Archibald312 builds a tamper-evident paper trail for every AI move

GordonOSS now records every AI call and tool invocation in a log that even an attacker with database credentials cannot rewrite.

compliancesecurity

Archibald312's fork adds a dedicated audit log that captures every time the system talks to an AI model or runs a tool on a user's behalf - how long it took, which documents were touched, and whether it succeeded or failed. The clever bit is what it does and doesn't store: instead of the full text of prompts and responses, it keeps cryptographic fingerprints, so you can later prove a given input or output is genuine without keeping the sensitive content itself. Database-level rules block any attempt to alter or delete entries, even from inside the application.

The logging is designed to fail quietly - if the audit system breaks, the user's request still goes through - and users can pull their own history through a self-service endpoint. There's no retention policy yet, so operators will need to decide how long to keep records.

So what Anyone evaluating legal-AI tools under SOC 2, ISO 27001, or client procurement reviews should look here - this is the shape of evidence those audits ask for.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

1 commit from Archibald312/GordonOSS, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date

d523a644 Phase 6: audit logging for LLM + tool invocations (#6) Archibald312 2026-05-15 ↗ GitHub

SHA	Subject	Author	Date
`d523a644`	Phase 6: audit logging for LLM + tool invocations (#6)	Archibald312	2026-05-15	↗ GitHub
commit body - New audit_log table with immutability triggers (UPDATE/DELETE blocked at the DB layer); migration in backend/migrations/audit_log.sql and appended to backend/schema.sql. - backend/src/lib/audit.ts: AuditEntry shape, recordAudit() fire-and-forget insert, hashContent() SHA-256 helper, AUDIT_LOG_ENABLED feature flag. - Tool dispatcher (lib/tools/registry.ts) records a tool_call row per invocation with duration, input/output hashes, and resolved document IDs from args + side effects; errors are recorded then re-thrown. - streamChatWithTools wraps the per-provider stream and records an llm_call row on success or error. Audit context flows through runLLMStream and the tabular generate path. - GET /audit-log returns the caller's own entries with filters (project_id, event_type, from, to, limit, offset). - Unit tests cover hashContent determinism, recordAudit insert shape, feature-flag no-op, and error swallowing.

commit body

- New audit_log table with immutability triggers (UPDATE/DELETE blocked
  at the DB layer); migration in backend/migrations/audit_log.sql and
  appended to backend/schema.sql.
- backend/src/lib/audit.ts: AuditEntry shape, recordAudit() fire-and-forget
  insert, hashContent() SHA-256 helper, AUDIT_LOG_ENABLED feature flag.
- Tool dispatcher (lib/tools/registry.ts) records a tool_call row per
  invocation with duration, input/output hashes, and resolved document
  IDs from args + side effects; errors are recorded then re-thrown.
- streamChatWithTools wraps the per-provider stream and records an
  llm_call row on success or error. Audit context flows through
  runLLMStream and the tabular generate path.
- GET /audit-log returns the caller's own entries with filters
  (project_id, event_type, from, to, limit, offset).
- Unit tests cover hashContent determinism, recordAudit insert shape,
  feature-flag no-op, and error swallowing.

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-425.md from inside the repo you want the changes in.

⬇ Download capture-thread-425.md