DOCUMENTATION / V0.3.0

Install once. Use your agent.

Invoke $agent-ledger in Codex or /agent-ledger in Claude Code, then let the agent complete a bounded verification and correction pass before handoff.

01 / INSTALL

Install in one command

Requirements: Git, Node 20+, and Codex or Claude Code. Run from the project root:

npx --yes github:sprintagency-it/agent-ledger#v0.3.0 setup --project .

Setup writes the shareable workflow to .agents/skills/agent-ledger/ for Codex and .claude/skills/agent-ledger/ for Claude Code, installs the private runtime under .agent-ledger/runtime/, and ensures .agent-ledger/ is ignored.

02 / FIRST TASK

Invoke the skill with a concrete outcome

# Codex
Use $agent-ledger to fix the signup validation bug, stay within src/signup and tests, and run the relevant tests.

# Claude Code
/agent-ledger Fix the signup validation bug, stay within src/signup and tests, and run the relevant tests.

The skill defines goal, scope, checks, and approval boundaries before editing. It then captures the task, renders findings, fixes safe true positives, and refreshes the review once.

Good task shape

  • Name the behavior to change.
  • Include likely path boundaries when known.
  • State the verification you expect.
  • Keep auth, secrets, deploys, and destructive actions explicit.

03 / OUTPUTS

Two readers, one evidence set

FilePrimary readerPurpose
review.jsonAgentStatus, evidence counts, and structured findings.
fix-brief.mdAgent + humanClassification queue and safe automatic-fix boundary.
executive-summary.mdHumanShortest run outcome and unresolved review items.
pr-review.mdReviewerMerge-facing PASS, WARN, or BLOCK record.
replay.htmlHumanOffline visual timeline and risk context.
share/HandoffSmaller redacted bundle for deliberate sharing.

04 / BOUNDARIES

Correction is deliberate, not blind

Every critical or high finding is classified as true_positive, false_positive, or unresolved. The agent may automatically fix a true positive only when it is reversible, inside scope, and does not alter auth, secrets, permissions, billing, deployment, external data, or destructive behavior.

Risk rules are deterministic signals. Generic words such as API or credentials do not prove exposure; concrete paths, access behavior, and value-like evidence matter.

05 / DIRECT CLI

Use the lower-level runtime when needed

LEDGER=".agent-ledger/runtime/src/cli.mjs"
SESSION="$(node "$LEDGER" start --project . --name "my-run" --goal "Concrete outcome" --scope "src,tests" --out .agent-ledger/runs/my-run)"

# Make changes and run checks.
node "$LEDGER" ingest --type git --session "$SESSION"
node "$LEDGER" render --session "$SESSION"

Calling Git ingest again refreshes the final file evidence instead of duplicating it. Command evidence remains available across the correction pass.

06 / GITHUB ACTION

Capture an agent command in CI

- id: agent-ledger
  uses: sprintagency-it/agent-ledger@v0.3.0
  with:
    command: "node scripts/run-ai-agent-task.mjs"
    goal: "Review this AI-generated change before merge"
    scope: "src,tests"
    fail-on-critical: "true"

The Action attributes only changes created after its command starts. It does not yet review an arbitrary existing PR diff.