Prompt turns
Correlated by session and message, so every model call is traceable back to its context.
Runtime security layer
Every prompt turn, shell command, and file read/write is tracked locally. Risky operations get flagged, policy decisions get enforced before execution, and secrets are scrubbed from storage automatically — so you keep control while the agent works.
Correlated by session and message, so every model call is traceable back to its context.
What ran, when, and against what — with risk flags for destructive strings and sensitive paths.
Filesystem touchpoints logged, including writes checked against policy before they land on disk.
Automatic detection of sensitive paths and risky shell patterns before anything executes.
CyxWatch guards the boundary between what the agent sees and what gets persisted to memory.
Memory writes pass through a firewall layer that scans for API keys, JWTs, passwords, and tokens.
Matches are scrubbed automatically before storage. The audit log is stripped of secrets too.
Only sanitized context reaches .cyxcode/memory/ — recall, dream, and graph stay clean.
| Decision | What happens |
|---|---|
| auto-approve | Matching operation runs with no prompt. |
| require-approval | Normal permission prompt is shown. |
| block | Tool call stops before it executes. Hard blocks also guard low-level wrappers — destructive process-wrapper commands are caught pre-spawn, filesystem writes pre-write. |
$ cyxcode watch recent # recent telemetry
$ cyxcode watch report # observability report
$ cyxcode watch alerts # alert history
$ cyxcode watch policy # saved project policy rules
$ cyxcode watch policy --effective # include defaults
$ cyxcode watch report --json --period 30d
Or open the dashboard at /dashboard/security when running cyxcode web.
Full usage guide ↗
CyxWatch ships with CyxCode. No extra install, no external service.