Skip to content

Releases: PennockTech/aifr

v0.3.0

27 Mar 07:48
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.3.0
This tag was signed with the committer’s verified signature.
philpennock Phil Pennock
GPG key ID: 2E7665110F8A56FF
Verified
Learn about vigilant mode.
42dc2dd

Choose a tag to compare

View all tags
v0.3.0 Latest
Latest

Introducing aifr

This is the first public release which I'm willing to admit to. It's still major number 0 and is still shiny new, but it works, and is helping me already.

My AI workflow is to use either a local claude code running as a separate Unix usercode, without access to my credentials or to sudo; or to use a remote CC running in a disposable sandbox maintained by someone else. The remote/hosted version works great, when it works. The local one ... prompts a lot. I refuse to run with the dangerous mode, and when Claude sees bash invocations with pipelines and sub-shells, it tends to prompt for a safety check with a human, and I don't allow-list those things.

So I worked on aifr, AI File Reader, which shifts left a lot of the common-to-AI pipeline tasks into the command which does the reading, replacing the need for bash-around-pipelines and allowing many many more operations to complete without prompting. It hurts my wizened Unix greybeard heart to go against "one tool doing one job well", but here it's a pragmatic choice which is paying off for me.

aifr comes with a Skill to help the AI use it, and can be run as a CLI tool or in MCP mode. It has no write operations, no network access, it tries to filter out reading credentials, so it should generally be safe to just blanket allow-list with wildcards. My ~/.claude/settings.json has an entry in .permissions.allow[] for "mcp__aifr__*".

aifr can read chunks of files, with support for head across multiple files and clear AI-friendly delimiters between each. It can read git history and read files from git on various branches, without affecting the working tree. It can look for commands in paths, it can hexdump, it can checksum, it can do getent lookups (so no more pipelines of cut -d : -f 1 from /etc/passwd), it can do things like wc -l and show just the last line summary. All those things you roll your eyes at, if it's a read operation, aifr tries to provide a clean simple interface to it.

If you have a read-only operation which your AI agent keeps trying to do in an overly baroque way and so triggers safety checks, it might be a candidate for aifr.

Please let me know how you get on.

Verification

All artifacts are checksummed and the checksums file is signed with
cosign keyless signing (GitHub OIDC).

# Download the release assets, then verify:
cosign verify-blob \
  --bundle checksums.txt.bundle \
  --certificate-identity-regexp 'https://github\.com/PennockTech/aifr/' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  checksums.txt

sha256sum --ignore-missing -c checksums.txt
Assets 10
Loading