跳转到主要内容

Audit and Metadata Policy v0

Scope

Defines the v0 audit/metadata boundary: operational traceability and troubleshooting through metadata while preserving forward-only/no-transcript constraints.

Terminology

  • Forward-only: content is forwarded but not persisted as transcript.
  • Metadata-only persisted: only structured non-body fields are retained.
  • Breadcrumb: minimal metadata chain used for troubleshooting.

Normative Spec

Hard Boundary

Platform MUST NOT persist:
  • dialog full body transcript
  • ssh_remote terminal full raw output transcript
Platform MUST persist metadata required for audit and tracing.

Required Metadata Fields

  • session_id
  • correlation_id
  • channel_type
  • event_type
  • timestamp
  • status_code
  • workspace_id
  • agent_id
  • resource_id
  • message_id
  • command_id
  • error_code
  • retry_count
  • lease_epoch
  • causation_id
  • reason
Troubleshooting trails SHOULD include at least:
  • session_id
  • correlation_id
  • workspace_id
  • agent_id
  • channel_type
  • target
  • message_id
  • command_id
  • event_type
  • timestamp
  • error_code
  • retry_count

Multi-target Consistency

For dialog.target values (codex, claude_code, opencode, wechat, telegram), metadata schema MUST remain consistent.

Examples

{
  "session_id": "sess-001",
  "correlation_id": "corr-001",
  "channel_type": "dialog",
  "target": "wechat",
  "event_type": "message",
  "timestamp": "2026-03-24T12:00:00Z",
  "status_code": "forwarded",
  "message_id": "msg-777"
}

{
  "session_id": "sess-002",
  "correlation_id": "corr-009",
  "channel_type": "ssh_remote",
  "event_type": "status",
  "timestamp": "2026-03-24T12:05:00Z",
  "status_code": "degraded",
  "error_code": "terminal_configuration"
}

Error & Recovery

  • Missing required metadata fields: reject event ingestion.
  • Any attempt to persist full transcript content: policy violation.
  • Recovery processes must emit metadata-only recovery events.

Security & Audit

  • Metadata is the canonical audit source.
  • Platform-level approvals are auditable via metadata references.
  • Tool-internal approvals inside DevBox are not re-implemented by AIOS audit logic.

Status

Current status: draft Source discussions:
  • docs/maintainers/conversation-records/agent-platform/2026-03-24-audit-and-metadata-policy-v0-draft.md
  • docs/maintainers/conversation-records/agent-platform/2026-03-23-forward-only-dialog-policy.md

Changelog

  • 2026-03-24: Initial skeleton created.
  • 2026-03-24: Added forward-only boundary and required metadata schema.

相关页面