Back to Directory/Developer Tools

io.github.agent-polis/impact-preview

Impact preview for AI agents - see what changes before any action executes.

Developer ToolsPythonv0.2.1
View on GitHub

πŸ” Agent Polis

Impact Preview for AI Agents - "Terraform plan" for autonomous AI actions

License: MIT Python 3.11+

See exactly what will change before any AI agent action executes.

Agent Polis intercepts proposed actions from autonomous AI agents, analyzes their impact, shows you a diff preview of what will change, and only executes after human approval. Stop worrying about your AI agent deleting your production database.

🎯 The Problem

Autonomous AI agents are powerful but dangerous. Recent incidents:

  • Replit Agent deleted a production database, then lied about it
  • Cursor YOLO mode deleted an entire system including itself
  • Claude Code learned to bypass safety restrictions via shell scripts

Developers want to use AI agents but don't trust them. Current solutions show what agents want to do, not what will happen. There's no "terraform plan" equivalent for AI agent actions.

πŸš€ The Solution

AI Agent proposes action β†’ Agent Polis analyzes impact β†’ Human reviews diff β†’ Approve/Reject β†’ Execute
diff
# Example: Agent wants to write to config.yaml
- database_url: postgresql://localhost:5432/dev
+ database_url: postgresql://prod-server:5432/production
! WARNING: Production database URL detected (CRITICAL RISK)

✨ Features

  • Impact Preview: See file diffs, risk assessment, and warnings before execution
  • Approval Workflow: Approve, reject, or modify proposed actions
  • Risk Assessment: Automatic detection of high-risk operations (production data, system files, etc.)
  • Audit Trail: Event-sourced log of every proposed and executed action
  • SDK Integration: Easy @require_approval decorator for your agent code
  • Dashboard: Streamlit UI for reviewing and approving actions

πŸš€ Quick Start (2 minutes)

The fastest way to try Agent Polis is the MCP server with Claude Desktop or Cursor.

1. Install & Run

bash
pip install impact-preview
impact-preview-mcp

2. Configure Claude Desktop

Add to your config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):

json
{
    "mcpServers": {
        "impact-preview": {
            "url": "http://localhost:8000/mcp"
        }
    }
}

3. Try It

Ask Claude to edit a file - it now has these tools:

ToolWhat it does
preview_file_writeShows diff before any edit
preview_file_deleteShows what will be lost
preview_shell_commandFlags dangerous commands
check_path_riskQuick risk check for any path

Example prompt:

"Preview what would happen if you changed the database URL in config.yaml to point to production"

Claude will show you the diff and risk assessment before making changes.

πŸ“¦ Full Server Installation

For the complete approval workflow with dashboard and API:

bash
# Using Docker (recommended)
docker-compose up -d

# Or locally
pip install impact-preview
impact-preview

Register an Agent

bash
curl -X POST http://localhost:8000/api/v1/agents/register \
  -H "Content-Type: application/json" \
  -d '{"name": "my-agent", "description": "My AI coding assistant"}'

Submit Action β†’ Review β†’ Approve

bash
# Submit
curl -X POST http://localhost:8000/api/v1/actions \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"action_type": "file_write", "target": "/app/config.yaml", "description": "Update DB URL", "payload": {"content": "db: prod"}}'

# Preview
curl http://localhost:8000/api/v1/actions/ACTION_ID/preview -H "X-API-Key: YOUR_API_KEY"

# Approve (or reject)
curl -X POST http://localhost:8000/api/v1/actions/ACTION_ID/approve -H "X-API-Key: YOUR_API_KEY"

Audit Trail (Events)

You can retrieve the complete audit trail for an action:

bash
curl http://localhost:8000/api/v1/actions/ACTION_ID/events -H "X-API-Key: YOUR_API_KEY"

ActionPreviewGenerated event payload includes machine-readable governance context:

  • data.governance.policy.decision / data.governance.policy.matched_rule_id
  • data.governance.scanner.reason_ids / data.governance.scanner.max_severity

🐍 SDK Integration

Wrap your agent's dangerous operations:

python
from agent_polis import AgentPolisClient

client = AgentPolisClient(api_url="http://localhost:8000", api_key="YOUR_KEY")

# Decorator approach - blocks until human approves
@client.require_approval(action_type="file_write")
def write_config(path: str, content: str):
    with open(path, 'w') as f:
        f.write(content)

# This will: submit β†’ wait for approval β†’ execute only if approved
write_config("/etc/myapp/config.yaml", "new content")

πŸ–₯️ Dashboard

Launch the Streamlit dashboard to review pending actions:

bash
pip install impact-preview[ui]
streamlit run src/agent_polis/ui/app.py

πŸ“š API Reference

Actions API

EndpointMethodDescription
/api/v1/actionsPOSTSubmit action for approval
/api/v1/actionsGETList your actions
/api/v1/actions/pendingGETList pending approvals
/api/v1/actions/{id}GETGet action details
/api/v1/actions/{id}/previewGETGet impact preview
/api/v1/actions/{id}/diffGETGet diff output
/api/v1/actions/{id}/approvePOSTApprove action
/api/v1/actions/{id}/rejectPOSTReject action
/api/v1/actions/{id}/executePOSTExecute approved action

Action Types

  • file_write - Write content to a file
  • file_create - Create a new file
  • file_delete - Delete a file
  • file_move - Move/rename a file
  • db_query - Execute a database query (read)
  • db_execute - Execute a database statement (write)
  • api_call - Make an HTTP request
  • shell_command - Run a shell command
  • custom - Custom action type

Risk Levels

  • Low: Read operations, safe changes
  • Medium: Write operations to non-critical files
  • High: Delete operations, system files
  • Critical: Production data, irreversible changes

πŸ”§ Configuration

bash
# .env
SECRET_KEY=your-secret-key
DATABASE_URL=postgresql+asyncpg://user:pass@host:5432/agent_polis
REDIS_URL=redis://localhost:6379/0

# Optional
FREE_TIER_ACTIONS_PER_MONTH=100
LOG_LEVEL=INFO

πŸ—ΊοΈ Roadmap

VersionFocusStatus
v0.2.0File operation previewCurrent
v0.3.0Database operation previewPlanned
v0.4.0API call previewPlanned
v0.5.0IDE integrations (Cursor, VS Code)Planned
v1.0.0Production readyPlanned

🀝 Contributing

bash
git clone https://github.com/agent-polis/impact-preview.git
cd impact-preview
pip install -e .[dev]
pre-commit install
pytest

πŸ“„ License

MIT License - see LICENSE for details.

Built for developers who want AI agents they can actually trust.

Learn More

Best MCP Servers for DevOps: GitHub, Docker, CloudflareMCPFind indexes 3,141 devtools MCP servers and 164 cloud servers, making DevOps one of the richest categories in the directory. We analyzed both to surface the strongest options for CI/CD automation, container management, and cloud infrastructure operations.Read articleHow to Set Up MCP Servers in JetBrains IDEs (2026 Guide)JetBrains IDEs added MCP support through their AI Assistant plugin, giving IntelliJ IDEA, WebStorm, PyCharm, and GoLand users access to the same MCP server ecosystem as Cursor and VS Code. This guide covers how to configure MCP in JetBrains, which devtools servers work well, and how the experience compares to other MCP-enabled IDEs.Read articleHow to Deploy an MCP Server with DockerMost MCP servers fail in production because they depend on local system state that Docker eliminates. This guide shows how to write Dockerfiles for Node.js and Python MCP servers, expose the right ports, and push to a container registry for reliable remote deployment.Read article