The problem: • AI agents make autonomous decisions (trading, medical, customer service) • No standard audit trail format • Policy enforcement is ad-hoc (if it exists) • Compliance teams can't verify anything • When something goes wrong, you can't trace what happened
What we built: • Decision trace logging with full provenance chains • Policy-as-code enforcement (evaluated BEFORE agent acts) • Human approval workflows for high-risk actions • Compliance dashboards and SOC2/HIPAA reports
Key technical decisions: • Synchronous policy evaluation (can't un-execute a bad trade) • PostgreSQL RLS for multi-tenant isolation • Cryptographic hash chains for provenance (tamper-evident) • Sub-50ms P99 latency for decision logging
Not an AI framework. Works with LangChain, CrewAI, AutoGPT, or custom agents.
Quick start: https://github.com/akz4ol/contextgraph-cloud#quick-start-30-... Architecture: https://github.com/akz4ol/contextgraph-cloud/blob/main/ARCHI... Live demo: https://dashboard-akz4ol.vercel.app
Would love feedback from anyone dealing with AI compliance, governance, or agent frameworks!