I renamed my AI agent safety tool and added a team dashboard — here's what drove those decisions

A few months ago I wrote about building a file watcher for AI coding agents. The problem I was solving: when you're running Claude Code or Codex remotely, the agent modifies files you didn't expect, and by the time you notice, the change is already there.
Since then, a few things have shifted.
The context changed
I'm doing contract work that keeps me away from the machine most of the day. I still want to maintain my own projects — a beach flag dashboard, some internal tools — but I can't sit in front of a terminal for hours. So I've been experimenting with running AI agents more autonomously, checking in remotely, and managing them more like a lightweight PM than a hands-on developer.
That shift changed what I needed from the tool. It's not just "alert me when something dangerous happens." It became: I need to know what my agents did while I was away, across multiple projects, from my phone.
What I built since
The tool now has a persistent background daemon that runs via launchd on macOS — it starts on login and watches configured directories permanently, not just during active sessions. When something sensitive changes (.env, keys, CI configs, agent memory files like CLAUDE.md), it logs the event and sends a Telegram message with Keep/Rollback buttons.
The bigger addition was a team dashboard. Events from any machine running the daemon sync to a central server — I deployed mine on Railway. You open a browser, enter a token, and see what each machine detected, filtered by project and time range. I tested it with two machines and it works the way I hoped.
I also added a memory file scanner. When CLAUDE.md or .cursorrules changes, it scans the content for prompt injection patterns — things like "ignore previous instructions" or suspicious base64 strings. If it finds something, it elevates the alert to CRITICAL. This felt important as I started using agent memory files more heavily in my own workflow.
The rename
The tool was called AgentGuard. There's a company called GoPlus Security that also has a product called AgentGuard, focused on skill/plugin security — different angle, but the name collision was confusing. I spent some time looking for a better name and landed on Ilum — the planet in Star Wars where kyber crystals form and wait for their Jedi. It felt right for something that watches quietly and doesn't interfere unless something is wrong.
The npm package is ozilum.
Where it's at
It's open source, early, and I'm the main user. The team dashboard is functional but basic. The memory scanner catches obvious patterns but isn't sophisticated. I'm looking for solo developers and small teams who run AI agents regularly and want some visibility into what they're doing.
If you're building something AI-native and running agents with any autonomy, I'd genuinely appreciate feedback — what's missing, what's wrong, what's unnecessary.
npm install -g ozilum
GitHub: github.com/Osva2023/AgentGuard