Overview
Every agent action is tracked for accountability, debugging, and compliance. The audit trail answers: Who did what, when, why, and what was the result?What Gets Tracked
Execution Records
Every agent run creates an execution record:Action Records
Within each execution, individual actions are logged:Attribution Requirements
PolicyORG-001 requires agent PRs include attribution trailers:
Required Trailers
Viewing Audit Data
CLI Commands
Example Output
Database Schema
Execution records are stored in PostgreSQL:Git History
All file changes by agents are tracked in git with:- Commit messages following Conventional Commits
- Attribution trailers as described above
- PR links to the creating execution
Querying Git History
Memory as Audit
Agent memory provides context for decisions:- What was decided
- Why (reasoning)
- When (timestamp)
- Who (agent or human)
Session Tracking
Claude Code sessions are tracked for debugging:- Start/end times
- Working directory
- Token usage
- Files accessed
Compliance Reports
Weekly Summary
- Goals achieved
- PRs merged
- Issues resolved
- Cost per outcome
Monthly Export
Incident Investigation
When something goes wrong, trace the issue:1. Find the Execution
2. Get Details
3. Check Logs
Retention Policy
Privacy Considerations
The audit trail does not capture:- Actual file contents (only paths)
- API keys or secrets
- Personal user data
- Full conversation logs
- Anonymize user-identifying data
- Provide data export on request
- Support deletion requests
Best Practices
1. Review Weekly
2. Tag Important Executions
Use metadata for significant runs:3. Document Exceptions
When overriding normal processes, document in:- PR description
- Commit message
- Memory update