Observability

Signed audit log

Hash-chained, HMAC-signed audit log. Tamper-evident record of every step.

import { createSignedAuditLog } from '@agentskit/observability'

const audit = createSignedAuditLog({
  path: '.agentskit/audit.log',
  key: process.env.AK_AUDIT_KEY!,
})

const runtime = createRuntime({ adapter, observers: [audit.observer] })

Verify

const ok = await audit.verify() // throws on tamper

Each record contains { seq, at, kind, payload, prevHash, hmac }. Tampering with any entry breaks the hash chain.

✎ Edit this page on GitHub·Found a problem? Open an issue →·How to contribute →

Cost + token accounting

Cap runs by dollars or tokens. Stop before you're surprised.

Security

The five primitives most production agents want — PII, injection, rate limits, audit, sandbox.

On this page