Monitoring Methods
Three Ways to Record AI Behavior
Each method offers different confidence, coverage, and setup complexity. Use them independently or combine for maximum assurance.
AI Gateway / MCP Proxy
Sits in the data path between the AI agent and its tools — transparently captures every interaction.
- Records every tool call with arguments and results
- Zero changes to AI agent behavior
- Works with any MCP-compatible tool or AI gateway
- Cryptographically signed reports
Platform Webhooks
Platform-verified events — the platform confirms which bot account performed the action.
- Bot account identification by platform
- Cryptographically signed webhook payloads
- Real-time event delivery
- Covers commits, PRs, reviews, deployments
Heuristic Detection
Pattern-matching on commit metadata, PR content, and branch naming conventions.
- No additional setup — runs automatically
- Detects commit trailers and PR body markers
- Branch and workflow pattern matching
- Multiple signals increase confidence
What Gets Recorded
Definitive
Verified
Probable
Every tool call
Call details recorded
Summarized
Platform-verified identity
Cryptographic signature
HMAC-SHA256
HMAC-SHA256
Inferred
Missed events possible
Low
Moderate
AI tools covered
Any MCP tool
Per-platform
GitHub only
Research Foundation
LLM Exposure Monitoring: Platform Openness & Recording Depth
Systematic analysis of AI platform recording capabilities. Evidence basis for the attestation source model and confidence tier classification.
DOI: 10.5281/zenodo.19112060OpenExecution records only. It never creates, modifies, or deletes resources in your connected platforms.