One command.
Everything recorded.
Every captured run produces a structured directory — a capsule — that contains everything needed to understand, validate, and replay the execution. No instrumentation required.
Model-call evidence
Model name, prompt, completion, token counts, latency — for API calls where capture is enabled.
Tool invocations
MCP exchanges, function calls, shell commands — the tool-call chain where capture hooks are active.
Environment snapshot
Python version, installed packages, env vars (secrets redacted) — so you can reproduce the execution context.
Execution spans
OpenTelemetry-compatible spans for the execution tree. Queryable, exportable, visualisable.
Redaction proof
Cryptographic proof that no secrets appear in the capsule. Auditable by anyone, no access to secrets required.
Tamper-evident seal
DSSE signature + RFC 3161 timestamp. Designed for audit evidence workflows; regulatory fit requires independent review.
See what a capsule contains.
Click "run" to simulate a capture. Explore the files a capsule produces.
Four ways to replay.
Read-only. Replays the exact execution environment without re-running model calls. Safe for debugging, auditing, and forensic investigation.
Uses recorded LLM responses. No API calls, no cost. Deterministic replay for CI pipelines and regression testing.
Re-runs with live model calls but validates that outputs are semantically equivalent. Detects prompt drift and model behavior changes.
Full re-execution. Every tool call, every model call, live. Compares outputs byte-for-byte. Strictest reproduction guarantee.
The complete lifecycle.
Wrap any command — script, agent, training run. No code changes required.
Re-execute any capsule. Forensic mode is read-only. Mocked mode uses recorded LLM responses.
Validate a capsule against schema. Checks integrity, redaction proof, and signature.
Verify DSSE signature and RFC 3161 timestamp. Works offline, forever.
The flagship system: capture, replay, validate, and govern AI agent executions.