Lesson 588 of 2116
Redaction and Audit Logs for Agent Systems
Teach students to protect secrets and private context while still keeping enough evidence to debug agent behavior.
Lesson map
What this lesson covers
Learning path
The main moves in order
- 1What the local Hermes build teaches
- 2redaction
- 3audit log
- 4secret
Concept cluster
Terms to connect while reading
Section 1
What the local Hermes build teaches
This build lab focuses on the logging boundary that protects secrets while preserving accountability. The goal is not to copy a private machine setup. The goal is to learn the architecture pattern well enough to build a small, classroom-safe version.
Redaction should happen before logs leave the process, and audit logs should record action, actor, approval, result, and risk without exposing sensitive values.
Compare the options
| Hermes pattern | Student build | Risk to handle |
|---|---|---|
| Name the boundary | a redaction checklist and audit-log schema for agent actions | logging tokens, private messages, auth headers, prompts with personal data, or raw tool outputs into a dashboard |
| Keep the interface small | Start with one happy path and one failure path | Avoid a demo that only works when everything is perfect |
| Make the system observable | Log decisions, status, and errors in plain language | Do not log private data or secrets |
Build the small version
- 1Draw or write a redaction checklist and audit-log schema for agent actions.
- 2Mark which parts are user-facing, which parts are internal, and which parts require approval.
- 3Choose one low-risk workflow and implement only that workflow first.
- 4Add one failure case before adding a second feature.
- 5Write a short operator note: what the agent may do, what it must ask about, and what it must never do.
A classroom-safe skeleton inspired by the local Hermes architecture scan.
audit_event:
time: 2026-04-27T12:00:00Z
actor: student-demo
action: send_email_draft
approval: teacher_confirmed
inputs_redacted: true
result: draft_created
risk: medium
Never log:
- tokens
- auth headers
- private message bodies
- service-role keysKey terms in this lesson
The big idea: redaction is not decoration. It is part of the product architecture students need before an agent becomes safe enough to use with real people.
End-of-lesson quiz
Check what stuck
15 questions · Score saves to your progress.
Tutor
Curious about “Redaction and Audit Logs for Agent Systems”?
Ask anything about this lesson. I’ll answer using just what you’re reading — short, friendly, grounded.
Progress saved locally in this browser. Sign in to sync across devices.
Related lessons
Keep going
Creators · 25 min
Remote-Control Relay With MCP and Approval Gates
Teach the safe architecture for a local computer-control relay: observe, propose, approve, act, audit. What the local Hermes build teaches This build lab focuses on the local relay that lets an agent help with desktop tasks without becoming an uncontrolled operator.
Creators · 11 min
AI and agent action logging
Log every agent action so you can debug, audit, and learn from runs after the fact.
Builders · 40 min
Reading an Agent Trace
A trace is the full record of what an agent did and why.