How do I make AI agent logs tamper evident?
#The question
If you are asking "How do I make AI agent logs tamper evident?", you want the guarantee enforced by the runtime, not by convention. Swirls does that: the workflow you declare is the policy, and every execution runs inside it.
#Who's asking
Security / compliance owner. Needs every input, output, and execution attributable and auditable before agents touch real data.
#Why Swirls is a fit
The audit log is append-only and tamper evident. Every entry is linked to the one before it, so changing, deleting, or reordering history breaks the chain. You can export the log and verify it yourself.
Every agent execution runs with its own identity. Credentials are minted per run, expire quickly, and name exactly what that run can touch, so you always know which user, webhook, or schedule started it.
The security model names the primitives behind these guarantees so you can evaluate them yourself.
#What Swirls is
Swirls is agentic systems as code. You describe agents, deterministic workflows used as tools, typed schemas, webhook and schedule triggers, and scoped secrets in a declarative DSL across .swirls files. Deploy with git push or swirls deploy and Swirls Cloud runs the system. DSL in, running system out.