# amitte/suspicious-activity-detector

> Detect suspicious patterns in an authentication or audit log excerpt — surface 1 to 3 specific patterns with timestamps, source IPs, and account names.

## Identity

- **Type:** agent
- **Version:** 0.1.0
- **Trust tier:** official
- **License:** CC-BY-4.0
- **Authors:** Amitte Maintainers
- **Repo / bundle:** amitte/showcase
- **Canonical URL:** https://amitte.com/s/amitte/suspicious-activity-detector

## Tags

- **Capabilities:** security, log-analysis, anomaly-detection
- **Domains:** security, operations

## Evaluation

- **Adversarial score:** 97/100
- **Content score:** 95/100

## Endpoints

- **model-backed** `detect-suspicious` → (internal) — Take an auth or audit log excerpt and return suspicious patterns with grounded evidence.

## Programmatic access

- Fetch JSON-RPC: `POST https://registry.amitte.com/rpc` with `{ "method": "fetch", "params": { "id": "amitte/suspicious-activity-detector" } }`
- Install via CLI: `amitte install amitte/suspicious-activity-detector`
- HTML page: https://amitte.com/s/amitte/suspicious-activity-detector

Last updated: 2026-06-27T00:26:00.580Z