frontpage.

Show HN: Open-source SDK for AI agent audit trails

https://www.traceprompt.com/

1•paulmbw•4h ago

Hi HN! I’m Paul, founder of Traceprompt. We’re building an open-source SDK that wraps your AI agents and generates tamper-proof audit trails, so you can prove what agent did what, when and with which model.

You can check out the Node SDK (more languages coming soon): https://github.com/traceprompt/traceprompt-node

We built Traceprompt because LLMs are being used everywhere without a clear plan for audit and compliance. From research and discussions with other devs, I often see fintech and healthcare teams manually stitching together API Gateway, CloudWatch Logs and S3 buckets to track prompts/responses and retention. This is both complex and costly as there's little to no proof of immutability. Most current tools (Langfuse, Heliclone etc.) focus on LLM observability; few help generate verifiable evidence for compliance. That’s where we come in.

To add, regulations are also moving in this direction (e.g. the EU AI Act requires logging for certain high-risk systems, HIPAA calls for audit controls and FINRA/SEC rules push WORM-style retention). The goal is to make “prove nothing changed” boring.

Our SDK is simple:

1. BYOK architecture with AWS KMS. We never see plaintext prompts/responses; only you can decrypt. Other KMS providers are on the roadmap.

2. Append-only, hash-chained logs with a public Merkle anchor for independent verification. Repo: https://github.com/traceprompt/open-anchors

3. Audit packs: export CSV rows + proofs (and receipts) when someone asks “what exactly happened on this day and time.” You can also verify the audit packs — if a single byte was altered or a row removed by a bad actor, verification fails.

If "AI audit trails" are on your mind or on your roadmap, I'd love to talk. There are a few ways to start:

1. Checkout the repos: review code, install the SDK and experiment; open issues if anything breaks — https://github.com/traceprompt/traceprompt-node + https://github.com/traceprompt/open-anchors

2. Landing page: https://traceprompt.com — details on integrations and pricing; 7-day free trial (or 2M-token cap).

3. Join our Discord: https://discord.gg/2yUSXDECQk

4. Book a free 30-minute demo call: https://cal.com/traceprompt/traceprompt-intro

We'd love to hear your feedback, so we'll be in the comments! If you're a dev, I am happy to dive into more technical details or answer any questions. If you're in the AI audit and compliance space, please do get in touch as we have lots to learn and uncover :)

Thank you!

Dead arms test importance of clenched fists (2015)

The Rise of Front-Loaded Vesting

The Cybersecurity Psychology Framework: A Pre-Cognitive Vulnerability Assessment

DraftKings said it acted properly in voiding Iowa man's $14.2M payout

Ask HN: What's your current "ecosystem"/dev stack/tools that you use to build?

What's new in Excel August 2025

Anthropic – Detecting and countering misuse of AI: August 2025

We're doing context engineering wrong

A retrospective about blogging for a decade

You're doing context engineering wrong

Asahi Linux Lead Developer Steps Down

Trying Out Claude for Chrome Research Preview

Flying Cameras Are Snapping Photos of Houses for Insurers

Lord of the Io_uring

Io_uring by Example

Layoff Tracker

Io_uring basics: Writing a file to disk

Observing the Earnings Gap Through Marital Status, Race and Gender (2019)

Atlassian's Trello redesign may be 'worst in tech history' say frustrated users

4chan and Kiwifarms Sue Ofcom over Attempt to Enforce Online Safety Act in US

Vibe Coding from My Smartphone

Show HN: DeepShot – an open-source NBA predictor with ML, EWMA, and live UI

The Electric Slide

Measuring founder's presence's contribution to stock price

Steiger: OCI-native builds for Docker, Bazel, and Nix with direct registry push

SOPS is an editor of encrypted files

4chan and Kiwi Farms file joint lawsuit against the UK

Ask HN: How to Learn to Build Agentic AI Systems (Like Claude Code)

Can Multisensory Input Hack Your Memory?

Ask HN: What are the best Google alternatives in 2025?