The open-source trust infrastructure for autonomous AI agents. Record. Replay. Enforce. Audit. With post-quantum signed evidence.

On August 2, 2026, EU AI Act enforcement begins. Fines reach €35M or 7% of global annual turnover. Every AI agent in production needs three things regulators will ask for:

1. Proof the code is built to standard — before it ships
2. Control over what agents are allowed to do — at runtime
3. A tamper-evident record of what they actually did — that survives the arrival of quantum computers

AIR Blackbox is seven open-source packages that compose. Install one. Install all of them. Same keys, same signatures, same evidence format across the entire stack.

         ┌──────────────────────────────────────────────────┐
         │              YOUR AI AGENT                       │
         │  (OpenAI · Anthropic · LangChain · CrewAI · …)   │
         └───────────────────────┬──────────────────────────┘
                                 │
              ┌──────────────────┼──────────────────┐
              │                  │                  │
              ▼                  ▼                  ▼
      ┌───────────────┐  ┌───────────────┐  ┌───────────────┐
      │  air-blackbox │  │     Gate      │  │   air-gate    │
      │  scan + CLI   │  │ covenants +   │  │ human-in-the- │
      │  51+ checks   │  │  receipts     │  │ loop + PII    │
      └───────┬───────┘  └───────┬───────┘  └───────┬───────┘
              │                  │                  │
              └──────────────────┼──────────────────┘
                                 ▼
                         ┌───────────────┐
                         │   air-trust   │
                         │  HMAC + Ed25519 + ML-DSA-65 │
                         └───────┬───────┘
                                 ▼
                         ┌───────────────┐
                         │   .air-evidence  │
                         │  self-verifying  │
                         │   audit bundle   │
                         └───────────────┘

airblackbox · Start here EU AI Act scanner (51+ checks across Articles 9–15), audit gateway, Gate policy engine with bilateral receipts. The flight recorder and the brain. pip install air-blackbox

air-trust Cryptographic primitives. HMAC-SHA256 audit chains, Ed25519 signed handoffs, ML-DSA-65 post-quantum signatures (FIPS 204). Every signing operation across the stack routes through here. pip install air-trust

air-gate Human-in-the-loop tool gating with Slack approvals, PII redaction across 25+ categories (HIPAA, PCI-DSS, GDPR), and framework wrappers for LangChain and OpenAI function tools. Runs as a library or FastAPI server. pip install air-gate

air-platform Full stack in one command. Docker Compose starts Gateway + Episode Store + Policy Engine + Jaeger + Prometheus in ~8 seconds. git clone && make up

air-controls · air-controls-mcp Policy controls runtime and its MCP server. Expose AIR's governance primitives to any MCP-compatible client.

air-blackbox-mcp MCP server with 10 tools. Works with Claude Desktop, Cursor, Claude Code, or any MCP client. scan_code, classify_risk, check_injection, suggest_fix, and more.

air-blackbox-plugin Claude Code plugin. Four slash commands (/air-discover, /air-comply, /air-replay, /air-export) plus a skill that teaches Claude Code how to interpret scan output against specific EU AI Act articles.

/plugin marketplace add airblackbox/air-blackbox-plugin
/plugin install air-blackbox@air-blackbox

otel-collector-genai OpenTelemetry Collector processor for GenAI workloads. Redact prompts, detect loops, emit compliance metrics. Drop it into any existing OTel pipeline.

otel-prompt-vault Content-addressed vault for prompts and completions. Traces reference content by hash — sensitive data never hits your observability backend.

I want to scan my Python AI code right now.

pip install air-blackbox
air-blackbox comply --scan . -v

I want to add an audit gateway in front of my existing OpenAI calls.

client = OpenAI(
    base_url="http://localhost:8080/v1",
    default_headers={"X-Gateway-Key": "your-key"},
)
# everything else in your code stays identical

I want to run the whole stack.

git clone https://github.com/airblackbox/air-platform.git
cd air-platform && make up

I want AI governance inside my editor.

/plugin marketplace add airblackbox/air-blackbox-plugin
/plugin install air-blackbox@air-blackbox

Every other "AI audit trail" on the market signs with HMAC or RSA. Both will be breakable by quantum computers within the retention window of records you're generating right now. EU AI Act Article 12 requires logs kept for at least six months, often years.

AIR Blackbox signs with ML-DSA-65 (FIPS 204 / Dilithium3) — NIST's standardized post-quantum signature. Keys generated locally, never leave your machine. Evidence produced today still verifies in 2035.

• Julian Risch (deepset / Haystack) — public validation, 38-minute response time on GitHub
• Piero Molino (Ludwig) — merged compliance changes driven by AIR scan results
• arXiv AEGIS (Mar 2026) — independent research published the same interception architecture
• McKinsey State of AI Trust 2026 — trust infrastructure named as the critical agentic AI category
• Listed in awesome-ai-regulation and awesome-eu-ai-act

AIR is a witness, not a gatekeeper — until you tell it to be. Recording never breaks production flow. Dropped audit records are acceptable; dropped user requests are not. You cannot trust what you cannot prove.

Everything is Apache 2.0. Use it in commercial products. Fork it. Sell services around it. Keep the attribution.

airblackbox.ai · Documentation · Demo · Star the core repo to help other teams find us.

Not legal advice. A linter, not a lawyer. AIR Blackbox checks technical requirements; full EU AI Act compliance also requires organizational processes, documentation, and — depending on your risk classification — external conformity assessment.