Fact0 × Claude Code

Your AI writes code.
Fact0 keeps the receipts.

One plugin turns every Claude Code session into a tamper-evident, queryable audit log — every prompt, file edit, and shell command. Block dangerous actions before they run, and prove it afterward.

payments-serviceactive
12 prompts · 87 tools · $1.42

Turn 7“fix the failing auth test and clean up the handler”

  • Editapi/internal/auth/handler.go
  • Bashgo test ./internal/auth/...exit 0
  • Blocked Bashrm -rf is blocked: destructive and irreversible
  • Readapi/internal/auth/handler_test.go
hash chain verified — no events altered or removed

Zero per-session setup

Install once, and every session on the machine auto-logs. No wrappers, no SDK calls, no config files in your repos.

1

Install the plugin

One command inside Claude Code adds the Fact0 marketplace and installs the plugin. It hooks every lifecycle event automatically.

/plugin install fact0-claude-code@fact0
2

Set your API key

Grab a key from the Fact0 dashboard, export it once. There is no per-project or per-session setup after this.

export FACT0_API_KEY=f0_live_...
3

That's it

Every session now streams in: prompts, file edits, commands, permission decisions, subagents — hash-chained and queryable.

/fact0-status # capture: active

Built for developers first, auditors second

A readable session timeline

The Coding Agents view shows every session turn by turn: what you asked, which files the agent edited, which commands it ran, and what it cost. Your daily answer to “what did the AI actually do?”

Block dangerous actions — and prove it

Governance rules stop rm -rf, curl|sh, or writes to .env before they execute. Every allow and deny lands in the tamper-evident chain, so you can prove the block was real months later.

Privacy-first by design

The default capture mode ships file paths, commands, and prompts — never file contents or tool outputs. Redaction happens on your machine, before anything is sent. Hash-only mode is one env var away.

An audit trail regulators accept

Each event is SHA-256 hash-chained server-side. Run verify anytime to prove no session history was inserted, altered, or deleted — by anyone, including the agent itself.

You choose what leaves the machine

Three capture modes, redacted client-side before anything is sent. File contents and tool outputs never ship unless you explicitly opt into raw mode.

metadatadefault

Ships: File paths, command text, prompts, tool names

Protected: File contents, tool outputs

hashlocked-down

Ships: SHA-256 digests + lengths only

Protected: Everything — zero raw text leaves

rawopt-in

Ships: Everything, including contents

Protected: Nothing withheld

Solo developers

A searchable history of every AI coding session across your projects — what changed, when, and what it cost.

Team leads

Ship one policy.json in the repo and every teammate's agent obeys the same guardrails, with denials on the record.

Compliance & security

Push the plugin via managed settings so it can't be disabled, and hand auditors cryptographic evidence instead of screenshots.

See your next coding session in Fact0

Free tier included. Install the plugin, set your key, and open the Coding Agents view — your next session shows up live.