Agnys – The flight recorder for AI agents

ashishrdy1 pts0 comments

Agnys — The Flight Recorder for AI Agents | AI Audit Trail & Compliance

EU AI Act Article 12 — enforceable Dec 2, 2027<br>The flight recorder for AI agents.<br>Agnys records every model call, tool use, file edit and shell command your AI agents make — with zero code changes — and turns it into tamper-evident, audit-ready proof for the EU AI Act, GDPR, ISO 42001 and NIST AI RMF.<br>Get started freeBook a demo<br>One binary · 8+ AI tools auto-detected · No SDK required

REC· flight recorderSHA-256<br>Live capture feed: events recorded from an AI agent session, each hash-chained to the previous event004114:02:07.113model_callclaude-code → /v1/messages⇠ e120 9f3a…c214004214:02:09.418tool_useBash "npm run deploy"⇠ 9f3a b7e0…41af004314:02:09.871human_approvalapproved — deploy to prod⇠ b7e0 55d2…9e10004414:02:11.204file_editsrc/config/prod.ts (+12 −3)⇠ 55d2 c81f…77b3004514:02:13.559shell_execgit push origin main⇠ c81f 20aa…e5c6<br>CHAIN VERIFIED · TIP ANCHORED TO WORM STORAGE

Captures everything these tools do — no code changes

Claude<br>Claude Code<br>ChatGPT<br>Gemini<br>Grok<br>GitHub Copilot<br>VS Code<br>OpenAI API<br>Groq<br>Antigravity<br>Python SDK<br>Node SDK<br>Browser extension<br>Webhooks<br>Claude<br>Claude Code<br>ChatGPT<br>Gemini<br>Grok<br>GitHub Copilot<br>VS Code<br>OpenAI API<br>Groq<br>Antigravity<br>Python SDK<br>Node SDK<br>Browser extension<br>Webhooks

The problem<br>AI agents are compliance black boxes.<br>You deploy agents into production and hope for the best. That's not good enough when an auditor comes knocking.

You can't see what your agent did<br>When something goes wrong, you have no idea which tool was called, what data was read, or what decision led to the failure.

Anomalies go undetected for days<br>Agents silently misbehave — burning tokens, touching wrong files, sending unexpected emails — and you only find out when the damage is done.

Compliance teams demand audit trails<br>The EU AI Act, GDPR, ISO 42001 and NIST AI RMF all require you to prove what your AI did and why. Right now, you have nothing to show them.

The solution<br>Agnys gives you complete AI governance.<br>One forwarder. Zero code changes. From raw capture to anomaly detection to auditor-ready evidence.

Real-time action feed<br>Every model call, tool use, file edit and shell command — streamed to your dashboard live as it happens.

Behavioral DNA<br>Agnys learns each agent's normal patterns automatically, then flags drift, prompt injection and scope creep before they spread.

Tamper-evident exports<br>SHA-256 hash-chained audit logs and signed PDF/CSV evidence, scored against the EU AI Act, GDPR, ISO 42001 and NIST AI RMF.

AQL Search Lab<br>Query your entire audit history with a real query language — pipeline stats, sequence operators, saved searches and alerts.

Full session replay<br>Forensic reconstruction of any session: trigger → decisions → tool calls → outcome. Every second accounted for.

Zero-code capture<br>One binary auto-detects Claude, ChatGPT, Gemini, Copilot, VS Code and more. SDKs stand ready for teams instrumenting their own agents.

Compliance coverage<br>18 Deterministic Compliance Checks<br>Every check is code-deterministic — not a checkbox survey. Traces are scored against all four frameworks with per-finding evidence.<br>Audit trails can't be backdated. High-risk EU AI Act Article 12 obligations begin Dec 2, 2027 — but the evidence auditors ask for only exists from the day logging starts. GDPR is in force today; ISO 42001 and NIST AI RMF raise the bar.

EU AI Act<br>Art. 12<br>Pass<br>Deadline: Dec 2, 2027Mandatory logging of AI system events — high-risk Article 12 obligations apply from Dec 2, 2027.

ChecksAutomatic recording, human-oversight logging (Art. 14), risk classification, technical documentation

GDPR<br>Art. 30<br>Pass<br>Deadline: In forceRequires records of all automated processing activities involving personal data.

ChecksRecords of processing, purpose limitation, data minimization, PII detection

ISO/IEC 42001<br>A.8.3<br>Pass<br>Deadline: CertifiableAI management-system standard — continuous logging and documentation controls.

ChecksAI system logging, impact assessments, system documentation, control monitoring

NIST AI RMF<br>Govern–Manage<br>Pass<br>Deadline: FrameworkVoluntary risk-management framework, scored per trace with exportable documentation.

ChecksGovern, Map, Measure, Manage — behavioral drift feeds the Measure function

Export formats<br>Auditor-ready exports

PDF<br>Auditor-ready report with chain-of-custody appendix and regulation-specific sections. Digitally signed.

CSV<br>Flat export of every event with compliance-check columns. Importable into any GRC tool.

JSON<br>Full event payloads with SHA-256 hashes and prev-hash chain references. Machine-verifiable.

Your logs stay yours.<br>Tamper-evident, verifiable exports · Per-agent hash chains anchored to WORM storage · We never train on your data

Inside the platform<br>See exactly what your AI agents are doing.

Compliance ExportForensic ReplaySearch LabBehavioral DNALive Feed<br>Auditor-ready reports on demand<br>Score every trace against GDPR, EU AI Act, NIST AI RMF and ISO/IEC 42001<br>Run checks...

code agents compliance audit ready gdpr

Related Articles