pip install epi-recorder
epi demo --no-browser # record → seal → verify (no API key)60-second path · With OpenAI · Integrations · CLI · Standards
When someone asks what your agent did six months ago,
the answer should be a.epifile — not a dashboard login and a shrug.
epi-recorder captures agent decisions into a portable, signed, offline-verifiable artifact.
No phone-home required to open or verify.
Works without any LLM API key:
# demo.py
from epi_recorder import record, get_current_session
with record("demo.epi", goal="show the golden path"):
s = get_current_session()
s.log("tool.call", tool="lookup", id="A-1")
s.log("tool.response", ok=True, balance=250)
s.log("decision", action="approve", reason="within limit")python demo.py
epi verify demo.epi
epi view demo.epi| Step | Command | What you get |
|---|---|---|
| Record + seal | python demo.py |
Signed demo.epi (secrets redacted by default) |
| Verify | epi verify demo.epi |
Integrity + signature checks offline |
| View | epi view demo.epi |
Self-contained browser viewer (no server) |
Typical first-run verify:
| Check | Result |
|---|---|
| Integrity (SHA-256) | ✅ Valid |
| Signature (Ed25519) | ✅ Valid |
| Identity | ⚠ UNKNOWN until you epi keys trust your key |
| Secrets | ✅ Redacted by default (redact=True) |
DECISION: WARN on first verify is normal — integrity and signature still pass.
Trust identity with:epi keys trust <name>afterepi keys list.
That’s the product. Everything below is optional depth.
from openai import OpenAI
from epi_recorder import record, wrap_openai
client = wrap_openai(OpenAI()) # needs OPENAI_API_KEY
with record("agent.epi", goal="Answer a user question"):
client.chat.completions.create(
model="gpt-4o-mini",
messages=[{"role": "user", "content": "Hello"}],
)python agent.py
epi verify agent.epi
epi view agent.epiAPI keys in prompts/headers are redacted automatically before they land in the file.
Every .epi uses the Envelope v2 container format — a polyglot HTML+ZIP
binary that opens natively in any browser and can be extracted programmatically.
demo.epi
├── manifest.json # Ed25519 signature + SHA-256 file hashes
├── steps.jsonl # Timeline (hash-linked steps)
├── environment.json # Runtime snapshot (sensitive env redacted)
├── viewer.html # Offline forensic UI
└── VERIFY.txt # Plain-text auditor instructions
| Guarantee | How |
|---|---|
| Integrity | SHA-256 over every sealed member |
| Authenticity | Ed25519 signature on the manifest |
| Chain | Each step’s prev_hash links the timeline |
| Privacy | Default secret redaction (API keys, tokens, PII) |
| Stack | How |
|---|---|
| OpenAI | wrap_openai(OpenAI()) |
| Anthropic | wrap_anthropic(Anthropic()) |
| LangChain | EPICallbackHandler |
| LiteLLM | EPICallback |
| pytest | pytest --epi |
| Microsoft AGT | epi import agt <file> |
# LangChain
from epi_recorder.integrations.langchain import EPICallbackHandler
llm = ChatOpenAI(model="gpt-4o-mini", callbacks=[EPICallbackHandler()])# pytest — attach evidence to failing tests
pytest --epiMore: docs/FRAMEWORK-INTEGRATIONS-5-MINUTES.md
| Command | Purpose |
|---|---|
epi verify <file.epi> |
Offline integrity + signature check |
epi view <file.epi> |
Open offline viewer |
epi run <script.py> |
Run a script under recording |
epi keys generate |
Create a local signing key |
epi keys list / trust / revoke |
Key management |
epi demo |
Guided demo (alias of epi dev) |
epi scitt register <file.epi> |
Optional transparency anchor |
epi import agt <path> |
Import Microsoft AGT evidence |
- Redaction is on (
redact=True). Keys/tokens/PII become***REDACTED***:…placeholders. - Prefer not using
redact=Falsein production (it warns). - Verification is local — no network required for integrity/signature.
- First-run identity WARN is expected until you trust your key.
EPI produces evidence files that help with audit trails. It is not a compliance guarantee and does not provide legal advice. Whether evidence satisfies a specific regulatory threshold is for the auditor or notified body to determine.
| Topic | Docs |
|---|---|
| EU AI Act Annex IV | docs/ANNEX-IV.md |
| AIUC-1 domains | docs/standards/aiuc-1-evidence.md |
| SCITT | docs/standards/scitt-predicate.md |
| CLI deep dive | docs/CLI.md |
| Auditors guide | docs/AUDITORS-GUIDE.md |
epi verify agent.epi --aiuc1 # optional domain scoring| Symptom | Fix |
|---|---|
epi: command not found |
Activate the same venv where you pip installed, or use python -m epi_cli |
DECISION: WARN first verify |
Normal — integrity/signature OK. Run epi keys trust … for KNOWN identity |
Integrity: FAILED |
File was modified after seal — re-record |
| Share / portal fails | Hosted features need a live backend; local record/verify never depends on them |
| Path | Role |
|---|---|
epi_recorder/ |
Python SDK (record, wrappers) |
epi_core/ |
Container, crypto, redaction, verify |
epi_cli/ |
epi command |
website/ |
Public site source of truth (epilabs.org) |
verify_portal/ |
Hosted verify/auth API (optional) |
tests/test_core_loop_golden.py |
Golden path regression |
Website edits: only under website/, then python scripts/sync_website.py.
MIT — see LICENSE.
Site: epilabs.org · Issues: GitHub Issues