c16
c16 / wf5.m2 - Agent Control Plane — hi-fi unconstrained (wf5.m2) / Activity Log·control-plane-v1/activity-log·draft

Security · Activity Log

Replay exactly what an agent did — before you remediate.

Lens

Recorder coverage — known vs guessed

The full per-event store is roadmap; this trail is reconstructed from event-family aggregates + per-agent behavior (file reads, MCP calls, run starts, risk factors). 1 shadow agent emit no telemetry — their actions are absent from the recorder entirely, the one hole instrumentation can't backfill.

52,400 events across 6 families in the window. 15 reconstructed actions are flagged, 6 tie directly to an open finding — and 1 shadow agent leave no trail at all.

52,400

events in window

6 families

15

flagged actions

risk-bearing behavior

6

tie to a finding

the why behind the worklist

7

agents on recorder

emitting telemetry

1

dark — no trail

shadow, unrecorded

Event volume — last 7 hours

recording
52,400 events total

When the fleet was busy, segmented by event family. Hover any hour to read the mix.

08:0009:0010:0011:0012:0013:0014:00

Event-family mix

6 families

Click a family to scope the timeline and decision log below.

Decision log — agent → action → target → outcome

reconstructed · newest first

Flagged actions lead the view — these are the events behind the open findings. Clear the filter to see the full chronological record.

15 of 31 events
06-03 14:02:11
fileClaude Codehigh risk

read secret_file

./.env

06-03 14:02:11
fileClaude Codehigh risk

read cloud_credentials

~/.aws/credentials

06-03 13:55
processsupport-copilothigh risk

Running as root

root@svc-support-1

06-03 13:55
processsupport-copilotflagged

No tool-approval policy

root@svc-support-1

06-03 13:55
filesupport-copilothigh risk

read secret_file

/var/secrets/zendesk.token

06-03 13:40
processdata-pipeline-agentflagged

No tool-approval policy

svc-data@etl-worker-2

06-03 13:39:50
llmdata-pipeline-agentflagged

9.2M tokens consumed

no spend ceiling

06-03 12:10
processmarketing-gpthigh risk

Approvals & sandbox bypassed (yolo)

root@mktg-runner

06-03 12:10
processmarketing-gpthigh risk

Running as root

root@mktg-runner

06-03 12:10
processmarketing-gpthigh risk

Permission checks bypassed

root@mktg-runner

06-03 12:10
filemarketing-gpthigh risk

read secret_file

/srv/marketing-gpt/.env

06-03 11:48
processCursorflagged

No tool-approval policy

jane@jane-mbp

06-02 19:30
processCodex CLIflagged

Sandbox disabled

dev@dev-box-7

06-02 19:30
processCodex CLIflagged

No tool-approval policy

dev@dev-box-7

06-02 19:30
fileCodex CLIflagged

read secret_file

./config/secrets.yaml

Per-agent activity — who is doing the most

8 agents · 1 dark
Agent
Observed events
Top family
Last active
Findings
data-pipeline-agent
8,800
tool06-03 13:401
support-copilot
3,825
tool06-03 13:55
Claude Code
1,774
tool06-03 14:02:111
marketing-gpt
1,475
tool06-03 12:102
Cursor
1,292
tool06-03 11:48
Codex CLI
740
tool06-02 19:301
Claude Desktop
232
tool06-03 09:20
Zed Agent
dark
no telemetry
06-01 18:001

Findings ↔ Activity

Findings is the distilled worklist; Activity Log is the full record behind it. Reconstructed from activity.families / activity.timeline + per-agent data_access · mcp_servers · sensitive_files · factors · runs (per-event store is roadmap).