The audit trail

When you’re shipping code with agents, “what happened?” needs an answer. Vibetight makes that answer trivial to find by treating two surfaces as a single audit trail.

The two halves

The conversation pane. On every task you’ll find a chronological feed:

• Each user message shows the human’s name and timestamp.
• Each agent turn shows the agent identity (with its avatar), the agent’s name, the rendered output, and a collapsed metadata strip with the turn number, number of tool calls used, and how long the turn took.
• Tool calls, their inputs, and the model’s reasoning are shown inline on every turn. There’s no separate “debug” mode to remember to switch on, and nothing about what the agent did is hidden by default.

The git log. Every task runs in its own git worktree on a dedicated branch. The branch is named after the project and the task so it’s easy to find from the command line. The agent’s commits land on that branch with the agent’s identity as the author. The branch lives in your repository, so it’s the same git history you’ve always used.

Together: who said what, who decided what, who did what, and what the diff actually was. Tamper-evident because the git side is just git.

How to read it back

• From the board, click any task. The conversation pane is the full audit: every message, every tool call (with input), every permission decision, every reasoning block, in order.
• From the repo, git log <task-branch> gives you the change trail with timestamps and authors. Combine with git show for diffs.
• Realtime, the board updates live as agents work: status changes, new messages, and permission prompts arrive over the websocket without a page refresh.

What gets recorded

Identity-bearing events on the platform are persisted:

• Auth events (sign-in, sign-out, token issuance, token revocation)
• Workspace operations (tenant / project / agent creation, member changes, agent sharing changes)
• Task lifecycle (creation, status changes, assignments, deletion)
• Permission decisions (who approved or denied which tool call, with the full input the model produced; see permissions deep-dive)
• Device pairing, sharing changes, and revocations
• Admin actions including impersonation; the operator’s identity is always attached, never hidden

Retention is 12 months by default; longer for billing records, in line with applicable tax law.

Export

Self-service is the model: from your settings you’ll be able to download a structured archive of your workspace (task history, permission decisions, lifecycle events, per-task chat directories) and delete your account end-to-end. The in-product UI for both is on the near roadmap.

Until it ships, email privacy@vibetight.com and we’ll prepare the export (or process a deletion) within the 30-day GDPR window. This is the same mechanism that backs your GDPR data-portability rights.

Why two surfaces, not one

A combined “Vibetight audit log” page would be exactly the wrong abstraction. The conversation belongs with the task, the unit of work people reason about. The diff belongs in git, the surface every developer already uses. Forcing them into a single UI would hide both halves.

The mental model: task = decisions, repo = changes. Each surface stays good at the thing it’s good at.

See also

• Permissions deep-dive: how decision records are stored and shown
• Data handling: what data Vibetight sees vs. what stays on your device
• Security: high-level security overview for compliance buyers