged, and what was blocked. Export summaries as Markdown, HTML, CSV, or JSON. Feed them into your own tooling or compliance workflows.
05
Multi-Channel Alerts
Get notified the moment something important happens. Desktop notifications out of the box. Configure webhooks for Slack, Discord, email, or any HTTP endpoint. Filter alert triggers by severity so you only hear about what matters.
06
Stays Local
Zero telemetry. Zero cloud dependency. All session data lives in ~/.harpax on your machine. No API calls home, no usage tracking, no data sharing. Export or delete your data anytime — you own it completely.
// THREE-TIER DETECTION ENGINE
T1

Pattern Matching <1ms

Fast regex-based detection against known threat signatures. Catches credential access, dangerous shell commands, suspicious file patterns, and known exfiltration vectors. On by default, no setup required. Rules are defined in YAML and fully customizable.

T2

Semantic Similarity 10–50ms

AI embedding-based detection catches paraphrased and obfuscated attacks that regex misses. Compares AI actions against a library of known-bad patterns using vector similarity. Runs locally — no API calls.

Requires a one-time ~100MB model download. Disabled by default. See ADVANCED.md on GitHub
T3

LLM Analysis Roadmap

Full LLM-powered threat analysis for sophisticated, context-dependent edge cases. Will route flagged sessions through an LLM for deeper reasoning about intent and risk. Requires an API key. Coming soon.

// ACTIVE MODE CONFIG
protection.modeactive
severity.criticalblock
severity.highwarn
severity.mediumlog
tier2.enabledtrue
tier2.model_path~/.harpax/models/
cost.warning_threshold$5.00
retention.max_age_days30
// CONFIGURATION EXAMPLES
// basic.yaml
protection.modepassive
severity.criticalwarn
tier2.enabledfalse
retention.max_age_days30
// hardened.yaml
protection.modeactive
severity.criticalblock
severity.highwarn
tier2.enabledtrue
cost.warning_threshold$2.00
// optimized.yaml
protection.modeactive
severity.criticalblock
tier2.enabledfalse
retention.max_age_days7
cost.warning_threshold$5.00
// CLI COMMANDS
harpax start Start monitoring the current session
harpax stop Stop monitoring
harpax show [session_id] Display session details
harpax list List recent sessions
harpax export [session_id] Export session (json/csv/md)
harpax config Show current configuration
harpax rules List active detection rules

Start protecting your AI sessions today.

14-day free trial. No credit card required. Works in under two minutes.

Download Harpax — Free Trial CLI on GitHub →