hoziron security
Security tools — status summary, audit trail, and integrity verification.
Synopsis
hoziron security <subcommand> [options]
Subcommands
| Subcommand | Description |
|---|---|
status | Show security status summary |
audit | Show recent audit trail entries |
verify | Verify audit trail integrity (Merkle chain) |
hoziron security status
hoziron security status [--json]
Example
$ hoziron security status
Security Status
───────────────
TLS: enabled (cert valid until 2027-01-15)
Authentication: enabled (3 active keys)
IP Allowlist: configured (2 rules)
Audit Trail: enabled (1,247 entries)
Audit Integrity: ✓ verified
Recommendations:
✓ All checks passed
# With issues
$ hoziron security status
Security Status
───────────────
TLS: disabled ⚠
Authentication: disabled ⚠
IP Allowlist: not configured
Audit Trail: enabled (892 entries)
Audit Integrity: ✓ verified
Recommendations:
⚠ Enable TLS for production deployments
⚠ Enable authentication to restrict API access
hoziron security audit
Show recent audit trail entries.
hoziron security audit [--limit <n>] [--json]
Flags
| Flag | Description | Default |
|---|---|---|
--limit <n> | Maximum entries to show | 20 |
--json | JSON output | — |
Example
$ hoziron security audit
TIMESTAMP ACTOR ACTION TARGET
2026-06-04 10:15:02 ci-deploy-bot agent.create claims-agent-v2
2026-06-04 10:14:58 ci-deploy-bot competency.install claims-intake
2026-06-04 09:30:00 system health.recovery memory-subsystem
2026-06-04 09:00:00 admin auth.create-key grafana-scraper
2026-06-04 08:45:12 claims-agent agent.send_message (message processed)
$ hoziron security audit --limit 5 --json
[
{
"timestamp": "2026-06-04T10:15:02Z",
"actor": "ci-deploy-bot",
"action": "agent.create",
"target": "claims-agent-v2",
"details": {}
}
]
hoziron security verify
Verify the audit trail's Merkle chain integrity. Detects if any entries have been tampered with.
$ hoziron security verify
Verifying audit trail integrity...
Entries checked: 1,247
Chain valid: ✓
First entry: 2026-05-20T08:00:00Z
Last entry: 2026-06-04T10:15:02Z
✓ Audit trail integrity verified
# If tampered
$ hoziron security verify
Verifying audit trail integrity...
Entries checked: 1,247
✗ Chain broken at entry #892
Expected hash: sha256:a1b2c3...
Actual hash: sha256:deadbe...
✗ Audit trail integrity check FAILED
Entry #892 or a predecessor has been modified.
Audit Trail
The audit trail records all significant platform operations with:
- Timestamp — when it happened
- Actor — who did it (API key name, "system", or agent name)
- Action — what was done (agent.create, auth.revoke-key, etc.)
- Target — what it was done to
- Details — additional context (JSON)
The trail uses a Merkle chain (each entry includes the hash of the previous entry) to make tampering detectable.
See Also
- auth.md — API key management
- ../enterprise-deployment.md — Security hardening checklist