Search, guardrails, receipts and compliance — four offline Rust binaries, no model downloads, no cloud, no telemetry. Plus ContextForge, the formally-verified safety layer for multi-agent LLM pipelines — 0/1,210 INV-15 violations, Z3-proved in 10.08 ms.
npx @apohara/codesearch-mcp
Four focused Rust binaries — each ships and stands alone.
Parses Bash structure instead of grepping strings, so variable-aliased, base64 and compound destructive commands don't slip past. Then a seccomp + Landlock sandbox confines what runs.
$ /plugin install apohara-agentguardHybrid BM25 + vector search your agent calls over MCP. One binary, no embedding model to download, no vector database — state lives in one SQLite file. Fully offline.
$ npx @apohara/codesearch-mcpSeals any file into a verifiable .seal.json receipt — HMAC, Ed25519, C2PA. Verify offline; flip one byte and verify exits non-zero. Evidence, never a hardcoded verdict.
$ cargo install apohara-sealchainMaps your agent's observed actions to OWASP-Agentic, NIST and ISO controls — candidate findings with citations for a human to confirm. SARIF output, CI-ready.
$ cargo install apohara-complianceDifferent category, same rule — claim only what a machine can check.
Share the KV-cache to make agents affordable — without silently corrupting the judge. When a critic reuses attention from a prior ranking, its verdict drifts and accuracy elsewhere still looks fine. INV-15 forces judge-class agents back to dense prefill when reuse risk crosses threshold, and every decision lands in a tamper-evident ledger.
$ pip install apohara-context-forgeApohara is built on one rule: claim only what the code can back. Every tool ships its benchmark, its threat model, and an honest scorecard of where it stops. Better to under-promise and let the code earn the trust.