This page explains every core macOS workflow: tabs and features, Policy Pack v1.2.2 rules and POL-X extensions, CLI operations, local sidecar files, troubleshooting, and practical audit procedures.
1) Install BeProof on macOS
macOS app (recommended)
Download the signed and notarized DMG from the latest GitHub release, open it, and drag BeProofApp.app to Applications.
Install the production beproof command for headless scans, policy evaluation, and export without building from source. The public Homebrew tap tracks https://github.com/oxy9en/AgAudit-releases.
To update later, run brew update && brew upgrade beproof.
2) Core workflow
Run Audit from the Overview toolbar (or execute scan commands via CLI).
When coverage gaps remain after the first scan, BeProof opens Evidence Checklist once to show the next local and cloud collection steps.
Start with Audit Readiness: check evidence completeness, last run time, and scan scope.
Resolve coverage gaps first — without this, the audit remains incomplete.
Review Active policy violations and open findings by severity from Overview or the detail tabs.
Record approved exceptions through allowlist (approved issues remain visible).
Review pending first-seen MCP servers and add to mcpServers after review (POL-X09).
In managed mode, confirm provider account classification on Local vs Cloud and resolve POL-X05 items in Review Queue when personal or unclassified cloud usage is detected.
In managed mode, publish approvedGrantScopes in the org-policy overlay and resolve POL-X04 / Cloud Grants Review Queue items when grant edges exceed approved templates.
Export evidence in JSON/Markdown format, then verify with the appropriate CLI command (see section 13).
Default inventory scope is known agent locations plus the current project root. BeProof does not crawl the entire user home directory or / by default; unreadable or missing scope is reported as a scan_scope coverage gap.
3) Evidence Checklist
Evidence Checklist is a guided status sheet — not an in-app settings panel. It tells you which evidence layers are complete, which operations to run next, and whether cloud connectors are optional or required for the current audit mode. BeProof does not store provider admin keys in the UI; cloud setup happens through shell environment variables followed by restart, then grant, declaration, and usage collection from the checklist or Coverage tab.
Personal-mode success state: local evidence complete, cloud optional
Two-step checklist
Step 1 · Local evidence — declared configuration scan and local usage import from automation and IDE history.
Step 2 · Cloud evidence — admin tokens, cloud grant enumeration, cloud agent declarations, and cloud usage fetch. Step labels show whether cloud is optional, required by org policy, or already complete.
Dual-mode posture
Mode
When it applies
Cloud layer
Policy evaluability
Personal default
No org-policy overlay, or requiredCloudConnectors is empty, and no provider admin keys are in the app environment
Optional — local scan + local usage can complete the audit
org-policy-overlay.json lists requiredCloudConnectors (for example openai, github)
Required — cloud token setup and enumeration steps must finish before sign-off
POL-G03, POL-O03, POL-X03, POL-X04, and POL-X05 become waitingForSetup until cloud evidence, grant edges, scope templates, and provider account classification are loaded
Managed orgs deploy .beproof/org-policy-overlay.json with requiredCloudConnectors and, when grant evidence is required, approvedGrantScopes. See Managed deployment for overlay delivery, scope templates, and connector expectations.
When the checklist appears
Auto-opens once after the first scan or audit that leaves coverage gaps
Overview hero button when local or cloud checklist steps are still incomplete
Toolbar Evidence Checklist button when checklist steps are incomplete or Local vs Cloud reconciliation is waiting for cloud declarations
Local vs Cloud warning banner when cloud checking is not configured
When local evidence is already complete and cloud is optional, the checklist is informational. Use Copy cloud setup instructions to copy export commands for provider admin keys. Expand Provider details and Policy evaluability when cloud setup is active to see connector readiness and whether POL-G03, POL-O03, POL-X03, POL-X04, and POL-X05 can evaluate.
For provider account classification after cloud declarations load, see section 4. For org-approved grant scope templates and Cloud Grants review, see section 4b. For row-level reconciliation, continue on the Local vs Cloud tab. For category-level missing checks, use Coverage.
BeProof classifies cloud provider connectors as Personal, Organization, or Unknown during cloud declaration enumeration. Classification flows into cloud connector surfaces, cloud usage events, managed policy evaluation (POL-X05), and Review Queue items with kind personal_account_usage. Inconclusive probes create a provider_attribution coverage gap instead of silently passing.
Classification signals
Provider
Probe
Typical result
Notes
OpenAI
GET /v1/organization returns 200
Organization
Organization id from API response
OpenAI
Organization denied; /v1/models succeeds
Personal
User or project API key
Anthropic
Admin token vs user API key probes
Organization or Personal
Depends on which token resolves
Cursor
Enterprise daily-usage API returns 200
Organization
Team or workspace context
GitHub
PAT with resolved user subject
Personal
GitHub username stored as workspaceId
Google
Attribution not implemented yet
Unknown + coverage gap
Expect provider_attribution gap until supported
Verify in the app
Local vs Cloud inspector → Account field on cloud connector surfaces (Personal / Organization / Unknown)
Policy tab → POL-X05 violated in managed mode when personal or unclassified cloud usage is detected
For managed pilots, copy packages/contracts/examples/org-policy-overlay-managed.json to .beproof/org-policy-overlay.json or deliver it through MDM. See Managed deployment for overlay delivery and acceptance checks.
BeProof compares enumerated cloud grant edges against org-approved scope templates in approvedGrantScopes. Templates resolve through GrantScopeTemplateSettings: managed audits use the org-policy overlay only; personal audits prefer the local policy allowlist and fall back to the overlay. When managed mode requires the granted evidence layer but templates are empty, POL-X04 fails closed with a grant_scope_templates coverage gap instead of silently passing. Individual grant scopes outside the template surface as POL-X04 violations and Review Queue items with kind cloud_grant_over_approved_scope.
Template precedence
Audit mode
Primary source
Fallback
Notes
Managed
org-policy overlay only
policy-allowlist ignored
MDM-delivered approvedGrantScopes is authoritative for POL-X04
Personal
policy-allowlist first
org-policy overlay fallback
Local allowlist for exceptions; overlay used when allowlist has no templates
Coverage tab → grant_scope_templates gap when managed requiredSources includes granted but templates are empty
Review Queue: Cloud Grants
Use the Cloud Grants category to review grant edges that exceed approved templates or managed configuration gaps when approvedGrantScopes is missing from the MDM overlay. Decisions include approving an expected grant, marking scope reduced after remediation, or accepting risk temporarily while templates are updated.
Verify with CLI
Run from a project with grant edges loaded after cloud enumeration:
For managed pilots, deliver approvedGrantScopes through the org-policy overlay at the MDM system path. See Managed deployment for overlay delivery and POL-X04 acceptance checks.
5) Application tabs
Each tab below maps to one operational view in the macOS app. Screenshots are shown inline where the tab has a dedicated capture. Selecting a row in most tabs opens the matching inspector panel documented in section 6.
Overview
Readiness-first audit home: evidence completeness, last run freshness, scan scope, risks by severity, detected agents, and collected evidence.
Run Audit from the toolbar or follow the primary hero CTA
Open Evidence Checklist from Overview or the toolbar when evidence collection is incomplete or cloud reconciliation is pendingSee Evidence Checklist
Confirm evidence readiness, last audit time, and scan scope before trusting results
Review policy and findings rows by severity; each row opens the detailed tab
Use Agents Detected and Evidence Collected cards as shortcuts to inspect supporting data
Overview tab
Agents
User-friendly inventory of detected AI tools: which tools are configured, whether automations are active or paused, recent local activity, and items that need attention.
Start with Agent Status cards such as Active, Paused, Used Recently, Needs Attention, or No Usage Found
Use Agent Tools chips to focus on providers such as Codex, Cursor, Claude, MCP, or instruction files
Select an agent row to review tool details, where it applies, recent activity, and policy flagsSee Agents inspector
Open Configuration Details when you need the underlying source file and deeper evidence mapSee Inspector Actions
Actionable evidence map of discovered agent configuration and instruction files, showing how each file connects to observed usage, findings, policy rule matches, and linked evidence.
Start with Configured, Used Recently, No Matching Usage, Related Risks, or Rule Matches cards to focus the map
Use Scope, Kind, and search filters to review configuration files by project, file type, path, or usage state
Select a configuration row to inspect where it was found, what it means, observed usage, related risks, and rule matchesSee Surfaces inspector
Use Linked Evidence for traceability and Actions to reveal the file, copy its path, scan local usage, or open the related risk/ruleSee Linked Evidence · Actions
Plain-language reconciliation view that explains whether local AI tools can be confirmed against cloud declarations, and whether the next step is setup, cloud checking, or review.
Start with Matched and Waiting for Cloud Setup / Cloud Check cards to understand the main reconciliation state
Use the warning banner to open Evidence Checklist when cloud checking is not configured, or run Cloud Check when the connector is ready but declarations are not loaded yet
Select a tool row to compare the Local Side, Cloud Side, Account classification, Cloud Check Status, and recommended next stepSee Local vs Cloud inspector
Copy setup instructions from Evidence Checklist or the inspector when a provider admin key is missing, or run Cloud Check once the connector is configuredSee Inspector Actions
Live consent and data-boundary review: filterable sensitive sources, POL-G02/POL-X14 policy checks, metadata-only counts, scan scope disclosure, and export-ready Consent preview in the inspector.
Read the headline and Consent Review metrics (Needs Attention, Consented, Planned)
Use focus filters for sensitive sources only — data boundaries always stay visible
Review Metadata Stored (metadata only) tiles; open Access, Usage, or Surfaces for drill-down
Expand Scanned folder to confirm the project path and full audit scope
Open Policy Checks tiles (Keychain consent, Verifiable ledger) for POL-G02 and POL-X14
For consent gaps, follow inspector Actions to Coverage; for consented keychain, use Export Preview to copy the JSON or Markdown Consent snippet before GRC handoffSee Inspector Actions · Export Preview
The redesigned screens use inspector panels to keep the main list focused while still exposing decision criteria, evidence, history, and navigation links. Each panel below links back to its tab in section 5. Agents uses the inspector for tool status, recent activity, and configuration drill-down; Findings, Policy, and Review Queue inspectors support review decisions; Surfaces uses the inspector as an evidence map for configuration files, linked usage, related risks, rule matches, and navigation actions; Access explains stored references, cloud grants, grant scopes, and installed tools without storing secret values; Usage explains grouped observed activity, matching configuration state, evidence counts, and next utility actions without turning usage context into a security finding by itself; Correlations explains cross-layer links, match signals, policy threshold status, grouped missing-link rows, and coverage-gap guidance when local or cloud usage is not loaded yet; Coverage explains missing, incomplete, and complete checks by category, plain-language reasons, recommended scan actions, and More actions for follow-up scans; Privacy explains filterable sensitive-source consent (Needs Attention, Consented, Planned), live metadata-only storage counts, scan scope disclosure, policy check tiles with deep links to POL-G02 and POL-X14, separate consent approval vs keychain scan status, Export Preview with JSON/Markdown Consent snippet copy for GRC handoff, and deep links to Coverage, Access, and Policy without duplicating the Keychain gate toggle.
Turns detected AI tools into a readable operational view: status, recent activity, items needing attention, and configuration drill-down.
Tool Details
Identifies the selected agent tool in plain language: name, tool provider, type, status, and a short explanation of what BeProof found.
Where It Applies
Shows the project and source file that define the tool or automation. The full path remains available for traceability, but the main screen keeps the focus on the tool rather than the file.
Recent Activity
Summarizes recent local activity for the selected agent. Active runs indicate recent use; paused or no usage found should be treated as context, not automatic proof that the tool is unused.
Needs Attention
Shows related risks and policy flags when the selected agent needs follow-up. Decisions still happen in Findings, Policy, or Review Queue; Agents is a navigation and inventory view.
Actions
Provides practical next steps: open configuration details, show the source file in Finder, copy the path, or scan local activity when activity data has not been loaded.
Turns newly found queue items into auditable decisions across credentials, MCP servers, local commands, cloud grants, provider accounts, usage context, and coverage gaps.
Review State
Shows the current status, severity, item kind, policy rule, subject identifier, and last-seen timestamp. Use it to confirm that the selected queue item is the one you intend to decide.
Decision Criteria
Explains how to decide the selected item in user language. Credential items explain when to approve an expected reference, when to mark a storage issue fixed, and when a temporary risk acceptance is appropriate. Cloud Grants items compare enumerated grant scopes against approved templates — in managed mode templates come from the org-policy overlay, not the local allowlist. Provider Accounts items explain when personal cloud usage is acceptable versus when org-owned accounts are required in managed mode. Usage Context items use “What This Means” instead because observed local activity is not automatically a security risk.
Recommended Next Step
Summarizes the suggested remediation or validation path, such as confirming storage type, migrating plaintext secrets, adding configuration evidence, restoring an evidence source, or rerunning a scan.
Decision note (optional)
Adds audit-trail context to the decision. Notes are useful when approving an expected credential, documenting a fix, or explaining why a risk is accepted temporarily. The actor is recorded automatically and can be changed from “Change actor”.
Approve as Expected
Records that the item is expected and acceptable for the current audit context. For credential references this means the reference is intentional and stored in an approved place. Other item kinds use equivalent approve labels, such as Approve Server, Approve Command, or Confirm Context.
Mark Fixed / Mark Resolved
Use this after remediation has happened. For credentials, Mark Fixed means the unsafe or unexpected reference has been removed, migrated, or otherwise corrected. For other item kinds the label adapts to the item, such as Mark Context Added or Mark Evidence Restored.
Accept Risk Temporarily
An advanced option for risk-like items only. Use it when the issue is intentionally tolerated for a limited scope, such as “This project only”, and should be reviewed again later. Usage Context items do not show this option because they need context confirmation, not risk acceptance.
Evidence
Shows supporting source paths and evidence references. This section is for validation: confirm the app/path/storage source before approving, fixing, or accepting risk. Raw evidence remains visible for traceability.
History
Lists recorded decisions with action, timestamp, actor, and note. Use it to understand why an item is already approved, accepted, expected, resolved, or rechecked.
Utilities
Provides helper actions when data is available: open the source file, copy a remediation command, or rerun the scan after remediation.
Explains risks and usage-context confirmations, then records dispositions with history and evidence.
Review State
Shows whether the selected finding is open, resolved, accepted, ignored, or context-only. Usage Context items are labeled as context confirmations instead of security risks.
What This Means / Why This Matters
Explains the selected item in user language. Security findings describe the risk and why it matters. Usage Context findings explain that observed local activity is normal by itself, but BeProof needs project or configuration context to explain it.
Recommended Next Step
Gives the action the user should take next, such as fixing configuration, adding missing context, reviewing storage, documenting an accepted risk, or rerunning the audit after remediation.
Review Decision
Records the finding disposition. Risk findings offer Mark Resolved, Accept Risk, and Mark False Positive. Usage Context items offer Mark Reviewed and Mark Not Relevant so users do not have to treat expected local activity as a security exception.
Decision note
Adds audit-trail context to the disposition. Notes are recommended for security-risk decisions. For Usage Context review, notes can be lightweight because bulk-reviewed context items record a default system note.
Affected Surface
Shows the app, file, project, server, command, credential, or usage surface that the finding refers to. Use this before deciding whether a finding is expected, fixed, or not relevant.
Evidence
Shows supporting references and source metadata without exposing raw secrets. Evidence is used to validate why the finding exists and whether the affected surface matches the user's expectation.
Observed Activity
Appears for Usage Context findings. It summarizes observed local activity and shows a small number of examples so users can confirm the project/tool context without reviewing every individual Cursor or Codex activity row.
Decision History
Lists previous dispositions, actor, timestamp, and note. Use it to see when a risk was accepted, resolved, marked false positive, reviewed, or reopened.
Technical Details
Keeps lower-level identifiers, evidence references, and policy linkage available for audit traceability while the main inspector text remains user-friendly.
Explains policy violations and rule outcomes, links them to findings or surfaces, and points to the relevant Policy Pack guidance.
Violation
Appears when a policy violation is selected. It shows the rule ID, category, title, severity, current status, allowlist reference when present, and evaluation time.
Summary
Explains the policy violation and includes the remediation hint when available. Use it to understand what must be fixed, approved, or documented before sign-off.
Evidence
Lists policy evidence references, such as source paths, finding IDs, or supporting records. This connects the policy outcome back to auditable local data.
Linked Finding
Appears when the policy violation is connected to a finding. The Open in Findings action switches to the Findings screen and selects the related item for disposition.
Linked Surface
Appears when the policy violation references a known surface path. The Open in Surfaces action switches to the Surfaces screen and selects the related file or configuration surface.
Rule
Appears when a policy rule rather than a violation is selected. It shows the rule ID, category, title, severity, and evaluated status such as passed or not applicable.
Meaning
Explains the selected rule status. Passed means the rule evaluated successfully for the current dataset; not applicable means the rule does not apply to the current audit mode or evidence set.
What To Check
Shows the rule's remediation or verification guidance and links to the full Policy Pack documentation for deeper control definitions and expected evidence.
Turns discovered agent configuration files into an evidence map: what the file is, where it lives, whether it has matching usage, and which risks, rules, and evidence links reference it.
What This Is
Explains the selected configuration type in user language, such as Codex Automation, instruction file, or MCP/server-related configuration. Generated, vendor, cache, or dependency paths are called out as noisy evidence unless they are intentionally in audit scope.
Where It Was Found
Shows project, file name, full path, last modified time, and position within the filtered project list. Use this to confirm whether the configuration belongs to the expected repository or scan root before following linked findings or rules.
Observed Usage
Summarizes whether local activity was observed for this configuration. Active runs indicate recent usage; paused or no matching usage means the file can still matter for inventory and policy, but should not be treated as active usage without matching events.
Related Risks
Appears when Findings are linked to the selected surface. These are detected issues that may need review or disposition on the Findings screen, not decisions to make directly from Surfaces.
Rule Matches
Appears when Policy rules reference this file. Rule matches are policy checks involving the configuration; use View in Policy or View Rule Match to inspect the rule outcome and decide from the Policy workflow.
Linked Evidence
Groups traceability links into related risks, observed usage events, and credential references. Counts are labeled as risks, events, or refs so large evidence totals do not look like large numbers of problems.
Actions
Provides navigation and utility actions only: reveal the file in Finder, copy the path, scan local usage when usage data is missing, open the first related risk, or jump to the related policy rule match. Approve, accept-risk, and resolve decisions stay on Findings, Policy, or Review Queue.
Explains local/cloud reconciliation and provider account classification without treating missing connector setup as a confirmed mismatch.
What This Means
Explains the selected reconciliation row in user language: status, provider, whether the cloud side has been checked, and why the row needs setup, confirmation, or review.
Local Side
Shows the local configuration file and tool type that BeProof found on this Mac. The path remains available for traceability, but the row title focuses on the tool or automation name.
Cloud Side
Shows the matching cloud declaration when one is loaded. If cloud checking is not configured, the section says so directly instead of implying that the tool is definitely local-only.
Account
Shows provider account classification for cloud connector surfaces: Personal, Organization, or Unknown. This comes from ProviderAccountAttributor during cloud declaration enumeration. In managed mode, personal or unknown accounts can trigger POL-X05 and appear in Review Queue under Provider Accounts.
Cloud Check Status
Shows whether the provider connector is configured, missing admin credentials, partially available, or ready to run. Technical environment variable names are kept as setup details rather than the main message.
Recommended Next Step
Tells the user whether to copy setup instructions, run Cloud Check, review cloud access, or open the local configuration. This keeps setup gaps separate from actual reconciliation mismatches.
Actions
Provides state-aware actions. When cloud checking is not configured, the primary action copies setup instructions; when it is ready, the primary action runs the cloud check. Local file actions remain secondary.
Turns access references into a readable review flow: what kind of access was found, where it lives, whether it needs admin review, and which surfaces or usage rows link back to it — metadata only.
What This Means
Explains the selected access row in plain language: status, provider or provider status, and whether the item is a stored reference, cloud grant, access scope, or installed tool. Statuses such as Needs review are review prompts, not automatic security findings.
Stored Reference
Appears for credential references. Shows the reference name, where it is stored, secret type, source path, and last seen time. BeProof stores metadata only — it does not read or store secret values.
Cloud Access
Appears for cloud grants. Shows the subject, grant type, scope summary, optional resource scope, and when the grant was discovered. Use this to confirm whether provider access matches expected accounts and permissions.
Scope Details
Appears when a cloud grant has multiple scopes. Lists the full scope set so you can compare granted permissions with approved templates without opening the provider console first.
Access Scope
Appears for individual grant scopes. Shows subject, scope, trust boundary, approval mode, and resource. Use these rows to compare one permission edge against approved scope patterns.
Installed Tool
Appears for packages that look related to AI tooling. Shows package name, ecosystem (Homebrew, npm/pnpm global, VS Code/Cursor/Windsurf extension), signal, version, and install path so you can confirm whether the tool is expected on this Mac.
Linked Evidence
Appears for stored references. Links to related Surfaces and Usage rows so you can see where the reference is configured and whether observed activity references it. Empty states mean no linked evidence was found yet.
Recommended Next Step
Tells the user what to confirm next: whether a stored reference is expected, whether admin-gated cloud access should be reviewed, whether a scope matches approved templates, or whether an installed package belongs in the approved toolset.
Actions
Provides traceability actions only: copy reference or grant IDs, reveal source or install paths in Finder, or copy scope text. Review and approval decisions stay on Findings, Policy, or Review Queue.
Turns grouped observed usage into an explanation: what ran, whether it matched configuration, why context may be missing, and which utility action to run next.
Human Summary
Starts with a plain-language sentence such as “Cursor was observed in BeProof, but BeProof could not match this evidence to a configuration file.” Use this first line to understand the selected row before reading details.
Usage State
Shows the selected row's status, provider, and project. Statuses such as Observed Sessions, Needs Context, Not Matched, and No Recent Use are context states, not automatic security risks.
Evidence Details
Summarizes the source, match confidence, last seen time, and evidence record count. Repeated raw records are grouped so users can review the meaning without reading every session or process observation.
Matching Configuration
Shows whether BeProof matched the observed usage to a known configuration file. When no match exists, the inspector explains why the source may not include enough file or project metadata.
Privacy
Clarifies that usage rows are metadata-only context. BeProof stores evidence records and match metadata, not conversation content, prompts, raw secrets, or AI responses.
Actions
Provides state-aware utility actions such as Rescan Local Usage, Fetch Cloud Usage, or Correlate Usage. Review decisions still happen in Findings or Review Queue.
Explains cross-layer usage review in two modes: a coverage-gap guide when local or cloud data is missing, and a grouped link review flow once both sides are loaded — what was linked, why confidence qualifies or falls below threshold, and which sessions still lack a match.
Coverage Gap State
When local or cloud usage is missing, the inspector explains the blocker instead of showing link details. Fetch Cloud Usage or Scan Local Usage is the primary next step until both sides are loaded.
What This Means
For a selected grouped row, starts with a plain-language summary of the cross-layer link or missing link. Statuses such as Below threshold, No cloud link, and Waiting for cloud data are review prompts for POL-O04, not automatic security findings.
Local Sessions
Shows grouped on-Mac usage for the selected row: session count, source, last seen time, and recent sessions. For a single link, this section focuses on the matched local event.
Cloud Activity
Shows grouped cloud usage for the selected row: session count, source, last seen time, and recent events. For a single link, this section focuses on the matched cloud event.
Match Signals
Appears for cross-layer links. Explains which signals contributed to the link: time window, agent match, provider match, and project match. Use this to understand why confidence is high or below the policy threshold.
Policy Threshold
Appears for cross-layer links. Shows confidence, the configured minimum from correlationMinConfidence, and whether the link qualifies for POL-O04 / POL-X08 sign-off.
Actions
Provides state-aware utility actions. When cloud usage is missing, Fetch Cloud Usage is primary; when local usage is missing, Scan Local Usage is primary; once both sides are loaded, Recompute Correlations becomes the main action. Review decisions still happen in Findings, Policy, or Review Queue.
Turns audit completeness into a checklist review flow: what BeProof looked for, whether data is missing or incomplete, which category the check belongs to, a concrete Tap Run Scan style next step, and optional technical details for exports.
What This Means
Explains whether the selected check is complete, incomplete, or missing data. Complete checks can still note that the overall audit is not finished yet.
Check Details
Shows what BeProof looked for, which category it belongs to, whether it was checked, and the result using plain labels such as Complete, Incomplete, and Missing.
Supporting Files
Appears when BeProof found files or IDs that support the check. Labels are human-readable; the full path or ID stays available for copy and export.
Recommended Fix
Gives one concrete next step, usually starting with Tap Run Scan or another primary action, instead of generic audit jargon.
Show technical details
Optional expander with the underlying coverage area and raw reason text for exports, support, and CLI troubleshooting.
Actions
Shows one primary button for missing or incomplete checks. Complete checks offer Copy Reference. Additional scans live under More actions so users are not overwhelmed by similar buttons.
Turns consent posture and data boundaries into a GRC-ready review flow: filterable sensitive sources, live metadata-only counts, policy check deep links, separate consent approval vs keychain scan status, and an Export Preview that matches the audit report Consent section.
What This Means
Plain-language summary of consent posture for the selected row. For consented sources, approver and dates live in Consent Details — not repeated here. For gaps, explains missing ledger, expired consent, or planned future sources.
Consent Details
For sensitive sources: approver, approval time, expiry, and keychain scan status (included in last run, collected in a prior run, queued for next run, or not included). Consent approval and scan execution are separate — a consented source can still show a queued next scan.
Boundary Details
For data-boundary rows: local SQLite evidence store path and scan folder label, or credential ref count with a reminder that only fingerprints and locators are stored — never secret values.
Show technical details
Optional expander with consent mode, retention class, source category raw value, POL-G02 rule id, and ledger file path for exports and support.
Export Preview
Shows the Consent block exactly as it appears in JSON and Markdown audit exports. Includes format toggle, expandable snippet, Copy Export Snippet, alternate-format copy, and Copy Ledger Path. Sits above Actions and auto-expands for consented keychain rows. Copy actions live here only.
Actions
Primary action for consent gaps is Open Coverage (Keychain gate). Consented rows use Export Preview for copy actions. More actions can open Access, Policy, or copy the evidence store path without duplicating the Keychain grant toggle from Coverage.
7) Policy statuses
Status
Meaning
violated (active)
Requires action: remediation, policy decision, or documented exception.
approved
Remains visible but is approved via allowlist with an allowlistRef.
exception
Suppressed by an active time-bounded exception; expiresAt controls reopening.
passed
Rule evaluated and no violation found.
notApplicable
Rule does not apply to the current dataset.
8) Policy Pack v1.2.2 rules (macOS)
Baseline 20 rules: ✅ auto-evaluable today · 🟡 partial · 🔴 requires product work. G03/O03 evaluate when org tokens are configured; otherwise N/A or explicit coverage gaps apply.
In the macOS app these rules appear as AI Governance Rules: the top cards filter and scroll to matching outcomes, rule pills open the related rule group, and the inspector explains the selected violation or rule.
For the complete rule catalog, signals, outcome meanings, and version notes, see Policy Pack v1.2.2.
POL-X12: Append-only hash-chain journal with `verify-journal`; journal payloads encrypted at rest (AES-256-GCM, Keychain-bound key). Inventory tables are metadata-only but not encrypted in the current release.
POL-X13 (Partial): Public release pipeline (shipped) — Signed/notarized macOS DMG + Apple Silicon CLI on public releases; published checksum (.sha256), SPDX SBOM, and provenance JSON; CI `beproof verify-install` gate before upload; Sparkle appcast metadata (Ed25519-signed, disabled when org overlay present). Enterprise release controls (partial) — Fleet-wide verify-install attestation in control plane, tenant-private or air-gapped artifact mirror, org-enforced minimum release version policy, and automated MDM promotion workflow — manual MDM runbooks today.
10) Allowlist and exceptions
Default allowlist path: .beproof/policy-allowlist.json. Approved exceptions are marked as approved and remain visible in UI/exports with allowlistRef.
mcpServers approves MCP findings and clears first-seen baseline pending state (POL-X09). correlationMinConfidence controls POL-O04 / POL-X08. approvedGrantScopes defines scope templates for POL-X04 in personal mode when present. In managed mode, templates come only from the org-policy overlay — the allowlist field is ignored. See section 4b.
11) Local sidecar files
BeProof stores audit state beside the SQLite database under .beproof/.
Path
Purpose
.beproof/beproof.db
SQLite inventory, findings, usage events, runtime signals, grants, grant edges, install records, audit runs (Journal payloads are encrypted; inventory tables are metadata-only but not encrypted in the current release.)
.beproof/policy-allowlist.json
MCP allowlist, scan roots, correlation threshold, grant scope templates
.beproof/org-policy-overlay.json
Managed-mode org policy requirements and approved connector/scope templates
.beproof/consent-records.json
Consent ledger for keychain and future sensitive sources
Local auditor trust:verify-export --artifact <path> plus verify-journal — full hash chain and journal payload encryption status on the scanning endpoint.
Release trust:verify-install --app /Applications/BeProofApp.app with optional --artifact and --provenance for DMG and SBOM checks.
verify-export-manifest does not check journal linkage. verify-export requires journal fields in the manifest and a local database with matching chain head. Use the command that matches your trust boundary.
14) Required environment variables
Variable
Purpose
OPENAI_ADMIN_KEY
OpenAI org Admin API (cloud usage, grants, and organization account classification)
ANTHROPIC_ADMIN_KEY / ANTHROPIC_API_KEY
Anthropic declaration readiness and account classification probes
CURSOR_API_KEY
Cursor Enterprise Admin API (daily team usage and org account classification)
GH_TOKEN
GitHub token for cloud grants enumeration and personal-account attribution
15) Troubleshooting
Coverage gap `codex_usage`: rerun Scan Local Usage; if Codex is still holding SQLite state files, close Codex and retry.
Many `POL-D03` issues: review scan scope and approved roots, or use the hide artifact paths filter to keep focus. (POL-D03)
Many `POL-G04` issues: these are duplicate credential refs; assess expected duplicates (env + keychain + vendor artifacts) and document the decision. (POL-G04)
POL-X09 first-seen MCP servers: run analyze-mcp, inspect list-mcp-baseline, then add reviewed server IDs to mcpServers in the allowlist.
Keychain consent / POL-G02: grant consent in the app Keychain gate or pass --include-keychain --consent-approved-by <name> on CLI before expecting keychain refs in policy evaluation.
Export integrity: after export-report, use verify-export-manifest --artifact <path> for offline/GRC checks, or verify-export --artifact <path> plus verify-journal on the scanning endpoint for full local chain trust (see section 13).
Observed Usage shows many Not Matched rows: select Not Matched, read the inspector's matching-configuration explanation, then verify Surfaces/Agents coverage and rerun local usage scans if configuration files were missing from the scan.
No usage data: run scan-local-usage, then optionally fetch-cloud-usage and correlate-usage.