What traces provide#
Every governed task execution produces a trace — a directed acyclic graph (DAG) of spans representing tool calls, policy checks, and evidence receipts. Traces are the audit backbone of the control plane.
Browsing traces#
List recent traces with GET /api/v1/traces?days=30. Each trace has
a taskId and a timestamp. Fetch span-level detail with
GET /api/v1/traces/{taskId}.
Evidence receipts#
Evidence receipts record what happened during tool execution:
| Field | Purpose |
|---|---|
scope_requested | What the agent asked to do |
scope_allowed | What policy permitted |
scope_enforced | What actually happened |
io_hash | Cryptographic hash of input/output for integrity |
Receipts are ingested via POST /api/v1/evidence and queryable
via GET /api/v1/evidence.
Bridge detection#
Tasks that span multiple systems are flagged as bridge tasks in the traces view. Bridge badges indicate cross-system execution chains.
Dashboard#
The traces page at /dashboard/{workspaceId}/traces shows task
traces with bridge detection. Click a task to see the full span DAG.
Compliance export#
Export traces and evidence for compliance with
GET /api/v1/export?format=json (or csv). The export includes
evidence receipts, kernel events, and telemetry for the workspace.