BeforeWire 中文 Start evidence review

Security review packet / action receipts

A control checklist for agent execution.

Permission prompts are not review evidence. BeforeWire gives reviewers a concrete enforcement point, deterministic policy decisions, tamper-evident receipts, and a path toward capability-surface governance.

Inspect the packet Open evidence page
review index
1
control placement
2
policy decision
3
action receipts
4
evidence handoff
review packet

Review the control before you review the model.

Security teams need to know where the decision happens, which action was stopped, what policy matched, whether MCP or tool capability drifted, and what receipt remains in the local environment.

packetBW-SEC-REVIEW-024
Can this evidence enter an agent launch review?

BeforeWire turns response screening and action decisions into review objects: denied actions, sensitive egress, MCP manifest drift, canary hits, policy changes, and receipt hashes.

scope
agent action boundary
evidence
decision receipts, policy hits, capability and MCP snapshots
owner
AI platform / security engineering
CTRL-ENF

Enforcement point

BeforeWire runs near the agent and tools, while actions are still inspectable and before they touch shell, HTTP, files, databases, or MCP servers.

CTRL-DEC

Decision receipt

Each allow, warn, or deny result records source, action, policy, effect, reason, capability or MCP snapshot, redaction status, and hash-chain proof.

CTRL-REV

Review surface

Review denied actions, canary hits, MCP manifest drift, unapproved tools, and policy changes before they become production incidents.

CTRL-EVD

Evidence handoff

Share redacted receipts and report fields with reviewers while raw prompts, keys, and local traces stay in your environment.

review materials

The packet is backed by recordings and reports.

Use the evidence page for live recordings, report samples, and local reproduction. Use docs for technical setup and evidence review input.

Evidence pageOPENRecordings, reports, and replayable proof. Sensitive egress reportHTMLGenerated evidence report from a local demo. Evidence review inputHTMLRedacted config and trace submission template. Docs indexOPENAll public technical documents in one route. Relay poisoning use caseOPENConcrete lab proof for response-path tampering. Recording guideHTMLHow to reproduce the recordings and report pack.
evidence reviewredacted input
Send a redacted agent trace or MCP config.

We review the action boundary, policy hits, sensitive egress signals, and receipt fields using only the material you choose to share.

Start evidence review