Get This Tool
Legibility Field Kit
Summary
Governance logs full of 'the team approved it' and timestamps with no witness are not oversight — they are paper trails that collapse under the first audit. The Legibility Field Kit exists to catch exactly that before the auditor does.
The kit is a zero-dependency Python CLI that runs three checks against your AI decision records: does every change name a specific human owner, is time-to-reverse recorded for reversible actions, and does each entry carry a complete OTW receipt — Owner, Time, Witness. Run `audit` against a directory of governance files and it surfaces every defect in seconds. The scoring command turns those findings into a maturity grade across the three tests, giving compliance teams a number to track sprint over sprint. The wall appears fast: the kit reads files, flags gaps, and stops — it does not integrate with your ticketing system, your CI pipeline, or your approval workflow.
Bottom line: Reach for this when you need to prove your governance files are not theater; look elsewhere when you need the tool to enforce accountability at the point where decisions are actually made.
Community Performance Report Card
No community ratings yet. Be the first to rate this tool!
Community Benchmarks Community
Sign in to submit a benchmarkNo community benchmarks yet. Be the first to share a real-world data point.
Pros
Sign in to edit- Zero external dependencies, so the tool runs in an air-gapped or locked-down environment without a dependency audit of its own — which means regulated teams do not have to clear a supply-chain review just to use the auditor.
- The `init` command scaffolds governance files before a system goes live, so teams start with compliant structure rather than retrofitting it after a finding.
- OTW receipt detection — Owner, Time, Witness — catches the specific pattern where 'the team' or 'engineering' appears in the owner field, which is the defect that makes approval records legally meaningless under most accountability frameworks.
- Apache-2.0 license with self-hosted option, so your governance records and their audit results never leave your own infrastructure — critical when the files themselves contain sensitive decision rationale.
- Maturity scoring across three discrete tests gives compliance leads a metric that moves, so governance improvement has a number attached rather than being a qualitative assertion.
Cons
Sign in to edit- The kit audits files that already exist — if your team's governance process lives in Jira tickets, Confluence pages, or Slack threads rather than structured files in a directory, there is nothing for the tool to read, and the first project becomes manually exporting records into a format the CLI can parse.
- There is no CI integration, webhook, or pre-commit hook provided out of the box, so the audit runs when someone remembers to run it; teams that need enforcement at the moment a decision is logged — not after the fact — add their own pipeline glue, at which point they are maintaining that integration themselves.
- The repository shows two stars and a single commit at time of listing, which means community-tested edge cases, maintained issue trackers, and peer-vetted documentation are absent; teams with complex governance schemas that do not match the demo structure have no community forum to consult and will be reading source code to understand behavior, which pushes some teams toward building a custom linter in-house instead.
Community Reviews
Sign in to write a reviewNo reviews yet. Be the first to share your experience.
About
- Platforms
- Python
- API Available
- No
- Self-Hosted
- Yes
- Last Updated
- 2026-07-11T08:16:03.814Z
Best For
Who it's for
- AI governance and compliance teams
- Organizations requiring auditable human oversight
- Developers maintaining decision records for regulated systems
What it does well
- Audit AI decision logs for human accountability
- Scaffold governance files for new systems
- Score governance maturity on three legibility tests
- Detect theater-style approvals lacking named owners or witnesses
Discussion Community
Sign in to commentNo discussion yet. Sign in to start the conversation.
Compare Legibility Field Kit
Spotted incorrect or missing data? Join our community of contributors.
Sign Up to ContributeCommunity Notes & Tips Community
Sign in to contributeBe the first to contribute. General notes, observations, gotchas, and tips from people who use this tool day-to-day.
Frequently Asked Questions
- Is Legibility Field Kit free?
- Legibility Field Kit has a permanent free tier alongside paid upgrades. You can keep using a baseline version indefinitely without paying.
- Is Legibility Field Kit open source?
- Yes. Legibility Field Kit is open source.
- Can I self-host Legibility Field Kit?
- Yes. Legibility Field Kit supports self-hosting on your own infrastructure.
- What platforms does Legibility Field Kit support?
- Legibility Field Kit is available on: Python.
Hours Saved & ROI Stories Community
Sign in to contributeBe the first to contribute. Concrete time/cost savings, with context. e.g. "Cut my code review backlog from 4h to 45m per week."
Curated lists that include this category
Most AI governance processes fail the same way: approval records name a role or a team instead of a person, reversible actions ship without a rollback window documented, and the witness field is blank or missing entirely. The Legibility Field Kit is an open-source CLI auditor — Apache-2.0 licensed, no external dependencies — that runs three legibility tests against your existing governance file structure. The core workflow is three commands: `init` scaffolds compliant governance files for a new system, `audit` walks a directory and emits a finding for every violation of the owner, reversibility, or OTW (Owner, Time, Witness) rules, and `score` grades the system’s governance maturity across those three axes.
The differentiating design choice is what the tool refuses to do. It performs static checks on files you already maintain — it does not act as an agent, does not call external APIs, and carries zero runtime dependencies. That means there is nothing to provision, no credentials to rotate, and no vendor call path that breaks when a third-party service has an outage. The audit of a demo system runs in under a minute from a fresh clone.
The kit fits teams that already produce governance artifacts — decision logs, change records, approval files — and need a repeatable, auditable way to prove those artifacts meet a legibility standard. It fits regulated environments where a named human must sign off on AI-touched decisions and that signature must be verifiable. It breaks when the problem is upstream: if your process does not yet produce structured governance files, the kit has nothing to audit. The vendor offers a commercial kit at forgedculture.com for teams that need extended capabilities beyond the open core.
The repository ships with a `demo_system` directory and a `check.sh` script so the audit command produces real output against a sample set of files on first run. The PDF `ThreeTests_LegibilityFieldKit.pdf` documents the three-test framework the scoring logic implements, which is the artifact compliance teams are most likely to present to an external auditor.
