Do You Know What Commands Your AI Agent Ran?
You open Claude Code, type a prompt — "refactor the auth module to use JWT" — and walk away to grab coffee. When you come back, the task is done. New files, updated tests, a clean diff. You review the code changes, run the tests, push to main. Job well done.
But here's a question: do you know what shell commands Claude ran to get there?
If you're like most developers, the answer is no. And that should bother you.
The Invisible Execution Problem
AI coding assistants like Claude Code, Cursor, and Codex don't just write code. They execute code. They run shell commands in your terminal: installing packages, running tests, reading files, modifying configs, executing scripts. A single prompt can trigger dozens of commands.
The problem is visibility. Most developers interact with AI agents through a chat-style interface. The conversation scrolls, commands fly by, and by the end of a session you might have 200+ messages in the sidebar. Scrolling through all of that to audit what actually happened? Nobody does that. Even when people try, it's easy to miss the npm install sketchy-package buried between forty cat and grep calls.
This isn't hypothetical. Here's what a typical Claude Code session looks like from the shell's perspective:
$ suv search --executor agent --after today # │ Command │ Dir │ Exit │ Executor ───┼────────────────────────────────────────────┼────────────────┼──────┼───────────── 1 │ cat src/auth/middleware.ts │ ~/project │ 0 │ claude-code 2 │ grep -r "jsonwebtoken" node_modules/.pack.. │ ~/project │ 1 │ claude-code 3 │ npm install jsonwebtoken @types/jsonwebto.. │ ~/project │ 0 │ claude-code 4 │ cat package.json │ ~/project │ 0 │ claude-code 5 │ npm test │ ~/project │ 1 │ claude-code 6 │ cat src/auth/__tests__/jwt.test.ts │ ~/project │ 0 │ claude-code 7 │ npm test -- --testPathPattern=jwt │ ~/project │ 0 │ claude-code 8 │ git diff --stat │ ~/project │ 0 │ claude-code ... 23 │ chmod +x scripts/migrate-tokens.sh │ ~/project │ 0 │ claude-code 24 │ ./scripts/migrate-tokens.sh │ ~/project │ 0 │ claude-code
Twenty-four commands. Package installations, script executions, permission changes. All of this happened in your terminal, under your user account, with your credentials and SSH keys available. Did you review each one? Did you even know command #23 made a script executable and #24 ran it?
Why This Matters More Than You Think
The trust model of AI coding assistants is fundamentally different from traditional tools. When you run VS Code, it doesn't execute arbitrary shell commands on its own. When you use GitHub Copilot, it suggests code but doesn't install packages. But agents like Claude Code and Cursor's terminal mode are designed to execute commands autonomously. That's their value proposition — and their risk profile.
Security
Every command an AI agent runs has the same permissions you do. It can read your .env files, access your SSH keys, modify your git config, install packages, and run scripts. Supply chain attacks through AI-suggested dependencies are a real and growing concern. If you're not tracking what gets installed and executed, you're flying blind.
Debugging
"It worked when Claude did it, but now it's broken." Sound familiar? Without a record of what commands ran, in what order, and what their exit codes were, reproducing AI-assisted workflows is guesswork. Was it the package version? The script that ran? A config file that got modified? You need the execution history to answer these questions.
Learning
AI agents are genuinely good at solving problems. But if you never review how they solved them, you're outsourcing your understanding. The commands an agent runs are a compressed tutorial on problem-solving methodology. Reviewing them makes you a better engineer.
How Suvadu Solves This
Suvadu was built with this exact problem in mind. Every command that runs in your shell gets captured with full metadata — including who executed it. This is what we call executor tracking.
Automatic Executor Detection
When Suvadu's shell hook fires, it inspects the environment to determine the executor. The detection cascade checks 20+ environment variables and process attributes:
- AI Agents: Claude Code (
$CLAUDE_CODE), Codex CLI ($CODEX_CLI), Aider ($AIDER), Continue ($CONTINUE_GLOBAL_DIR) - IDEs: Cursor (
$CURSOR_INJECTION), VS Code ($VSCODE_INJECTION), Antigravity ($ANTIGRAVITY_AGENT), Windsurf, IntelliJ, PyCharm - CI/CD: GitHub Actions (
$GITHUB_ACTIONS), GitLab CI, CircleCI, Jenkins - Human: TTY check (
[[ -t 0 ]]) confirms interactive terminal session
This happens automatically on every command. No manual tagging, no configuration, no opt-in. If a command runs in your shell, Suvadu knows what executed it.
Claude Code Integration
Suvadu has native Claude Code integration via the PostToolUse hook system. Setting it up takes one command:
$ suv init claude-code ✓ PostToolUse hook installed ✓ ~/.claude/settings.json updated Restart Claude Code to activate.
Once active, every Bash tool call that Claude Code makes is intercepted by the hook, ensuring the command gets recorded with executor_type=agent and executor=claude-code. This works even for background commands and piped operations that might otherwise escape normal shell hook capture.
Cursor Integration
Cursor's terminal sets specific environment variables ($CURSOR_INJECTION, $CURSOR_TRACE_ID) that Suvadu detects automatically. If you already have shell hooks set up, commands from Cursor's terminal are tracked with zero additional configuration:
$ suv init cursor ✓ Shell hooks detected in ~/.zshrc ✓ Cursor environment variables detected Cursor commands will be tracked automatically.
Antigravity Integration
Antigravity sets the $ANTIGRAVITY_AGENT environment variable in its terminal sessions, which Suvadu detects automatically:
$ suv init antigravity ✓ Shell hooks detected in ~/.zshrc ✓ Antigravity environment variables detected Antigravity commands will be tracked automatically.
Searching by Executor
The real power is in querying. Suvadu's search TUI and CLI both support executor filtering:
# All commands run by AI agents today $ suv search --executor agent --after today # Only Claude Code commands in the current directory $ suv search --executor claude-code --here # Failed commands from any AI agent this week $ suv search --executor agent --exit-code 1 --after "7 days ago" # Everything that's NOT from a human $ suv search --executor-type agent,ide,bot,ci
In the interactive TUI, press Ctrl+F to open the filter panel and select executor types. You can combine executor filters with date ranges, exit codes, directories, and tags. Want to see all failed AI commands in your payments service this week? That's a 5-second query.
Stats by Executor
suv stats breaks down your command history by executor, giving you a clear picture of your human-to-AI command ratio:
Executor Breakdown (last 30 days) ───────────────────────────────── human │████████████████████████ 2,847 (62%) claude-code │█████████████ 1,203 (26%) cursor │████ 389 ( 8%) vscode │█ 142 ( 3%) ci │ 38 ( 1%)
These numbers tell a story. If 26% of your commands are coming from Claude Code, that's a significant portion of your workflow running without direct oversight. Having that visibility is the first step toward a more intentional relationship with your AI tools.
A Practical Workflow
Here's how developer teams use Suvadu for AI agent oversight:
- Run the AI session. Let Claude Code, Cursor, or whatever agent you prefer do its work. Don't interrupt the flow.
- Review the execution log. After the session, run
suv search --executor agent --after todayorsuv replay --executor agent. Scan for unexpected package installs, script executions, permission changes, or network calls. - Spot-check failures. Filter by
--exit-code 1to see what the agent tried and failed at. These failed attempts often reveal the agent's problem-solving path and sometimes expose issues it papered over. - Bookmark important commands. Found a clever solution the agent used?
suv bookmark add <id>so you can recall it later without scrolling through chat history. - Add notes for context.
suv note <id> -c "Agent installed this for JWT migration"turns raw commands into documented decisions.
This takes 2-3 minutes per session. The alternative — scrolling through hundreds of chat messages in a sidebar, trying to spot the shell commands buried among explanations — takes longer and catches less.
The Bigger Picture
We're in a transition period. AI coding assistants are powerful and genuinely useful, but the tooling around them hasn't caught up. Most developers have better observability into their production servers than into the commands AI runs on their development machines.
Think about it: you have detailed logs for every HTTP request to your API, every database query, every deployment. But the commands running on your laptop — where the code is written, where credentials live, where git pushes originate — are ephemeral. They scroll by and disappear.
Shell history is the observability layer for your development environment. And in an age where a significant percentage of those commands come from AI agents, executor attribution isn't a nice-to-have. It's a fundamental requirement for maintaining control over your own machine.
Trust your AI tools. But verify what they did. Your shell history should make that effortless.
Install Suvadu, run suv init claude-code, and start building a complete record of every command that runs in your terminal — human or otherwise.
Total recall for your terminal. Database-backed shell history with AI agent tracking, built in Rust.
Install now →Madhubalan Appachi
Building developer tools at Appachi Tech. Creator of Suvadu and Kaval.