6 comments

  • all2 31 minutes ago

    I'm currently working on an agent framework that has auditability as one of its core promises. I'm glad to see others are working in this domain!

    I've seen other products/apps in this space farther up the stack at the API boundary.

    What frameworks does your package work with? How does it handle intercept?

    • brian_kuan 12 minutes ago

      There's no interception - it runs in-process, so it works with any Python code (with or without a framework). There's a TS version too if your stack is in JS.

      Would love to hear more about your agent framework!

  • ambicapter 21 minutes ago

    > may have built observability dashboards and audit logs, but those are editable and partisan

    Why would these be editable?

  • brian_kuan an hour ago

    PS: please try to break it - if you find that the report does not catch a deleted line, changed number, or modified record, I'd love to know!

    And to start a discussion: if you sell or buy AI agent products, what do security reviews ask about them?

  • nf-x 28 minutes ago

    Looks very slop, but it’s a good idea. The main difficulty is that no big name is hosting a witness.

    • brian_kuan 3 minutes ago

      Fair point - I am a marketer by training and built this with some help from Claude! But appreciate the love.

      If you find something/have feedback, please let me know and I'll gladly fix it.

      Separately - 100% agree on the witness - only someone/thing outside the vendor can prove nothing was omitted. Who do you think fills that gap - is it an audit firm (my world), a standards body, or something else?