Prescient

A CLI-first intelligent system guardian that predicts update breakages, protects dependencies, and recovers Linux environments.

Repository
Team Members
Gurvansh Singh Kalra
Gurvansh Singh Kalra
gurvansh_singh_kalra
Description

Prescient: The Kernel-Aware Active Interceptor

Predict. Protect. Recover.

The Problem: The "Update Anxiety" of Linux Maintenance

Linux stability is often a game of Russian Roulette. When a user runs sudo apt upgrade, they are blind to the "blast radius" of the transaction. A routine update can silently mismatch an NVIDIA driver with a new kernel version or break a DKMS module because of a Secure Boot (MOK) state change. Currently, package managers focus on dependency resolution, not system stability. They check if a package exists, but they don't check if it will actually boot.

The Solution: Active Interception & Intelligence

Prescient Linux is a proactive system guardian that transforms the package manager into an intelligent auditor. It hooks directly into the native lifecycle of apt (and soon pacman), intercepting the transaction at the "point of no return" before any changes are committed to the disk. Prescient performs a deterministic pre-flight audit, cross-referencing incoming kernel headers against local hardware security states, partition health, and critical system tripwires.

Core Innovations:

  • The Vanguard Engine: A high-performance, RAM-cached auditor that utilizes optimistic batching for O(1) package scanning. It evaluates massive 100+ package transactions in under 200ms, pulling the emergency brake if it detects /boot saturation, unsigned DKMS module conflicts, or driver mismatches.

  • Universal Transaction Interceptor: Unlike a standalone script, Prescient is a "Guardrail by Default." Using native DPkg::Pre-Install-Pkgs hooks, it wakes up automatically every time you update, ensuring safety checks are never skipped.

  • Atomic Local Rollbacks (undo): Prescient integrates directly with timeshift and BTRFS (snapper) to take targeted, risk-based system snapshots only when critical infrastructure is threatened. If an update breaks the graphical interface, users can drop into a TTY terminal and instantly restore their system to the exact pre-update state.

  • Transparent Auto-Healing (diagnose & heal): Prescient features a post-crash logic engine that parses journalctl to translate cryptic kernel panics and deadlocks into human-readable terminal commands. The Auto-Healer then maps these failures to known remediation playbooks, interactively proposing and executing the exact bash commands needed to recover crashed services safely.

  • The "North Star" Philosophy: Built for low latency and low false positives. Prescient stays out of the way until it’s needed, providing clear, actionable explanations instead of cryptic error codes.

Open-Source Tech Stack

Prescient is built with zero proprietary dependencies, relying entirely on native Linux binaries:

  • Language: Python 3.11+ (Utilizing shutil, subprocess, and /dev/shm caching).

  • UI/UX: Rich (For high-fidelity, accessible terminal output).

  • Architecture: Typer (For high-performance CLI command routing).

  • Configuration: Extensible TOML schemas for dynamic threat intelligence learning.

  • Hook System: Native interceptors for deep integration with apt and dpkg.

Issues & PRs Board
Pull Request
Basic scaffolding and enviroment setup
Pull Request
feat: Implemented universal hook installer for apt and pacman
Pull Request
feat: feature/predict engine (Completed Phase 2)
Pull Request
feat(recovery): implemented phase 3 automated timeshift/snapper guard
Pull Request
feat(diagnose): implement dynamic journalctl telemetry and JSON log parsing
Pull Request
feat(schema): implement dynamic TOML configuration for risk assessment
Pull Request
refactor:implement modular domain architecture for better layout (core, vanguard, recovery, intelligence)
Issue
implement system-wide logging to /var/log/sentinel.log
Issue
add snapshot frequency and disk space protection
Issue
implement timeout protection for external system calls
Pull Request
feat: implement persistent and secure logging
Pull Request
security: implement 120s timeout protection for snapshots
Pull Request
enhancement: add 10m cooldown and 5GB disk space guard
Issue
sanitize package manager inputs to prevent command injection
Issue
package detection uses substring matching instead of exact matches
Pull Request
security: implement exact matching and input sanitization
Issue
implement dynamic file-path awareness and self-learning triggers
Pull Request
feat: implement autonomous heuristic engine and self-learning triggers
Pull Request
feat: complete atomic rollback engine and fix vanguard audit bug
Pull Request
feat: implement transparent auto-heal engine
Pull Request
fix: parse systemd error messages for actual crashed service
Pull Request
fix: patch shell injection, prevent duplicate fixes, and enforce root privileges
Issue
sudo sentinel command not found (requires absolute path to .venv)
Pull Request
enhancement: add one-line deployment script and global makefile
Issue
autoheal uses shell=True with shlex.split list argument
Pull Request
fix: remove shell=True from autoheal execution
Issue
boot partition health check evaluates to truthy tuple
Pull Request
fix: resolve truthy tuple bug in boot analyzer
Issue
state directory permissions not hardened
Pull Request
fix: harden state directory permissions
Issue
heuristic engine performs expensive dpkg queries per package
Pull Request
perf: batch dpkg path queries
Issue
package trigger matching uses loose substring detection
Pull Request
fix: use strict package matching to prevent false positives
Pull Request
refactor: complete 'Prescient' rebrand
Issue
implement native 'prescient uninstall' self-destruct command
Pull Request
enhancement: implement native self-destruct sequence
Pull Request
feat: implemented rescue engine