I have been running into the same problems recently instrumenting my LangChain and CrewAI agent pipelines. If something goes wrong with a tool call, there was no way to way to prove what the agent did, in what order, and whether the logs have been modified. Observability platforms like LangSmith and Langfuse are great at optimizing for agent behavior, tokens and costs but they do not produce legally defensible and auditable artifacts. That's the reason why I decided to build RootSign, an SDK that instruments your CrewAI and LangGraph agents and produces cryptographic audit logs for CrewAI and LangGraph agents. RootSign adds a cryptographic hash chain to every tool call. If any record is modified after the fact, "rootsign verify" detects it.
What it does:
- SHA-256 hash chain across every Action record in a session - Human-in-the-loop checkpoints with Approval records for certain agent actions - PII redacted before hashing (StandardPIIConfig out of the box) - Works with LangGraph and CrewAI — AutoGen coming soon - Local first (Postgres + Timescale) — no cloud dependency
What it doesn't do (yet): compliance dashboard, cloud backend, policy engine, all on the roadmap.
Please try it out on the Github repo, contributions and feedback are always welcome.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。