EU AI Act Article 12 — enforceable Dec 2, 2027
Agnys records every model call, tool use, file edit and shell command your AI agents make — with zero code changes — and turns it into tamper-evident, audit-ready proof for the EU AI Act, GDPR, ISO 42001 and NIST AI RMF.
One binary · 8+ AI tools auto-detected · No SDK required
| 0041 | 14:02:07.113 | model_call | claude-code → /v1/messages | ⇠ e120 9f3a…c214 | | 0042 | 14:02:09.418 | tool_use | Bash "npm run deploy" | ⇠ 9f3a b7e0…41af | | 0043 | 14:02:09.871 | human_approval | approved — deploy to prod | ⇠ b7e0 55d2…9e10 | | 0044 | 14:02:11.204 | file_edit | src/config/prod.ts (+12 −3) | ⇠ 55d2 c81f…77b3 | | 0045 | 14:02:13.559 | shell_exec | git push origin main | ⇠ c81f 20aa…e5c6 |
Captures everything these tools do — no code changes
- Claude
- Claude Code
- ChatGPT
- Gemini
- Grok
- GitHub Copilot
- VS Code
- OpenAI API
- Groq
- Antigravity
- Python SDK
- Node SDK
- Browser extension
- Webhooks
The problem
AI agents are compliance black boxes. #
You deploy agents into production and hope for the best. That's not good enough when an auditor comes knocking.
You can't see what your agent did
When something goes wrong, you have no idea which tool was called, what data was read, or what decision led to the failure.
Anomalies go undetected for days
Agents silently misbehave — burning tokens, touching wrong files, sending unexpected emails — and you only find out when the damage is done.
Compliance teams demand audit trails
The EU AI Act, GDPR, ISO 42001 and NIST AI RMF all require you to prove what your AI did and why. Right now, you have nothing to show them.
The solution
Agnys gives you complete AI governance. #
One forwarder. Zero code changes. From raw capture to anomaly detection to auditor-ready evidence.
Real-time action feed
Every model call, tool use, file edit and shell command — streamed to your dashboard live as it happens.
Behavioral DNA
Agnys learns each agent's normal patterns automatically, then flags drift, prompt injection and scope creep before they spread.
Tamper-evident exports
SHA-256 hash-chained audit logs and signed PDF/CSV evidence, scored against the EU AI Act, GDPR, ISO 42001 and NIST AI RMF.
AQL Search Lab
Query your entire audit history with a real query language — pipeline stats, sequence operators, saved searches and alerts.
Full session replay
Forensic reconstruction of any session: trigger → decisions → tool calls → outcome. Every second accounted for.
Zero-code capture
One binary auto-detects Claude, ChatGPT, Gemini, Copilot, VS Code and more. SDKs stand ready for teams instrumenting their own agents.
Compliance coverage
18 Deterministic Compliance Checks #
Every check is code-deterministic — not a checkbox survey. Traces are scored against all four frameworks with per-finding evidence.
Audit trails can't be backdated. High-risk EU AI Act Article 12 obligations begin Dec 2, 2027 — but the evidence auditors ask for only exists from the day logging starts. GDPR is in force today; ISO 42001 and NIST AI RMF raise the bar.
EU AI Act
Art. 12Mandatory logging of AI system events — high-risk Article 12 obligations apply from Dec 2, 2027.
GDPR
Art. 30Requires records of all automated processing activities involving personal data.
ISO/IEC 42001
A.8.3AI management-system standard — continuous logging and documentation controls.
NIST AI RMF
Govern–ManageVoluntary risk-management framework, scored per trace with exportable documentation.
Export formats
Auditor-ready exports
Auditor-ready report with chain-of-custody appendix and regulation-specific sections. Digitally signed.
CSV
Flat export of every event with compliance-check columns. Importable into any GRC tool.
JSON
Full event payloads with SHA-256 hashes and prev-hash chain references. Machine-verifiable.
Your logs stay yours.
Tamper-evident, verifiable exports · Per-agent hash chains anchored to WORM storage · We never train on your data
Inside the platform
See exactly what your AI agents are doing. #
Auditor-ready reports on demand
- Score every trace against GDPR, EU AI Act, NIST AI RMF and ISO/IEC 42001
- Run checks on a schedule or on demand over any date range
- Export sealed PDF and CSV reports with per-finding evidence
How it works
Two halves that snap together. #
Capture lives where your AI tools live. Intelligence lives on the server, so it improves without shipping a new binary.
Runs on your machines
The Forwarder
One small binary. It auto-detects installed AI tools and captures each with the right mechanism — no SDK, no code changes.
- HTTPS proxy reads real API traffic from Claude, ChatGPT, Gemini, Grok, Copilot and native apps
- Log tailers and on-disk readers capture what proxies can't — including the human approval moment
- Crash-safe disk buffer, sequence-exact delivery, sleep/wake recovery
Runs in the cloud
The Platform
Every event flows through the same evidence pipeline:
- 1 Ingest
One prompt becomes one trace; tool calls thread into it automatically.
- 2 Hash chain
Every event's SHA-256 folds in the previous hash; tips anchor to WORM storage.
- 3 Attribute
Who caused each action, and how much human control there was.
- 4 Score & export
Compliance scoring against 4 frameworks; signed PDF/CSV evidence.
Capture coverage
How it sees everything. #
Each tool's architecture dictates its capture method. One install covers them all.
| Mechanism | Captures | Why this one |
|---|---|---|
| HTTPS proxy | claude · chatgpt · gemini · grok · groq · openai · copilot | A local CA with on-demand leaf certificates reads the real API traffic for native apps and browsers alike. |
| Always-on edge proxy | fronts the interceptor | If capture ever restarts, traffic falls through to direct passthrough — your tools never break. |
| Log tailer | claude desktop | Captures the human permission-approval moment that API traffic can't show. |
| On-disk chat reader | vs code copilot · antigravity | Their model calls run in processes no proxy can see; the saved state is the source. |
| CDP / MCP | electron apps · mcp-aware tools | Native capture channels — no certificate install required. |
| SDK · extension · webhook | python · node · browser · zapier · n8n | For teams instrumenting their own agents or no-code platforms. |
Proof, not dashboards
Try to rewrite history. The chain will tell on you. #
Every event's hash folds in the one before it, and chain tips are frozen to write-once storage. This is what lets you prove to a regulator that a log was never altered — not just claim it.
| 0105 | model_call | refund request — order #18274 | ⇠ 77aa 3d81…a0f2 | | 0106 | tool_use | payments.refund $480.00 | ⇠ 3d81 6c19…b344 | | 0107 | human_approval | approved by j.moreau | ⇠ 6c19 9e02…518c | | 0108 | file_edit | ledger/2026-07.csv (+1 row) | ⇠ 9e02 b4f7…20de |
EU AI Act · Article 14
Meaningful oversight, measured.
Agnys correlates the human's permission click to the exact action it authorized — turning "a human was probably around" into this person approved this action at this moment. Agent-to-agent calls never count as human control.
- Oversight ratio
- 78% overseen
- Irreversible & unsupervised
- 2.4%
- Rubber-stamping
- flagged — 3 approvals, 5s apart
The platform
Everything downstream of the record. #
Nine capability domains, all built on a single tamper-evident event record.
Capture & ingest
Idempotent, rate-limited ingestion. One prompt becomes one trace; tool calls thread into it automatically.
seq-exact delivery
Tamper-evident integrity
Per-agent SHA-256 hash chains anchored to write-once storage. Edit any past row and everything after it breaks.
SHA-256 · WORM anchor
Attribution & oversight
Who caused each action, and how much human control there was — the exact EU AI Act Article 14 question.
human-in-loop · rubber-stamp
Anomaly intelligence
Per-event anomaly scoring, per-agent behavioral DNA with drift detection, and a circuit breaker for destructive bursts.
DNA · circuit breaker
AQL search
A real query language over every captured field, with pipeline stats, sequence operators and saved searches.
Search Lab
Compliance engine
Scores traces against the EU AI Act, GDPR, ISO 42001 and NIST AI RMF. PII scanning, signed evidence exports.
4 frameworks · PDF + CSV
Detections & alerts
MITRE ATLAS and OWASP-LLM-tagged detections with dedup, plus alert rules to Slack, email and PagerDuty.
preview == live engine
Cost tracking
Per-model cost computed at ingest, pre-aggregated rollups for fast dashboards, retention and archival tiering.
rollups · retention
Enterprise governance
Organizations, SSO, role-based access, plan gating with trials, and billing — multi-tenant from day one.
RBAC · SSO
Pricing
Start free. Scale when the auditors do. #
No credit card required. Cancel anytime.
Developer
For individual developers recording their own agents.
[Start free](https://app.agnys.net)
- 1 agent
- 10,000 events/month
- 7-day retention
- Zero-code forwarder + SDKs
- Live action feed
- Session replay
- Hash-chained audit log
- Basic alerts
Team
For teams running AI agents and assistants in production.
[Start free trial](https://app.agnys.net)
- Up to 10 agents
- 1M events/month
- 90-day retention
- Everything in Developer
- Behavioral DNA + anomaly detection
- AQL Search Lab
- Alert channels (Slack, email)
- Multi-user + roles
Enterprise
For regulated industries that need to hand proof to auditors.
- Unlimited agents & retention
- Everything in Team
- Compliance scoring — EU AI Act, GDPR, ISO 42001, NIST AI RMF
- Signed PDF/CSV evidence exports
- WORM chain anchoring
- Article 14 oversight reporting
- SSO + RBAC + organizations
- SLA + dedicated support
Compare all features
Questions
Answers before the auditor asks. #
What does Agnys actually record? #
Every model call, tool use, file edit and shell command your AI agents and assistants make — captured at the network and OS level and threaded into per-session traces with full attribution.
Do I need to change my code? #
No. The Agnys Forwarder is one small binary that auto-detects installed AI tools — Claude, Claude Code, ChatGPT, Gemini, Grok, Copilot, VS Code and more — and captures via HTTPS proxy, log tailing, CDP and MCP. SDKs exist for teams instrumenting their own agents.
How long does setup take? #
Under five minutes. Install the forwarder, and it auto-detects your AI tools and starts recording. No SDK, no config, no code changes.
How is the audit trail tamper-evident? #
Every event's SHA-256 hash folds in the previous event's hash, forming a per-agent chain. Edit any past record and every hash after it breaks. Chain tips are periodically anchored to S3 Object Lock (WORM) storage, so even recomputing every internal hash can't match the external digest.
Which regulations does Agnys cover? #
Agnys scores traces against the EU AI Act, GDPR, ISO 42001 and NIST AI RMF, with in-memory PII scanning and signed PDF/CSV audit exports.
Does Agnys help with EU AI Act Article 12 and Article 14? #
Yes. Article 12 requires automatic recording of events — that is exactly what the capture layer produces. For Article 14, Agnys correlates each human approval to the specific action it authorized, computes oversight ratios, and flags rubber-stamping.
Will it slow down or break my AI tools? #
No. An always-on edge proxy fronts the interceptor — if capture ever restarts, traffic falls through directly and your tools keep working. Capture is passive and adds no work to your agents.
Can I self-host Agnys? #
The platform runs as a managed cloud service today. Dedicated and self-hosted deployment options are on the enterprise roadmap — book a demo to talk through requirements.
Get started
Start recording before the auditors start asking. #
Free developer tier, no credit card. One binary install — most teams are recording within the hour.
- No SDK, no code changes
- 8+ AI tools auto-detected
- Tamper-evident from event one