Agent Audit Log
Create and maintain a lightweight audit trail for high-value actions.
Core rule
Log only actions that matter for safety, traceability, or later review. Do not turn the audit log into noise.
Default layers
- 1. Raw fact log (
YYYY-MM-DD.jsonl) - Date summary (
index.json) - Target/project index (
by-target.json) - Risk index (
by-risk.json) - Human-readable summary (
latest.md) - Export-safety events (
export_safety_check) - Open items (
open-items.json) - Status transition history (
open-items-history.json)
Read references as needed
- - Read
references/schema.md for the log schema and event fields. - Read
references/risk-model.md for how to classify low / medium / high risk. - Read
references/export-safety.md before logging publish/export actions. - Read
references/open-items.md when tracking unresolved risks or follow-up work. - Read
references/examples.md when you need concrete event, export-safety, or open-item examples.
Use scripts as needed
- - Use
scripts/init_audit.sh to create the basic audit directory and starter files.
Operating rules
- - Do not store plaintext secrets in audit logs.
- Prefer concise, human-readable summaries.
- Record target, result, and non-sensitive references.
- Use
warn when something needs attention but did not fail. - Use open items for follow-up risk, not for routine noise.
Agent 审计日志
为高价值操作创建并维护轻量级审计追踪。
核心规则
仅记录对安全性、可追溯性或后续审查有意义的操作。切勿让审计日志沦为噪音。
默认层级
- 1. 原始事实日志(YYYY-MM-DD.jsonl)
- 日期摘要(index.json)
- 目标/项目索引(by-target.json)
- 风险索引(by-risk.json)
- 人类可读摘要(latest.md)
- 导出安全事件(exportsafetycheck)
- 待办事项(open-items.json)
- 状态变更历史(open-items-history.json)
按需查阅参考文档
- - 查阅 references/schema.md 了解日志模式与事件字段。
- 查阅 references/risk-model.md 了解低/中/高风险分类方法。
- 在记录发布/导出操作前,查阅 references/export-safety.md。
- 追踪未解决风险或后续工作时,查阅 references/open-items.md。
- 需要具体事件、导出安全或待办事项示例时,查阅 references/examples.md。
按需使用脚本
- - 使用 scripts/init_audit.sh 创建基础审计目录和初始文件。
操作规则
- - 不得在审计日志中存储明文密钥。
- 优先使用简洁、人类可读的摘要。
- 记录目标、结果及非敏感引用。
- 当某事项需关注但未失败时,使用 warn 标记。
- 待办事项用于跟踪后续风险,而非常规噪音。
