Installation

pip install licit-ai-cli

Or from source:

git clone https://github.com/Diego303/licit-cli.git
cd licit-cli
pip install -e ".[dev]"

Invocation

# As an installed command
licit [options] <command> [arguments]

# As a Python module
python -m licit [options] <command> [arguments]

Global Options

OptionDescription
--versionShows the licit version
--config PATHPath to a specific .licit.yaml file
-v, --verboseEnables detailed logging (DEBUG level)
--helpShows help
licit --version
# licit, version 0.1.0

licit --verbose status
# Shows debug logs during execution

Commands

licit init

Initializes licit in the current project. Automatically detects project characteristics and generates the configuration.

licit init [--framework {eu-ai-act|owasp|all}]

Options:

OptionDefaultDescription
--frameworkallRegulatory framework to enable

What it does:

  1. Runs ProjectDetector to detect languages, frameworks, CI/CD, AI agents, etc.
  2. Generates .licit.yaml with configuration adapted to the project.
  3. Creates the .licit/ directory for internal data.
  4. If architect or vigil is detected, automatically enables their connectors.

Example:

$ cd my-fastapi-project/
$ licit init

Initialized licit in my-fastapi-project
  Languages: python
  Frameworks: fastapi
  Agent configs: CLAUDE.md
  CI/CD: github-actions
  Config saved to .licit.yaml

Example with specific framework:

$ licit init --framework eu-ai-act
# Only enables EU AI Act, disables OWASP

licit status

Shows the current status of licit and connected data sources.

licit status

What it shows:

Example:

$ licit status

Project: my-fastapi-project
  Root: /home/user/my-fastapi-project
  Languages: python
  Frameworks: fastapi
  Git: 142 commits, 3 contributors

Config: .licit.yaml (loaded)

Frameworks:
  EU AI Act: enabled
  OWASP Agentic: enabled

Data sources:
  Provenance: not collected
  FRIA: not found
  Annex IV: not found
  Changelog: not found

Connectors:
  architect: disabled
  vigil: disabled

Agent configs:
  CLAUDE.md (claude-code)
  .cursorrules (cursor)

licit connect

Configures optional connectors to integrate external data sources.

licit connect {architect|vigil} [--enable|--disable]

Arguments:

ArgumentDescription
architectConnector for Architect (reports and audit logs)
vigilConnector for Vigil (SARIF security findings)

Options:

OptionDefaultDescription
--enable(default)Enables the connector
--disableDisables the connector

Example:

$ licit connect architect
# Enables the architect connector

$ licit connect vigil --enable
# Enables the vigil connector

$ licit connect architect --disable
# Disables the architect connector

licit trace

Tracks code provenance — identifies what was written by AI and what by humans.

Status: Registered in CLI. Functional starting from Phase 2.

licit trace [--since DATE|TAG] [--report] [--stats]

Options:

OptionDescription
--sinceAnalyzes commits since a date (YYYY-MM-DD) or git tag
--reportGenerates a provenance report file
--statsShows statistics in the terminal

Future example:

$ licit trace --since 2026-01-01 --stats

Provenance Analysis (since 2026-01-01):
  Total files analyzed: 87
  AI-authored: 34 (39.1%)
  Human-authored: 41 (47.1%)
  Mixed: 12 (13.8%)
  Confidence: 0.82 avg

licit changelog

Generates a changelog of changes in AI agent configurations.

Status: Registered in CLI. Functional starting from Phase 3.

licit changelog [--since DATE|TAG] [--format {markdown|json}]

Options:

OptionDefaultDescription
--since(all)Changes since date or tag
--formatmarkdownOutput format

Monitored files:

licit fria

Completes the Fundamental Rights Impact Assessment (EU AI Act Article 27).

Status: Registered in CLI. Functional starting from Phase 4.

licit fria [--update]

Options:

OptionDescription
--updateUpdates an existing FRIA instead of creating a new one

Generated files:

licit annex-iv

Generates the Annex IV Technical Documentation (EU AI Act).

Status: Registered in CLI. Functional starting from Phase 4.

licit annex-iv [--organization NAME] [--product NAME]

Options:

OptionDescription
--organizationOrganization name
--productProduct name

Generated file:

licit report

Generates a unified compliance report.

Status: Registered in CLI. Functional starting from Phase 6.

licit report [--framework {eu-ai-act|owasp|all}] [--format {markdown|json|html}] [--output PATH]

Options:

OptionDefaultDescription
--frameworkallFramework to evaluate
--formatmarkdownOutput format
-o, --output.licit/reports/compliance-report.{ext}Output file path

licit gaps

Identifies compliance gaps with actionable recommendations.

Status: Registered in CLI. Functional starting from Phase 6.

licit gaps [--framework {eu-ai-act|owasp|all}]

Options:

OptionDefaultDescription
--frameworkallFramework to analyze

Future example:

$ licit gaps --framework eu-ai-act

EU AI Act Compliance Gaps:

[HIGH] ART-9-1: Risk Management System
  Gap: No FRIA document found
  Action: Run 'licit fria' to complete the assessment
  Effort: medium

[MEDIUM] ART-13-1: Transparency
  Gap: No provenance tracking configured
  Action: Run 'licit trace' to analyze code provenance
  Effort: low

licit verify

Verifies compliance and returns an exit code for CI/CD.

Status: Registered in CLI. Functional starting from Phase 6.

licit verify [--framework {eu-ai-act|owasp|all}]

Exit codes:

CodeMeaning
0COMPLIANT — All critical requirements met
1NON_COMPLIANT — Some critical requirement not met
2PARTIAL — Some requirement partially met

Usage in CI/CD (GitHub Actions):

- name: Compliance check
  run: licit verify
  # The pipeline fails if exit code != 0

Command Summary Table

CommandPhaseStatusShort Description
init1FunctionalInitializes licit in the project
status1FunctionalShows status and connected sources
connect1FunctionalConfigures connectors
trace2SkeletonProvenance traceability
changelog3SkeletonAgent config changelog
fria4SkeletonFRIA (EU AI Act Art. 27)
annex-iv4SkeletonAnnex IV technical documentation
report6SkeletonUnified compliance report
gaps6SkeletonCompliance gaps
verify6SkeletonCI/CD gate