Thank you for your interest in contributing to the AIIR platform.
AIIR spans 3 repositories under AppliedIR:
| Repo | Purpose |
|---|---|
| sift-mcp | Monorepo: 11 SIFT-side packages (gateway, MCP backends, Examiner Portal, forensic knowledge) |
| aiir | CLI, architecture reference, documentation site |
| wintools-mcp | Windows forensic tool execution |
All repos require Python 3.10+.
git clone https://github.com/AppliedIR/sift-mcp.git
cd sift-mcp
python -m venv .venv && source .venv/bin/activate
pip install -e "packages/sift-common[dev]" -e "packages/forensic-mcp[dev]" -e "packages/case-mcp[dev]" -e "packages/sift-mcp[dev]"
pytest tests/ -x -q
Each repo has CI that runs lint + tests across Python 3.10, 3.11, and 3.12. All checks must pass before merging to main.
ruff check . && ruff format --check .
Fix lint issues before committing. CI enforces this.
- Branch from
main, PR back tomain - CI must pass (lint + tests on 3 Python versions)
- One logical change per PR
- Commit messages: one line, state what changed (not why)
- Do not include secrets, credentials, or case data in commits
Use GitHub Issues on the sift-mcp repo for bugs and feature requests. Include:
- Steps to reproduce
- Expected vs actual behavior
- AIIR version (
aiir --version) - OS and Python version
Do not file security issues as public GitHub issues. Use GitHub's private vulnerability reporting instead. See SECURITY.md for details.
By contributing, you agree that your contributions will be licensed under the MIT License.