aiming-lab/AutoHarness — reverse-engineered prompt

Build me a small Python tool called AutoHarness that makes AI coding agents feel safe and reliable without being hard to add. I want to be able to wrap an existing LLM client in basically two lines, then get guardrails around tool calls, context limits, permissions, and logging automatically. It should check risky actions before they run, catch things like secret leaks, bad file paths, prompt injection style tricks, and unsafe shell commands, then explain what happened and write an audit trail.

Please include a simple agent loop too, plus a CLI that can initialize a project, switch between lightweight and stricter governance modes, validate a YAML constitution file, inspect tool calls, and show audit summaries. I also want session persistence, token and cost tracking, and support for different profiles for different agents or roles.

Keep it lightweight and vendor neutral, with strong defaults out of the box. Good examples, tests, and docs matter here. If you need details, look up current docs online and fill in sensible gaps.