Tribunal
Sign inStart free
v3 · governance layer for coding agents

One audit log.
Every coding agent.

Tribunal records every prompt, tool call, and dollar spent by your AI coding agents — Claude Code, Cursor, Copilot CLI, Codex CLI — then runs a policy engine and prompt-injection scanner on top. Local-first. MIT licensed. SOC2-ready when you need it.

Start freeRead the docs
$ pipx install tribunal && tribunal init
Records:claude-codecursorcopilot-clicodex-cli+ anything that speaks the event spec

The governance layer the agent vendors won't build for you.

Every coding agent ships its own log, its own dashboard, its own cost view. Tribunal is the one place that watches all of them.

One audit log

Every agent emits the same event schema (v1) — prompt, tool call, file edit, command, cost. Search across Claude Code and Cursor in one timeline.

Policy engine

YAML rules with allow / warn / ask / deny. Block writes to .env, prod terraform, or anything matching your regex. Shipped packs: secrets-readonly, no-prod-writes, soc2-baseline.

Prompt-injection scanner

Six regex families plus bidi/zero-width detection runs on every prompt and tool input. Surfaces severity-tagged alerts in real time.

Cost telemetry

Tokens in, tokens out, dollars spent — per agent, per session, per user. Hard caps with Slack alerts when an agent goes off the rails.

Local-first

Daemon runs on localhost:8088. Your events live in SQLite first. Ship to the cloud dashboard when you want a team view — never required.

SOC2-ready

Immutable event log, role-based access, retention controls, signed exports. Compliance plan includes SAML/OIDC and a customer-managed key option.

Four commands, one timeline.

  1. 01

    Install the daemon

    pipx install tribunal && tribunal init. A local FastAPI daemon listens on :8088 and writes an append-only SQLite log.

  2. 02

    Wire your agents

    tribunal adapter claude-code · cursor · copilot-cli · codex-cli. Each adapter normalises that agent's hooks into the v1 event schema.

  3. 03

    Author policy

    Drop a YAML pack into ~/.tribunal/policies/, or enable a shipped pack. Rules fire on every event; deny is enforced before the tool runs.

  4. 04

    Ship to the cloud (optional)

    Set TRIBUNAL_INGEST_TOKEN and the daemon batches events to a Cloudflare Worker. The dashboard at app.tribunal.dev gives the org a single pane of glass.

Honest pricing. Bootstrapped roadmap.

No usage meter on the OSS tier. No surprises on the paid tier.

OSS

$0forever

Full CLI, local dashboard, every adapter, every shipped policy pack. MIT licensed.

GitHub

Team

$19per seat / month

Hosted dashboard, team policies, Slack alerts, 90 day retention, GitHub SSO.

Start free trial

Compliance

$2,500flat / month, up to 100 seats

SAML/OIDC SSO, customer-managed keys, immutable audit export, dedicated support.

Subscribe now

Full pricing comparison →