Guide to get licit up and running in your project in 5 minutes.
1. Install
pip install licit-ai-cliRequires Python 3.12+. If you have multiple versions:
python3.12 -m pip install licit-ai-cli
Verify:
licit --version
# licit, version 0.1.02. Initialize
Navigate to your project directory and run:
cd my-project/
licit initThis will:
- Automatically detect languages, frameworks, CI/CD, AI agents, and security tools.
- Generate
.licit.yamlwith the adapted configuration. - Create the
.licit/directory for internal data.
Initialized licit in my-project
Languages: python
Frameworks: fastapi
Agent configs: CLAUDE.md
CI/CD: github-actions
Config saved to .licit.yamlIf you only need a specific regulatory framework:
licit init --framework eu-ai-act # EU AI Act only
licit init --framework owasp # OWASP Agentic Top 10 only3. View Status
licit statusDisplays a summary of:
- Detected project (name, languages, frameworks, git)
- Loaded configuration
- Enabled frameworks
- Available data sources
- Active connectors
- Detected AI agent configurations
4. Connect Data Sources (optional)
If you use Architect or Vigil:
licit connect architect # Reads reports and audit logs from Architect
licit connect vigil # Reads SARIF findings from VigilTo disconnect:
licit connect architect --disable5. Version the Configuration
git add .licit.yaml
git commit -m "chore: initialize licit compliance tracking"Add sensitive data to .gitignore:
.licit/provenance.jsonl
.licit/fria-data.json
.licit/signing-keyWhat’s Next?
Once future phases of licit are completed, you will be able to:
# Track code provenance (AI vs human)
licit trace --stats
# Generate changelog of agent configs
licit changelog
# Complete impact assessment (FRIA)
licit fria
# Generate Annex IV technical documentation
licit annex-iv --organization "My Company" --product "My App"
# View compliance report
licit report
# Identify gaps
licit gaps
# CI/CD gate (exit code 0 = pass)
licit verifyGenerated Structure
After licit init, your project will have:
my-project/
├── .licit.yaml # Configuration (version this)
├── .licit/ # Internal data
│ ├── provenance.jsonl # Traceability (DO NOT version)
│ ├── changelog.md # Config changelog
│ ├── fria-data.json # FRIA data (DO NOT version)
│ ├── fria-report.md # FRIA report
│ ├── annex-iv.md # Annex IV documentation
│ └── reports/ # Generated reports
└── ... your code ...Quick Command Reference
| Command | What it does |
|---|---|
licit init | Initializes licit in the project |
licit status | Shows status and connected sources |
licit connect <name> | Enables/disables a connector |
licit trace | Tracks code provenance |
licit changelog | Generates changelog of agent configs |
licit fria | Fundamental rights impact assessment |
licit annex-iv | EU AI Act technical documentation |
licit report | Unified compliance report |
licit gaps | Identifies compliance gaps |
licit verify | CI/CD gate (exit 0/1/2) |
Global options: --version, --config PATH, --verbose, --help
For more detail, see the full documentation.