Developer Builds Open-Source AI Agent Audit Middleware Tracepath in One Weekend

A security-turned-AI engineer has released Tracepath, an open-source middleware designed to make AI agents built with frameworks like LangChain, CrewAI, and AutoGen fully auditable and regulation-compliant. The tool intercepts every agent tool call, cryptographically signs it using Ed25519, enforces Open Policy Agent rules, and stores logs in an immutable WORM format for 365 days. Tracepath targets compliance with frameworks such as the EU AI Act and FINRA, offering a five-tab dashboard covering audit trails, real-time incident detection, policy versioning, compliance reports, and AI-powered incident classification via Google Gemini 2.5 Flash. The entire stack can be deployed locally with a single Docker Compose command. The project was motivated by the developer's background in web application security and the EU AI Act's Article 50 requirement for high-risk AI systems to maintain logs and support human oversight.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in