.png)
2 hours ago
1
Local. Transparent. AI-Driven Security.
Real-time system monitoring with File Integrity, Process Monitor, and Network Sniffer widgets...
The system follows a 4-layer design...
v0.3 (NOW) → v1.0 → v2.0+ Real-time system monitoring with File Integrity, Process Monitor, and Network Sniffer widgets. Powered by multi-agent AI orchestration (CrewAI) + local LLM inference (Ollama).
| File Integrity | ✅ LIVE | Monitor file changes in real-time (~/Projects, ~/Downloads, ~/Documents) |
| Process Monitor | ✅ LIVE | Detect new process spawns, track PIDs, user context |
| Network Sniffer | ✅ LIVE | Log established connections, process-to-IP mapping (no root needed!) |
- OrchA (AI Task Master): Analyzes events, assigns threat levels, learns from feedback
- OrchB (Human-Facing): Permission management, user interaction, audit logging
- Tech-Human Translator: Converts technical findings → plain English alerts
- ✅ Local-first: Runs entirely on your machine (no cloud)
- ✅ Transparent: Every decision logged & explainable
- ✅ Granular Permissions: Observe → Alert → Analyze → Isolate → Auto-Respond
- ✅ Audit Trail: Complete history of all actions
Four-Layer Design:
- Sensor Layer — Widgets (File, Process, Network)
- Orchestration Layer — OrchA + OrchB agents
- Inference Layer — Ollama (local LLM)
- CLI/Audit Layer — User interface + logging
Full technical paper: See ARCHITECTURE.md
- Python 3.9+
- psutil — Process monitoring
- watchdog — File system events
- Ollama (optional) — Local LLM inference
Define what Guardian is allowed to do:
| Observe | Read-only monitoring | "Just watch my system" |
| Alert | Send notifications | "Alert me to suspicious activity" |
| Analyze | AI context analysis | "I want explanations" |
| Isolate | Quarantine processes (requires approval) | "Handle threats, ask me first" |
| Auto-Respond | Automatic mitigation | "I trust you to defend" |
Resource Profile (all widgets active):
| Core (OrchA+B) | 2-5% | 50-100 MB | Idle baseline |
| Ollama (inference) | 20-30% | 500MB-4GB | During analysis spikes |
| Widgets (all 3) | 2-3% | 60 MB | Extremely lightweight |
| Total | 5-15% | 600MB-4.2GB | Runs smoothly on any modern machine |
- ✅ File Integrity Widget
- ✅ Process Monitor Widget
- ✅ Network Sniffer Widget
- ✅ OrchA + OrchB orchestration
- ✅ CLI interface
- ✅ Audit logging
- Network Sniffer advanced features
- Hot-reload widgets
- Plugin system (beta)
- Advanced CLI + TUI dashboard
- Community feedback integration
- Additional widgets (Resource Drain, Registry Watch, Crypto Detector)
- Widget marketplace
- Multi-machine telemetry (optional)
- Fine-tuned LLM models for specific threat domains
- Governance & community roadmap
Guardian protects against:
- File tampering (ransomware, accidental overwrites)
- Suspicious process spawning
- Unexpected network activity
- Anomalous user behavior
Guardian does NOT protect against:
- Kernel-level rootkits
- Offline attacks
- Cryptographic backdoors in system libraries
Philosophy: Guardian is complementary to traditional antivirus, not a replacement.
We welcome contributions! Here's how:
- Fork the repo
- Create a branch (git checkout -b feature/my-widget)
- Build your widget (see Widget Development Guide)
- Test locally (python guardian.py)
- Submit a PR with description + test results
Drop your widget in /widgets/ and Guardian auto-loads it!
- Full Technical Paper — Deep dive into design, multi-agent orchestration, CrewAI patterns
- CLI Reference — Complete command reference
- Widget Development — Build your own sensors
- Permission Model — Security & audit trails
MIT License — See LICENSE for details.
TL;DR: You can use, modify, and distribute Archie Guardian freely, even commercially. Just give credit.
Q: Why local instead of cloud?
A: Privacy, speed, control. Your data stays on your machine. Plus, no subscription fees!
Q: Can I use other LLMs?
A: v0.3 uses Ollama, but v1 will support LM Studio, Hugging Face, and custom models.
Q: Is this a replacement for antivirus?
A: No. Guardian does behavioral monitoring & anomaly detection. Use it alongside traditional antivirus.
Q: What's the learning curve?
A: Minimal. Run guardian status and you're done. Advanced tuning is optional.
Q: How do I report bugs?
A: Open an Issue on GitHub.
- Star the repo ⭐ (helps us grow!)
- Try v0.3 — Run python guardian.py and test the widgets
- Share feedback — What would YOU monitor?
- Contribute — Build a custom widget!
- Spread the word — Tweet, blog, discuss!
- GitHub: archiesgate42-glitch/archie-guardian
- Issues: Report bugs or request features
- Discussions: Share ideas & feedback
Archie Guardian embodies three principles:
- Transparency — You understand every decision the system makes
- Autonomy — You control what Guardian can do
- Community — Together we build the security tools we deserve
Made with ❤️ by Archie Gate
November 2025
