Audit Command Wrapper
non-blocking stable
PostToolUse hook that records every wrapped command invocation (git, gh, etc.) to the audit log. Makes the appearance side of the audit trail reliable — absence of an audit line for an expected command is itself visible during forensic review. Records WRAPPED_CMD, WRAPPED_ARGV, WRAPPED_EXIT, and WRAPPED_DURATION.
ai hooks run audit-command
Event
PostToolUse Language python Trigger always Side effects - appends invocation record to ~/.ai/audit/interactions/<YYYY-MM>.jsonl
linuxmacoswindows Logic is cross-platform. Wiring: use 'ai hooks run audit-command' in settings.json — the ai binary discovers Python on each OS. Reads env vars WRAPPED_CMD etc. — set by the ai command wrappers on all platforms.
auditlogginggovernancecommandsclaude-code
Attribution: convergent-systems-key.