Audit log and undo for agent-driven writes #54
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#54
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Every agent-driven write — whether confirmed in the PWA chat or via an MCP client — is captured in an audit log with full before/after state. The user can review recent agent actions and undo the most recent ones.
Scope
agent_audit_logtable:(id, user_id, conversation_id NULL, source enum(pwa, mcp), tool, params_json, before_state_json, after_state_json, applied_at, undone_at NULL). User-scoped FK.before_stateback. Marks the rowundone_atso it can't be undone twice.Acceptance criteria
source.Part of epic #47. Depends on the Domain tool surface (the commit path is where audit rows are written).