Skill Detail
Review risky coding-agent sessions with local action logs using Gryph
Capture and inspect file reads, writes, and shell activity from coding agents so developers can audit what actually happened after a session goes sideways.
Security & VerificationMulti-Framework
Security & Verification
Multi-Framework
Published
β 105 GitHub stars
β¬ 55/wk npm
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill review-risky-coding-agent-sessions-with-local-action-logs-using-gryph
Works best when you want a reusable capability, not another fragile one-off prompt.
At a glance
Tools required
Supported coding agent client, local SQLite storage
Install & setup
Install Gryph with the project install script, Homebrew, npm, or Go, then run `gryph install` to hook detected agents and use `gryph logs`, `gryph query`, or `gryph session <id>` to inspect captured activity.
Author
safedep
Publisher
Organization
Last updated
Apr 18, 2026
Quick brief
Use Gryph when a coding-agent session touched too much, failed unexpectedly, or needs a security review, and you want a local audit trail of file access, writes, and command execution. Invoke it instead of using the agent normally when the task is post-session review, querying, and export of agent actions across supported clients, not generic endpoint security or a broad agent platform. The boundary is the action-audit workflow itself: Gryph installs hooks, records events locally, and lets operators inspect what the agent did.