Governance & audit
The Governance section is the executive-grade answer to “prove what the agents did, and that we were allowed to.” Its surfaces are derived from the live execution pipeline, so the evidence is contemporaneous, not reconstructed.

What’s here
Section titled “What’s here”- Distributed trace waterfalls — every run as an ordered set of typed spans (reasoning, model calls, tool calls, retrieval, guardrails, memory) with timing, token, and cost.
- Immutable audit & lineage — an append-only, hash-chained audit log (never sampled), plus full data and action lineage answering “which data influenced this action”.
- Guardrails & responsible-AI posture — policy rules, PII redaction, topic boundaries, jailbreak defense, and a versioned AI constitution.
- Compliance evidence — downloadable, regime-scoped evidence packs mapped to the EU AI Act, SOC 2 Type II, GDPR, and ISO 42001.
Tracing a single call
Section titled “Tracing a single call”Every API/MCP response carries a lifecycle_id. The governance surfaces let you follow that
identifier across the trace, the policy decision, any approval, and the audit entry.
Tamper-evidence
Section titled “Tamper-evidence”Each audit event chains to the prior event’s hash; any retroactive edit breaks the chain and is detectable. Audit is flushed to write-once-read-many (WORM) storage.
The same primitives map to regulatory frameworks (EU AI Act, SOC 2 Type II, GDPR, ISO 42001), with evidence packs assembled on demand.
