Provenance
Preserve provenance from event to evidence.
Portal projections should show where an action came from, which connector or capability emitted it, which policy governed it, and which exporter produced evidence.
Fields to preserve
Attach these where the connector or runtime actually knows them. Do not invent provenance when it is absent.
- Source kind, name, and version.
- Connector id and version.
- Plugin id and version.
- Capability id and version.
- Policy pack id and version.
- Analyzer or report id and version.
- Signing key id or ingest identity.
- Built-in, customer-internal, vendor-provided, or untrusted source classification.
- Policy decision, final decision, approval status, command preview, and file preview.
Portal surfaces
The same raw event ledger feeds multiple operator views.
| Surface | Evidence shown |
|---|---|
| Session timeline | Event order, tool/model/hook activity, decisions, command/file preview, source labels. |
| Approvals | Confirm-level requests, reviewer state, protected target label, policy reason, and connector context. |
| Audit | Append-only event projection with decision metadata and provenance columns. |
| Agent Run Audit | Source snapshot summary plus Surface, Side Effects, Anomalies, and Spec Trace projections. |
| Audit CSV export | Event provenance columns plus exporter id/version and report schema version. |
Projection rule
Treat reports as projections over governed sessions and raw
agent_activity_events. The current Agent Run Audit slice computes on read; it is not a separate source of truth.Known gaps
Do not claim these are solved until implementation and validation land.
- Per-file, per-commit, and per-PR provenance query API.
- Evidence package export.
- Explicit cryptographic chaining of audit records.
- Validated customer-cloud Agent Run Audit data plane.
- Full transcript ingestion for third-party agents.