v1v2
role
trust
Loopmason·Northwind Technologies/Whole organization

Alerts

Risky patterns flagged in-session by your risk-detection rules — triage, resolve, or dismiss

Open flags
15
Critical
8
High
5
Risk flags caught
27
all-time

Review queue

Triage — resolve or dismiss each flag

  • critical
    Policy violationreviewed· 2d ago

    Attempted edit outside allowed workspace path

  • critical
    Prod accessdismissed· 19h ago

    Session touched production database credentials

    Dev RaoView session →Caught in-session
  • critical
    PII in transcript· 2d ago

    Customer email addresses appeared in transcript

  • critical
    PII in transcript· 1d ago

    Customer email addresses appeared in transcript

  • critical
    Destructive commandreviewed· 22h ago

    Model proposed `rm -rf` on a tracked directory

  • critical
    Policy violation· 20h ago

    Attempted edit outside allowed workspace path

  • critical
    Prod access· 23h ago

    Session touched production database credentials

  • critical
    Prod access· 18h ago

    Session touched production database credentials

    Chen IyerView session →Caught in-session
  • high
    Policy violation· 1d ago

    Attempted edit outside allowed workspace path

    Ines FordView session →Caught in-session
  • high
    Destructive commandreviewed· 2d ago

    Model proposed `rm -rf` on a tracked directory

  • high
    Policy violation· 19h ago

    Attempted edit outside allowed workspace path

  • high
    PII in transcriptdismissed· 19h ago

    Customer email addresses appeared in transcript

  • high
    Destructive command· 19h ago

    Model proposed `rm -rf` on a tracked directory

  • medium
    Prod access· 1d ago

    Session touched production database credentials

  • medium
    Policy violation· 19h ago

    Attempted edit outside allowed workspace path

  • medium
    Destructive command· 45m ago

    Model proposed `rm -rf` on a tracked directory

  • medium
    Destructive command· 2d ago

    Model proposed `rm -rf` on a tracked directory

  • low
    Policy violationdismissed· 1d ago

    Attempted edit outside allowed workspace path

    Yara WangView session →Caught in-session
  • low
    Prod access· 23h ago

    Session touched production database credentials

  • low
    Policy violationreviewed· 22h ago

    Attempted edit outside allowed workspace path

  • low
    PII in transcript· 2d ago

    Customer email addresses appeared in transcript

  • low
    Prod accessreviewed· 23h ago

    Session touched production database credentials

  • low
    Secret exposurereviewed· 2h ago

    Possible API key pasted into prompt context

  • low
    Policy violationdismissed· 0m ago

    Attempted edit outside allowed workspace path

  • low
    Prod accessreviewed· 0m ago

    Session touched production database credentials

  • low
    Secret exposuredismissed· 2d ago

    Possible API key pasted into prompt context

  • low
    Prod access· 1d ago

    Session touched production database credentials

    Chen IyerView session →Caught in-session

Signal integrity

Method signatures that look synthetic — team-level patterns routed to leads as conversation starters, never a named accusation or a ranking.

Faking work costs nearly as much as doing it — and leaves these detectable signatures. Read as a prompt to talk, not a verdict.

  • medium
    zero-rejection windowSRE Core · team-level· 14 sessions

    14 consecutive sessions with 100% acceptance and zero rejected diffs — statistically unusual against the team's 58% baseline. Conversation starter, not an accusation.

    Conversation starter · team-level
  • high
    edits with no prior readVendor Pod Chennai · team-level· 9 sessions

    Edit tool calls landing on files never read in-session — consistent with pasted-in bulk output. Vendor sessions carry elevated integrity sensitivity.

    Conversation starter · team-level
  • medium
    token spike, flat tool diversityAnalytics · team-level· 6 sessions

    Token volume 2.4× baseline while tool-call diversity stayed flat — volume without exploration. Often benign (data dumps); worth one look.

    Conversation starter · team-level
  • low
    abandoned-restart chainGrowth · team-level· 5 sessions

    Chains of abandoned sessions immediately restarted on the same repo — can inflate session counts without outcomes.

    Conversation starter · team-level