AI Safety & Governance

Every AI decision is a complete dossier,
prompt, response, tools, and outcome

A Decision Bundle is everything an auditor (or a curious engineer) needs to understand one agent action. The system prompt. The user prompt. The model. The tools called and what they returned. The verifier checks at T+5m, T+1h, T+24h. Bundle the whole thing into one signed JSON file and ship it to legal.

Get Started Talk to Sales
app.novaaiops.com / decision-bundles
● LIVE
100%
Of agent actions bundled
Signed
JSON, tamper-evident
7 yr
Default retention
Export
one-click for legal
What's in a Bundle

Five sections, one signed file

Each bundle is a single JSON file with five sections: (1) the inbound signal that triggered the action, (2) the LLM transaction (system prompt, user prompt, model, response), (3) the tool calls in order with arguments and responses, (4) the verifier checks (T+5m, T+1h, T+24h), and (5) metadata (agent, tenant, operator, timestamps, signed hash chain link).

  • Section 1 · inbound signal: the alert, page, or request that started the chain, preserved verbatim
  • Section 2 · LLM transaction: system + user prompt, model id and version, raw response, token counts, cache flag
  • Section 3 · tool calls: every tool call with arguments and the response shape, in execution order
  • Section 4 · verification: ground-truth checks at T+5m, T+1h, T+24h, each with the SLI value compared to the SLO
app.novaaiops.com / decision-bundles · anatomy
Hash Chain

Tamper-evident, not just append-only

Bundles are stored in a hash-chained ledger. Each bundle's metadata includes the hash of the previous bundle. Editing any bundle in history breaks the chain at that point and is detectable in seconds. Exports include the chain proof, so an auditor can verify the export was not selectively trimmed.

  • SHA-256 chained: each bundle records the SHA-256 of the previous bundle's canonical JSON form
  • Detectable trim: a missing bundle leaves a break in the chain that the export verifier flags immediately
  • Independently verifiable: the verifier is a public CLI (nova-verify) so auditors can validate without trusting Nova's UI
app.novaaiops.com / decision-bundles · chain
Search & Filter

Find any decision in seconds

The bundle store is searchable on every field: agent, tenant, signal, tool, model, outcome, time range, free-text against prompt body. The search is the same query layer (NovaQL) used for logs and metrics, so the same query syntax works across the whole platform.

  • NovaQL queries: same syntax as the rest of the platform, one query language for logs, metrics, and decision history
  • Saved searches: the "every bundle for this incident" query is saved on the incident page automatically
  • Cross-tenant only for platform-admin: normal users see their tenant's bundles; platform-admin sees everything for support
app.novaaiops.com / decision-bundles · search
Export for Audit

One click, one signed archive

Click "Export for audit" and Nova bundles every decision in your selected window into a signed tar.gz with a manifest, the public key for verification, and instructions for the auditor. Default windows: this quarter, last quarter, this year. Custom windows supported. Email straight to your auditor with the export URL.

  • Signed tar.gz: every export is signed with a per-tenant key; unauthorized edits to the archive break the signature
  • Auditor manifest: manifest lists every bundle by id and hash, plus instructions to verify offline with nova-verify
  • Email-friendly URL: export gets a 30-day signed URL that you can email directly to the auditor, no shared S3 buckets
app.novaaiops.com / decision-bundles · export
Video walkthrough coming soon

Subscribe to Nova AI Ops on YouTube for demos, tutorials, and feature deep-dives.

Auditors love a tidy paper trail

Decision Bundles are the format your SOC2 auditor will ask for, ready before the question.

Get Started Request a Demo