Oversight: Local and remote script auditing + AUR audits

Rakosn1cek · Yesterday 07:51:32

Hi everyone,

With the recent focus on orphaned AUR packages and malicious script injections, I wanted a deterministic, interactive way to audit incoming code streams before executing them. I built Oversight, a terminal pager written in pure Rust using Ratatui and Crossterm.
Oversight is not a reactionary tool built overnight to jump on the security hype, nor does it rely on hidden blacklists or try to make automated blocking decisions for you. It originally launched as a general-purpose terminal viewer to review local files and raw web scripts, which has now been extended to handle AUR package updates

It acts as an interactive terminal viewer. It intercepts incoming command or batch update streams (like piping yay -Sua directly into it), parses git diff headers on the fly, and segments the incoming data into package-isolated tabs. You can view the PKGBUILD, install scripts, and patches side-by-side. It flags potential anomalies using standard static heuristics (like build-time npm or bun executions), but the final installation verdict is entirely up to the user.

Features:

Interactive, multi-tab layout for streamed or piped content.
ANSI escape parameter and control character sanitisation to prevent layout bleeding.
Decoupled input loops to scroll heavy text buffers independently of selection lists.
Distro-agnostic design focused on raw script and diff tracking.

The project is fully open-source. Feedback or any ideas for signature additions to the heuristics engine is welcomed.

GitHub Project Page: https://github.com/Rakosn1cek/oversight
AUR Package: oversight-git

Note: Used an LLM to help format the wording for this project summary and speed up the writing of the Rust code.

Arch Linux

#1 Yesterday 07:51:32

Oversight: Local and remote script auditing + AUR audits

Board footer