K9 Audit records every AI agent action as a CIEU five-tuple (context / action / intent / outcome / assessment), SHA256 hash-chained locally. Zero tokens consumed, no external servers.
I wondered: does K9 actually do what its README claims? So I used K9 to audit K9. The README became the intent contract (Y*_t). 28 claims tested. Two failures:
2. Sensitive params are redacted as {_type, _hash, _length}, not [REDACTED] as documented. The implementation exceeded the documentation.
The interesting part: a unit test would just say FAIL. The CIEU record shows the direction of the divergence -- "implementation exceeded documentation" is a different finding than "implementation broke the rule."
zippolyon•1h ago
I wondered: does K9 actually do what its README claims? So I used K9 to audit K9. The README became the intent contract (Y*_t). 28 claims tested. Two failures:
1. k9_wrap_module silently skips functions on dynamically-constructed modules. Undocumented edge case. Severity 0.6.
2. Sensitive params are redacted as {_type, _hash, _length}, not [REDACTED] as documented. The implementation exceeded the documentation.
The interesting part: a unit test would just say FAIL. The CIEU record shows the direction of the divergence -- "implementation exceeded documentation" is a different finding than "implementation broke the rule."
Full case study with all 28 test results: https://github.com/liuhaotian2024-prog/K9Audit/blob/main/cha...