Skip to main content
Kensa works standalone without a coding agent. Python 3.11+. The core pipeline is init → doctor → connect → import → eval; the review-and-generate steps in between are driven by your coding agent (the kensa-inspect and kensa-generate skills), with kensa inspect for reading the queue. Add --json to any command for a stable, machine-readable envelope.
kensa --help
kensa <command> --help

kensa init

Set up the harness: scaffold tests/evals/conftest.py (the kensa_run fixture), tests/evals/test_kensa_smoke.py, a GitHub Actions workflow, and the Kensa skills for your coding agent. Interactive mode also offers to configure a first trace source (Langfuse, an existing trace export, or local capture).
kensa init

kensa doctor

Verify the harness is wired to a real agent boundary and run the persistent smoke test. kensa eval expects doctor to pass first.
kensa doctor
kensa doctor --json
FlagDescription
--jsonEmit a machine-readable envelope
--allow-suspicious-harnessWarn instead of failing when the harness looks like a stub or mock

kensa connect

Authenticate with an observability provider and save non-secret connection metadata to .kensa/connections/<provider>.json. API keys are read from environment variables at run time and are never written to that file.

kensa connect langfuse

kensa connect langfuse
kensa connect langfuse --endpoint https://cloud.langfuse.com --project prod
FlagDefaultDescription
--endpointhttps://cloud.langfuse.comLangfuse base URL
--projectDefault Langfuse project
--public-key-envLANGFUSE_PUBLIC_KEYEnv var holding the public key
--secret-key-envLANGFUSE_SECRET_KEYEnv var holding the secret key
--configure-onlyoffSave metadata without verifying credentials
--jsonoffMachine-readable envelope

kensa import

Import bounded trace evidence into .kensa/traces/imports/<provider>-<timestamp>.jsonl, with redaction and a provenance manifest.
kensa import --from langfuse --since 7d --limit 200
kensa import --from jsonl --source spans.jsonl
kensa import --from otlp --source otlp-export.json --redact strict
FlagDefaultDescription
--fromrequiredProvider: json, jsonl, otlp, langfuse
--sourceLocal export file (required for file imports)
--endpointOne-off endpoint provenance override
--projectProvider project name
--sinceTime window for connected imports (e.g. 7d, 1h, 30m)
--limit50 connected / 1000 filesMaximum traces to import
--max-payload-bytes50000000Maximum local import payload size
--redactkeysRedaction mode: off, keys, strict
--jsonoffMachine-readable envelope
Connected Langfuse imports use the metadata saved by kensa connect and do not need --source. Imports land in .kensa/traces/imports/<provider>-<timestamp>.jsonl with a .manifest.json and a latest.json pointer. See Tracing & imports.

kensa inspect

Read and validate the YAML eval-idea review queue under .kensa/inspect/ that the kensa-inspect skill writes from imported traces.
kensa inspect list                         # list queue items
kensa inspect list --status approved       # filter by approval status
kensa inspect lint                         # validate queue files
FlagDefaultDescription
--statusFilter items by pending, approved, rejected, or generated
--jsonoffMachine-readable envelope
Approve ideas by changing status: pending to status: approved; the kensa-generate skill then materializes them as tests/evals/test_<id>.py.

kensa eval

Run the evals through pytest and write CI-friendly artifacts to .kensa/results/.
kensa eval                                  # runs tests/evals/
kensa eval --markdown-report eval.md
kensa eval --json-report eval.json
kensa eval --no-judge
kensa eval tests/evals/ -- -k refund -q     # pytest passthrough after --
FlagDefaultDescription
--jsonoffMachine-readable envelope
--json-reportWrite a Kensa JSON artifact to this path
--markdown-reportWrite a Markdown summary to this path
--no-judgeoffDisable judge calls
Positional eval paths default to tests/evals. Anything after -- is passed straight to pytest. kensa eval checks evals readiness and expects at least one passing non-smoke eval.

kensa traces

Read redacted TraceView evidence from the latest import (or a --source file). Your coding agent uses these to inspect imported behavior; you rarely call them directly.
kensa traces list                          # list imported trace IDs
kensa traces sample                        # print one trace
kensa traces get <trace-id>                # print one trace by ID
kensa traces list --source <file> --json   # read a specific export as JSON
Each subcommand takes --source (defaults to the latest import) and --json.

Environment variables

VariablePurpose
KENSA_JUDGE_MODELOverride the judge model (e.g. claude-sonnet-4-6)
KENSA_JUDGE_PROVIDEROverride the judge provider (openai, anthropic)
KENSA_JUDGE_RESULTForce a fake judge verdict for local tests (pass, fail, error)
KENSA_LLM_MODELFallback model for judging
KENSA_LLM_PROVIDERFallback provider for judging
KENSA_TRACE_DIRDirectory for local span capture
KENSA_DOTENVPath to a dotenv file loaded at CLI startup
KENSA_SERVICE_NAMEService name attached to local trace metadata
OPENAI_API_KEY / ANTHROPIC_API_KEYProvider credentials for the judge
Last modified on July 7, 2026