Ledgermind
БесплатноНе проверенLocal LLM cost & token forensics proxy with anomaly detection, enabling security teams to scan for cost anomalies and abuse patterns, and expose results via MCP
Описание
Local LLM cost & token forensics proxy with anomaly detection, enabling security teams to scan for cost anomalies and abuse patterns, and expose results via MCP for autonomous agents.
README
LEDGERMIND
Local LLM cost & token forensics proxy with anomaly detection
PyPI CI License: COCL 1.0 Suite
AI Security & Governance — securing LLMs, agents, and the MCP supply chain.
pip install cognis-ledgermind
ledgermind scan . # → prioritized findings in seconds
🔎 Example output
Real, reproducible output from the tool — runs offline:
$ ledgermind-emit --version
ledgermind 0.1.0
$ ledgermind-emit --help
usage: ledgermind [-h] [--version] {audit} ...
Local LLM cost & token forensics with anomaly detection.
positional arguments:
{audit}
audit Audit an LLM request log (JSONL or JSON array).
options:
-h, --help show this help message and exit
--version show program's version number and exit
Blocks above are real
ledgermindoutput — reproduce them from a clone.
Sample result format (illustrative values — run on your own data for real findings):
{
"finding": {
"id": "1234567890",
"category": "vulnerability",
"name": "Apache Log4j RCE",
"description": "A remote code execution vulnerability in Apache Log4j.",
"severity": "high",
"created_at": "2021-12-10T14:30:00Z"
},
"indicators": [
{
"type": "ip",
"value": "192.0.2.1"
},
{
"type": "domain",
"value": "example.com"
}
],
"recommendations": [
{
"text": "Update Apache Log4j to version 2.16.0 or later."
}
]
}
Usage — step by step
- Install (Python 3.8+, stdlib only):
pip install ledgermind - Audit an LLM request log (JSONL or JSON array) for cost, tokens, and anomalies:
Reports totals plus cost-by-model and cost-by-API-key breakdowns.ledgermind audit logs.jsonl - Override pricing and tune anomaly sensitivity:
(ledgermind audit logs.jsonl --pricing custom_pricing.json --mad-threshold 3.0--pricingis merged over the built-in defaults;--mad-thresholdis the modified z-score cutoff.) - Read the output as JSON:
ledgermind audit logs.jsonl --format json | jq '.total_cost_usd, .anomalies[]' - Gate CI / cron on spend anomalies — exit
2when any anomaly is detected:ledgermind audit logs.jsonl --fail-on-anomaly || echo "LLM spend anomaly detected"
Contents
- Why ledgermind? · Features · Quick start · Example · Architecture · AI stack · How it compares · Integrations · Install anywhere · Related · Contributing
Why ledgermind?
Local LLM cost & token forensics proxy with anomaly detection — without standing up heavyweight infrastructure.
ledgermind is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table · JSON · SARIF), gate CI on it, and let agents drive it over MCP.
Features
- ✅ Price Call
- ✅ Load Events
- ✅ Detect Anomalies
- ✅ Build Report
- ✅ Runs on Linux/macOS/Windows · Docker · devcontainer
- ✅ Ports in Python, JavaScript, Go, and Rust (
ports/)
Quick start
pip install cognis-ledgermind
ledgermind --version
ledgermind scan . # scan current project
ledgermind scan . --format json # machine-readable
ledgermind scan . --fail-on high # CI gate (non-zero exit)
Example
$ ledgermind scan .
[HIGH ] LED-001 example finding (./src/app.py)
[MEDIUM ] LED-002 another signal (./config.yaml)
2 findings · risk score 5 · 38ms
Architecture
flowchart LR
IN[addresses + transactions] --> P[ledgermind<br/>cluster + trace]
P --> OUT[sanctions xref / report]
Use it from any AI stack
ledgermind is interoperable with every popular way of using AI:
- MCP server —
ledgermind mcp(Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet) - OpenAI-compatible / JSON — pipe
ledgermind scan . --format jsoninto any agent or LLM - LangChain · CrewAI · AutoGen · LlamaIndex — wrap the CLI/JSON as a tool in one line
- CI / scripts — exit codes + SARIF for non-AI pipelines
How it compares
| Cognis ledgermind | BerriAI | |
|---|---|---|
| Self-hostable, no account | ✅ | varies |
| Single command, zero config | ✅ | ⚠️ |
| JSON + SARIF for CI | ✅ | varies |
| MCP-native (AI agents) | ✅ | ❌ |
| Polyglot ports (JS/Go/Rust) | ✅ | ❌ |
| Open license | ✅ COCL | varies |
Built in the spirit of BerriAI/litellm, re-framed the Cognis way. Missing a credit? Open a PR.
Integrations
Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (ledgermind mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.
Install — every way, every platform
pip install "git+https://github.com/cognis-digital/ledgermind.git" # pip (works today)
pipx install "git+https://github.com/cognis-digital/ledgermind.git" # isolated CLI
uv tool install "git+https://github.com/cognis-digital/ledgermind.git" # uv
pip install cognis-ledgermind # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/ledgermind:latest --help # Docker
brew install cognis-digital/tap/ledgermind # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/ledgermind/main/install.sh | sh
| Linux | macOS | Windows | Docker | Cloud |
|---|---|---|---|---|
scripts/setup-linux.sh |
scripts/setup-macos.sh |
scripts/setup-windows.ps1 |
docker run ghcr.io/cognis-digital/ledgermind |
DEPLOY.md (AWS/Azure/GCP/k8s) |
Related Cognis tools
- aegis — AI Agent Permission & Access Auditor — surfaces the lethal trifecta of credentials + injection + reach
- promptmirror — Prompt-injection & indirect-injection scanner for any LLM context input
- adversa — LLM red-team harness — OWASP LLM Top 10 + MITRE ATLAS attack packs
- guardpost — Runtime agent firewall — PII redaction, rate limits, policy enforcement
- hallumark — LLM hallucination & grounding auditor for RAG systems
- aicard — Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards
Explore the suite → 🗂️ all 170+ tools · ⭐ awesome-cognis · 🔗 cognis-sources · 🤖 uncensored-fleet · 🧠 engram
Contributing
PRs, new rules, and demo scenarios are welcome under the collaboration-pull model — see CONTRIBUTING.md and SECURITY.md.
⭐ If
ledgermindsaved you time, star it — it genuinely helps others find it.
Interoperability
{} composes with the 300+ tool Cognis suite — JSON in/out and a shared
OpenAI-compatible /v1 backbone. See INTEROP.md for the
suite map, composition patterns, and reference stacks.
License
Source-available under the Cognis Open Collaboration License (COCL) v1.0 — free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license ([email protected]). See LICENSE.
Установка Ledgermind
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/cognis-digital/ledgermindFAQ
Ledgermind MCP бесплатный?
Да, Ledgermind MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Ledgermind?
Нет, Ledgermind работает без API-ключей и переменных окружения.
Ledgermind — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Ledgermind в Claude Desktop, Claude Code или Cursor?
Открой Ledgermind на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Gmail
Read, send and search emails from Claude
автор: GoogleSlack
Send, search and summarize Slack messages
автор: SlackRunbear
No-code MCP client for team chat platforms, such as Slack, Microsoft Teams, and Discord.
Discord Server
A community discord server dedicated to MCP by [Frank Fiegel](https://github.com/punkpeye)
Compare Ledgermind with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории communication
