Skip to main content
Compendium · Compositions · Audit & Telemetry

Audit & Telemetry

Items
16
of 1002 total

Full-featured composed scenes — one per row so each design has room to breathe. Click for the live render, the spec, and the source.

№ 136

Full Audit Log

Scene STA
Audit Log 2026-05-21 · UTC
12 events
filter: ALL · 12 SIGN · 3 WAIVE · 2 KILL · 2 SHIP · 2 SPEC · 3
MORNING · 08–12 4 events
  1. 08:14 SPEC h.wirjawan SPEC-204 v1.3 draft

    New acceptance criteria added

  2. 08:42 SIGN governor SPEC-204 v1.3

    Approved for autonomous build

  3. 09:01 SHIP AGENT-7 PR #1182 → main

    Build green, ICS 92, deployed

  4. 09:33 WAIVE r.chen TwoPersonRule · SPEC-205

    Solo waiver, 24h expiry

AFTERNOON · 12–17 4 events
  1. 13:12 SPEC AGENT-4 SPEC-211 v0.1

    Auto-drafted from issue #843

  2. 13:51 WAIVE h.wirjawan Same-Person rule · #1184

    Owner reviewed own change

  3. 14:02 KILL AGENT-7 Deploy #1184

    Auto-reverted: drift > 35%

  4. 14:18 SIGN governor Rollback exception

    Manual recovery authorised

EVENING · 17–24 4 events
  1. 17:30 SHIP AGENT-7 PR #1186 → main

    Hotfix for #1184 regression

  2. 17:44 SPEC governor POSTMORTEM-INC-1842

    Filed, 3 action items

  3. 18:02 SIGN governor Day-close checklist

    All open waivers in expiry

  4. 23:11 KILL AGENT-9 Cron drift-detector

    Threshold trip — paged owner

total 12
sign 3
waive 2
kill 2
ship 2
spec 3
Compositions / audit and telemetry

Chronological event stream of 12 governance events — type, actor, time, target — grouped by time band and filterable by type chips.

open ↗
№ 137

Threat Model Dashboard

Scene STA
Threat Model SPEC-204 / EXHIBIT B
v1.3.0 · reviewed 2026-05-19
STRIDE BREAKDOWN 6 categories
· CATEGORY SEV THREAT MITIGATION RESIDUAL
S Spoofing HIGH Credential stuffing on /auth Rate-limit + lockout @ 10/min MITIGATED
T Tampering MED Session token replay across IPs Bind to UA + IP fingerprint ACCEPTED
R Repudiation HIGH Operator denies waiver decision Append-only audit log + signature MITIGATED
I Info Disclosure HIGH PII leaks in error responses Sanitise + opaque error codes MITIGATED
D Denial of Service MED Spec-build queue exhaustion Per-tenant build quotas + back-off TRANSFERRED
E Elevation of Privilege LOW Agent role drift via prompt injection Tool allowlist + capability tokens ACCEPTED
OUT OF SCOPE 5 items
  • × Botnet attacks behind residential proxy pools
  • × Subdomain takeover detection on legacy CNAMEs
  • × Side-channel timing oracles on error responses
  • × Insider threats from holders of root signing key
  • × Compromise of upstream CI provider control plane

// these are knowingly accepted gaps — not oversights

RESIDUAL RISK
  • MITIGATED 3
  • ACCEPTED 2
  • TRANSFERRED 1
total 6
Compositions / audit and telemetry

Full STRIDE threat-model dashboard: per-category breakdown with mitigations, explicit out-of-scope list, and residual-risk pills.

open ↗
№ 138

SLO Board

Scene STA
SLO Board 30-day window
6 objectives
total 6
met 4
at-risk 1
breached 1
  • API availability

    unit: %

    99.94

    current

    ≥ 99.90

    target

    0.4×

    rate

    OK
  • p95 latency

    unit: ms

    184

    current

    ≤ 250

    target

    0.6×

    rate

    OK
  • Error rate

    unit: %

    0.42

    current

    ≤ 0.50

    target

    1.8×

    rate

    WARN
  • Error budget

    unit: % left

    38

    current

    ≥ 25

    target

    0.9×

    rate

    OK
  • Build queue depth

    unit: jobs

    47

    current

    ≤ 30

    target

    3.2×

    rate

    CRITICAL
  • Spec freshness

    unit: h

    12.4

    current

    ≤ 24

    target

    0.5×

    rate

    OK
// burn-rate > 1× consumes error budget faster than the window replenishes it
Compositions / audit and telemetry

Service-level objectives dashboard: 6 SLOs with current value, threshold, a 30-day sparkline trend, and a burn-rate indicator.

open ↗
№ 139

ICS History

Scene STA
ICS History SPEC-204 · auth & session
8 revisions
start 18
end 92
delta +74
gate@60 v0.5
18
31
44
52
64
73
84
92
v0.1
v0.2
v0.3
v0.4
v0.5
v0.6
v0.7
v1.0
REVISION LOG what each bump added
  1. v0.1 04-02 18 +18 Intent paragraph only
  2. v0.2 04-05 31 +13 3 acceptance criteria added
  3. v0.3 04-09 44 +13 Constraints section + perf budget
  4. v0.4 04-14 52 +8 Negative criteria + non-goals
  5. v0.5 04-19 64 +12 Failure modes enumerated · gate cleared
  6. v0.6 04-24 73 +9 Threat model linked (EXHIBIT B)
  7. v0.7 05-02 84 +11 Telemetry & rollback plan defined
  8. v1.0 05-12 92 +8 Sign-off · two-person review complete
// a spec ascends — humans add intent, agents wait for the gate
Compositions / audit and telemetry

One spec ascending the ICS ladder over 8 revisions — bar chart with annotations on what was added at each score bump.

open ↗
№ 140

Incident Postmortem

Scene STA
INC-1842 Postmortem
SEV-1 RESOLVED

Agent-7 exceeded autonomy ceiling on SPEC-204 hotfix path

occurred · 2026-05-21 ttr · 00:14:32 blast · 4 services
TIMELINE detection → resolution
  1. DETECTED

    14:02:11

    T+00:00

    Drift detector tripped (35% > 30% threshold)

  2. RESPONDED

    14:04:33

    T+02:22

    On-call paged · governor joined channel

  3. MITIGATED

    14:09:48

    T+07:37

    PR #1184 auto-reverted · traffic re-routed

  4. RESOLVED

    14:16:43

    T+14:32

    Build #1186 green · SLO restored · all-clear

CONTRIBUTING FACTORS 3
  1. 01
    PROCESS

    Same-Person rule was waived for #1184; reviewer was also the author. The waiver expired before merge, but no policy enforced re-review.

  2. 02
    TECHNICAL

    Drift detector ran on a 30s window; the regression spiked for 11s before crossing the threshold. Detection lag amplified blast radius.

  3. 03
    HUMAN

    Operator assumed the hotfix path was protected by the same gates as feature work. It was not — the runbook had not been updated in 6 weeks.

ACTION ITEMS 3
  • A-1 IN-PROGRESS due 2026-05-26

    Enforce re-review when Same-Person waiver expires before merge

    owner · h.wirjawan

  • A-2 DONE due 2026-05-23

    Reduce drift-detector window from 30s to 5s on production

    owner · AGENT-7

  • A-3 OPEN due 2026-06-01

    Audit and re-issue all on-call hotfix runbooks (quarterly cadence)

    owner · governor

Author

h.wirjawan

Signed off by

The Governor

Filed

2026-05-21 · 17:44 UTC

Compositions / audit and telemetry

Single-incident dashboard: detection→response→resolution timeline, contributing factors, action items, and sign-off footer.

open ↗
№ 1241

Audit Chain Explorer

Scene STA go
Chain Explorer intent · decision · runtime
4 chains
INTENT spec writes
  1. i:7c4a SPEC-204 v1.3

    @author · 08:14:02

  2. i:9f12 SPEC-205 v0.4

    @author · 08:31:55

  3. i:2bd8 SPEC-211 v0.1

    @gatekeeper · 13:12:40

  4. i:e103 SPEC-204 v1.4

    @author · 14:18:09

DECISION gate verdicts
  1. d:a811 SIGN

    autonomy-ceiling · 08:42:11

  2. d:b007 WAIVE

    two-person-rule · 09:33:28

  3. d:c4f1 KILL

    drift-detector · 14:02:11

  4. d:d2a9 SIGN

    rollback-policy · 14:18:43

RUNTIME deploy + signal
  1. r:11ab OK svc/orders

    sha:7c4a→a811 · 09:01:00

  2. r:22cd OK svc/billing

    sha:9f12→b007 · 09:48:12

  3. r:33ef FAIL svc/ledger

    sha:2bd8→c4f1 · 13:59:55

  4. r:44gh OK svc/orders

    sha:e103→d2a9 · 17:30:01

chain integrity 4 / 4 · sha-linked
Compositions / audit and telemetry

Three-rail forensic explorer: intent → decision → runtime. Each hop links upstream artifact, gate verdict, and downstream telemetry signature.

open ↗
№ 1242

Drift Incident Postmortem

Scene STA de
DRIFT-INC-0117 Postmortem
35% DRIFT CONVERGING

svc/ledger drifted from SPEC-211 over 11h window

DRIFT · 24H peak 35% · now 27%
SPEC vs IMPL 3 deviations
  • rate-limit

    spec

    100 req/s per key

    impl

    250 req/s per key (no cap)

  • audit-write

    spec

    sync, every event

    impl

    batched 5s, may drop on crash

  • waiver-ttl

    spec

    24h hard expiry

    impl

    soft expiry, manual revoke

ROOT CAUSE likelihood × impact
  • L:HIGH I:HIGH

    Spec re-write merged without re-running ICS gate

  • L:MED I:HIGH

    Agent autonomy ceiling raised by expired waiver

  • L:LOW I:MED

    Drift detector window too coarse (30s)

Green-To-Red

02:14:33

Convergence owner

@governor

Re-converge by

2026-05-21 · 23:59 UTC

Compositions / audit and telemetry

Drift-class postmortem: spec-vs-impl delta, drift-over-time chart, root-cause matrix, and Green-To-Red countdown until the spec is re-converged.

open ↗
№ 1243

Spec Traceability Matrix

Scene STA go
Traceability Matrix specs × artifacts
5 specs · 4 cols
SPEC INTENT TESTS COMMITS PROD SIGNOFF
SPEC-204 Order placement t:8e2a c:1182 p:r-11ab s:a811
SPEC-205 Refund window t:9d11 c:1183 p:partial s:b007
SPEC-207 Idempotency keys t:flaky c:1180 p:r-09cf s:a720
SPEC-211 Ledger sharding MISSING c:1185 p:r-33ef MISSING
SPEC-213 Audit retention t:7c33 MISSING MISSING MISSING
tests 60%
commits 80%
prod 60%
signoff 40%
Compositions / audit and telemetry

Cross-axis grid: specs × tests × commits × prod telemetry. Every cell either shows a hash or a missing-link warning — the orphans are the audit findings.

open ↗
№ 1244

Governance Action History

Scene STA go
Action History @governor · q2-2026
8 actions · 90d
SIGN · 4 WAIVE · 2 KILL · 1 ESC · 1
  • 05-21 17:44
    SIGN POSTMORTEM-INC-1842

    Awaiting action-item closure

    PENDING
  • 05-21 14:18
    SIGN Rollback exception

    SLO restored within 7m

    HIT
  • 05-21 08:42
    SIGN SPEC-204 v1.3

    Led to INC-1842; sign was premature

    MISS
  • 05-19 11:02
    KILL Deploy #1177

    Drift caught pre-prod

    HIT
  • 05-18 09:30
    ESCALATE Vendor outage MQ

    Resolved at provider in 14m

    HIT
  • 05-15 16:11
    WAIVE Two-person rule · #1170

    Solo-author waiver, clean ship

    HIT
  • 05-12 10:05
    WAIVE ICS floor · SPEC-198

    Quality slipped, rolled back later

    MISS
  • 05-08 13:48
    SIGN SPEC-194 v2.0

    No regressions in 14 days

    HIT
hit rate (excl. pending) 5 / 7 · 71%
Compositions / audit and telemetry

Per-governor ledger of every policy action over the quarter: signs, waivers, kills, escalations — each with link to the spec and the resulting outcome.

open ↗
№ 1245

Compliance Evidence Bundle

Scene STA go
BUNDLE-SOC2-Q1 Evidence Pack
67% READY SOC2-TYPE-II
  • CC-1.1 Code of conduct distributed policy/coc-v3.md sha:7c4a · @gatekeeper VERIFIED
  • CC-6.1 Logical access reviewed access-review-q1.csv sha:9f12 · @governor VERIFIED
  • CC-7.2 Change mgmt — sign-off proof audit-log-2026q1.json sha:e103 · @governor VERIFIED
  • CC-8.1 Incident response evidence inc-1842-postmortem.md sha:2bd8 · @author VERIFIED
  • A-1.1 Availability SLO attainment slo-report-q1.pdf sha:a811 · @governor PENDING
  • P-1.1 Privacy data-flow map dataflow.dot sha:MISS · — MISSING
sealed-at 2026-05-21 18:00 UTC · period 2026-Q1
Download bundle ↓
Compositions / audit and telemetry

Pre-assembled audit packet: control × evidence artifact × verification hash × auditor handle. The thing you hand to SOC2/ISO without it being a fire drill.

open ↗
№ 1246

Reasoning Trace Explorer

Scene STA go
TRACE-7c4a Reasoning Replay
tokens · 2923 cost · $0.029
  1. "User asks for refund logic. First check whether a spec exists."

    spec_search("refund")

    → SPEC-205 v0.4 — found

    tok · 412 $ · 0.004 conf · 92%
  2. "Read full spec to ensure I understand the constraints."

    read_file(SPEC-205.md)

    → 2 acceptance, 1 constraint

    tok · 984 $ · 0.010 conf · 95%
  3. "Spec says ≤24h window. Check existing implementation for boundary."

    grep("refund_window")

    → 3 hits in svc/billing

    tok · 611 $ · 0.006 conf · 88%
  4. "One hit uses 48h. Possible drift. Confirm before flagging."

    git_blame(billing.py:142)

    → last touched 14d ago, no spec

    tok · 528 $ · 0.005 conf · 79%
  5. "No spec reference in commit. Confidence drifts below threshold."

    escalate(governor)

    → paged @governor · ack 00:42

    tok · 201 $ · 0.002 conf · 71%
  6. "Governor confirmed drift. Open AAR ticket, stop autonomous edit."

    aar_open("billing-48h-drift")

    → AAR-0118 created

    tok · 187 $ · 0.002 conf · 88%

Verdict

HALTED

Confidence

88%

Escalated to

@governor

Compositions / audit and telemetry

AI agent decision trace: thought, tool call, observation, verdict — replayable step-by-step with cost + tokens + confidence annotations.

open ↗
№ 1247

Sign-Off History Tree

Scene STA go
Sign-Off Tree SPEC-204 · all versions
8 nodes · 40d
  1. SPEC SPEC-204 v1.0 created

    @author · sha:7c4a · 2026-04-12 10:14

  2. REVIEW Peer review passed

    @gatekeeper · sha:a112 · 2026-04-12 14:02

  3. SIGN Approved for autonomous build

    @governor · sha:a811 · 2026-04-13 09:30

  4. SPEC v1.1 — corrected rate-limit

    @author · sha:8d22 · 2026-04-20 11:00

  5. REAFFIRM Sign carried forward (delta low)

    @governor · sha:c441 · 2026-04-20 11:48

  6. SPEC v1.3 — hotfix path

    @author · sha:e103 · 2026-05-21 08:14

  7. WAIVE Two-person rule waived (solo)

    @author · sha:b007 · 2026-05-21 08:32

  8. SIGN Conditional sign (24h re-review)

    @governor · sha:a811 · 2026-05-21 08:42

authorisation depth 3 levels · 2 signs · 1 waiver · 1 reaffirm
Compositions / audit and telemetry

Tree view of a spec's sign-off lineage: parent spec → revision → reviewer attestation → governor sign → emergency waivers, all with hash anchors.

open ↗
№ 1248

Policy Violation Postmortem

Scene STA go
VIOL-G-0042 Policy Breach
SEV-2 REMEDIATED

Two-Person Rule breach during hotfix on SPEC-204

CITED CLAUSE · POL-G-7.2

"No code reaches production without sign-off from two distinct handles, where the second handle has not authored any commit in the merge window. Solo waivers are time-boxed (24h) and require post-hoc re-review."
EVIDENCE 3 artifacts
  1. sha:a811 Solo-author sign-off on SPEC-204 v1.3 08:42:11
  2. sha:b007 Same-person waiver issued at sign-time 08:32:48
  3. sha:c4f1 Merge committed without 2nd reviewer block 14:01:33

COST

  • ttr 00:14:32
  • $ ~$4,200
  • trust score −8 pts
  • blast 4 services

CORRECTIVE CONTROL

CTL-G-7.2.1

CI now blocks merge when same-person waiver is older than 1h. Waiver TTL hard-enforced server-side.

added · 2026-05-22 09:00

Filed by

@governor

Reviewed by

@gatekeeper

Closed

2026-05-22 · 09:30 UTC

Compositions / audit and telemetry

A focused postmortem layout for governance policy breaches — which clause, who breached, what the cost was, and the corrective control added.

open ↗
№ 1249

Evidence Chain Explorer

Scene STA go
Evidence Chain prev-hash linkage
INTEGRITY · BROKEN
  1. #000 GENESIS @governor
    2026-05-21 08:00

    prev

    sha:0000

    this

    sha:7c4a

  2. #001 SPEC-WRITE @author
    2026-05-21 08:14

    prev

    sha:7c4a

    this

    sha:9f12

  3. #002 SIGN @governor
    2026-05-21 08:42

    prev

    sha:9f12

    this

    sha:a811

  4. #003 DEPLOY @gatekeeper
    2026-05-21 09:01

    prev

    sha:a811

    this

    sha:d2a9

  5. #004 WAIVE @author
    2026-05-21 09:33

    prev

    sha:XXXX

    this

    sha:b007

    ⚠ prev-hash mismatch — chain broken at #4

  6. #005 KILL @gatekeeper
    2026-05-21 14:02

    prev

    sha:b007

    this

    sha:c4f1

verification 5 / 6 blocks ok
Compositions / audit and telemetry

Crypto-style hash chain showing each evidence artifact linked to the previous via prev-hash. Tampering shows up immediately as a broken link.

open ↗
№ 1250

Audit Export Package

Scene STA go
EXPORT-2026Q1 Audit Bundle
SIGNED TAR.GZ
CONTENTS 7 files
  1. audit-2026q1/
  2. specs/
  3. · spec-204.md 12.4 kB
  4. · spec-205.md 8.1 kB
  5. audit/
  6. · log-q1.jsonl 184.2 kB
  7. · postmortems.md 22.7 kB
  8. evidence/
  9. · signoffs.csv 4.5 kB
  10. · waivers.csv 1.2 kB
  11. · manifest.json 3.1 kB
SIGNATURE x509 · ed25519
issuer
CN=docodego-governance-root
subject
@governor · audit-export
fingerprint
7c:4a:9f:12:e1:03:a8:11:b0:07:c4:f1:2b:d8:d2:a9
not-after
2027-05-21 00:00 UTC
total 7 files · 236.2 kB · handle docodego://export/2026q1@7c4a
Verify ↗
Compositions / audit and telemetry

Read-only manifest of an exportable audit archive: file tree, sizes, sha-256s, signing certificate, and the export-by-name handle.

open ↗
№ 1251

Realtime Telemetry Feed

Scene STA de
Live Feed prod · us-east-1
refresh · 5s
SERVICES 5 probes · 60s window
  • svc/orders
    p99 142ms 0.02% err OK
  • svc/billing
    p99 188ms 0.04% err OK
  • svc/ledger
    p99 412ms 1.18% err DEG
  • svc/audit
    p99 61ms 0.00% err OK
  • svc/agent
    p99 220ms 0.11% err OK
EVENT TICKER 6 new
14:02:11 KILL · svc/ledger · drift > 35% · 14:04:33 PAGE · @governor joined #ops · 14:09:48 REVERT · PR #1184 rolled back · 14:16:43 CLEAR · svc/ledger p99 < 250ms · 14:18:43 SIGN · rollback exception by @governor · 14:30:02 ACK · INC-1842 entering postmortem · 14:02:11 KILL · svc/ledger · drift > 35% · 14:04:33 PAGE · @governor joined #ops · 14:09:48 REVERT · PR #1184 rolled back · 14:16:43 CLEAR · svc/ledger p99 < 250ms · 14:18:43 SIGN · rollback exception by @governor · 14:30:02 ACK · INC-1842 entering postmortem ·

Error budget

62%

remaining · 28d window

Burn rate

1.4×

elevated · last 1h

Watching

@governor

on-call · 22:00–06:00

Compositions / audit and telemetry

Live-style governance telemetry: per-service heartbeat strip, latest events ticker, and an SLO countdown panel — all rendered server-side with CSS animation.

open ↗
Alpha · Honest about it

The framework is real.
The community is forming now.

DoCoDeGo is in Alpha. The framework is documented, the practices are battle-tested at small scale, and the next release is being shaped in public.

If it produces anything, it should produce engineers and teams who think more clearly about what they are building and why.

Two doors in
Join the Discord

Discord is where specs are debated, the framework gets sharper, and decisions land in writing. The conversation is the artefact.