BeforeWire 中文 Request shadow audit

Security review packet

A control checklist for agent execution.

BeforeWire gives reviewers a concrete enforcement point, deterministic policy decisions, local evidence, and a path toward capability-surface governance.

Inspect the packet Open evidence page
review index
1
control placement
2
policy decision
3
local evidence
4
team extension
review packet

Review the control before you review the model.

Security teams need to know where the decision happens, which action was stopped, what policy matched, and what evidence remains in the local environment.

packetBW-SEC-REVIEW-024
Can this evidence enter an agent launch review?

BeforeWire turns response screening and action decisions into review objects: denied actions, sensitive egress, capability drift, canary hits, policy changes, and receipt hashes.

scope
agent action boundary
evidence
decision receipts, policy hits, capability snapshots
owner
AI platform / security engineering
CTRL-ENF

Enforcement point

BeforeWire runs near the agent and tools, while actions are still inspectable and before they touch shell, HTTP, files, databases, or MCP servers.

CTRL-DEC

Decision record

Each allow, warn, or deny result records source, action, policy, effect, reason, capability snapshot, and hash-chain receipt.

CTRL-REV

Review surface

Review denied actions, canary hits, capability drift, unapproved tools, and policy changes before they become production incidents.

CTRL-EXT

Team extension

Team deployments can add policy distribution, approval workflows, private audit aggregation, compliance evidence, and a capability registry.

review materials

The packet is backed by recordings and reports.

Use the evidence page for live recordings, report samples, and local reproduction. Use docs for technical setup and audit intake.

Evidence pageOPENRecordings, reports, and replayable proof. Sensitive egress reportHTMLGenerated evidence report from a local demo. Audit intake templateHTMLRedacted config and trace submission template. Docs indexOPENAll public technical documents in one route. Relay poisoning use caseOPENConcrete lab proof for response-path tampering. Recording guideHTMLHow to reproduce the recordings and report pack.
shadow audit48 hour packet
Send a redacted agent config or trace.

We map your AI clients, API routes, MCP tools, outbound destinations, approval flow, and the evidence packet your security team needs for launch review.

Request shadow audit