How to See Every Shell Command Claude Code and Cursor Run
AI agents like Claude Code and Cursor run shell commands you never see. Here's how to record, search, and audit every command they run — with the prompt behind it.
When you hand a task to Claude Code or Cursor, it doesn't just edit files — it runs shell commands. Installs, migrations, git operations, test runs, the occasional rm. Most of these scroll past in a tool panel and are gone the moment the session ends. If something breaks an hour later, you have no reliable record of what the agent actually did. This guide shows how to capture, search, and audit every command your AI agents run.
Why agent commands are hard to see
- They don't land in your shell history. Agents usually run commands in their own subprocess, so
~/.zsh_historynever sees them. - The agent UI is ephemeral. The tool-call log lives in the chat session. Close it and the record is gone.
- You can't tell who ran what. Even when commands do hit your history, there's nothing marking which were yours and which were the agent's.
The result is a visibility gap exactly where you'd want the most accountability: automated commands running with your permissions.
The fix: record commands with their executor and prompt
Suvadu replaces your shell history with a local SQLite database and captures commands from AI agents as first-class citizens. For each command it records the executor (you, Claude Code, Cursor, OpenCode, Antigravity, or CI), the working directory, the exit code, and — for agent commands — the prompt that triggered it. Everything stays 100% local.
1. Install Suvadu
curl -fsSL https://downloads.appachi.tech/suvadu/install.sh | shIt hooks into Zsh/Bash and starts recording immediately. See installation for details.
2. Connect your agents
suv init claude-code
suv init cursorThis wires Suvadu into each agent so the commands it runs are captured and attributed. Full list of supported agents and options: agent integration.
3. Review what the agent ran
After an agent session, you can see exactly what happened:
# Everything Claude Code ran today
suv history --executor claude-code --since today
# Open the interactive search, filtered to agents
suv searchThe search TUI lets you filter by executor, directory, time, and exit code, so isolating "agent commands that failed in this repo" takes seconds.
Auditing for risk
Visibility is step one; triage is step two. Suvadu's risk assessment flags destructive or sensitive commands — recursive deletes, permission changes, piping the network into a shell — so you can scan an agent's session for the handful of commands that actually deserve attention instead of reading every line.
For a higher-level view, agent reports and the agent dashboard summarise what each agent did over a period: how many commands, how many failed, and what was risky.
Replaying a session
When you need the full story of a single run, session replay walks through an agent's commands in order, with directories and exit codes, so you can reconstruct exactly how it got from the prompt to the result.
Turning history into agent memory
Once your history knows about agents, you can flip it around: let the agent read it. Suvadu's MCP server exposes your command history to AI agents as a queryable resource — what was run, what failed, how a problem was solved last time — so the next session starts with context instead of a blank slate.
The takeaway
AI agents are running real commands in your terminal with your permissions. You should be able to answer "what did it run, why, and was any of it risky?" at any time. With command-level recording, executor attribution, and risk flagging, that stops being guesswork.
Builder of Suvadu. Writes Rust, thinks about shell history more than most people, and believes developer tools should be local-first.