Your agents propose. Humans approve. Everything else writes itself.
Audit Otter is the issue tracker, doc system, and audit substrate designed from the ground up for Day-1 engineering teams whose primary contributors are Claude Code, Codex, and other agents. Every change is attributed to a human via a scoped delegation, every approval is a signed human-only verb, and the SOC2 evidence accumulates as a side effect of the normal workflow.
Jira and Confluence were designed for humans doing the work. That assumption is dead.
When 80% of your code comes from agents, you need a system where agents are first-class but never authoritative. Audit Otter encodes one architectural commitment: agents have no identity. They always act on behalf of a named human, with a scoped delegation, for a bounded time. The audit log says "Alice (via Claude)" — and Alice is responsible.
The product is opinionated, so nothing breaks the compliance shape.
Agents act on behalf of humans.
Your agent gets a short-lived, scoped delegation token signed by the human who paired with it. approve, reject, grant_access are human-only verbs the token literally cannot carry.
Every agent session is a first-class artifact.
Prompts, tool calls, file edits, command output, approvals, intervention — captured as a hash-chained timeline linked to the work items it touched. The trace is the gold; debugging and evidence both come from the same data.
One workflow, one approval surface.
Inbox over web/CLI/Slack. Low-risk: one click. High-risk: automated pre-review evidence, rationale required, non-author routing, separate pre-deploy attestation. Never configurable.
Founders show up to approve. Bots do the rest. The audit substrate falls out for free.
“fix the password reset bug”
Claude opens an auditotter propose_work_item call. The MCP server attributes it to Alice via her delegation, infers type: bug, risk: low, and starts an AgentTrace.
Open approval link? [Y/n]
The skill prints a single-use challenge URL. Alice opens it in the web inbox, hits Approve, and her CLI continues. The agent now has permission to work.
Writes the fix, opens a PR linked to the work item.
The trace records the prompt, the tool calls, the diff, the test runs. GitHub check fails until the PR body links to auditotter:wi_….
State auto-progresses through merged → deployed → verified.
Attribution flows from GitHub merger and deployer to the responsible human. No agent ever transitions a gated state.
“Can you send us a SOC2 Type I report?”
You click Generate evidence bundle. You hand the signed export to a $5k auditor. The chain verifies, the policies were acknowledged, the access reviews ran, the work was approved. You pass.
This is a real install. Click around.
The smoketest workspace is a seeded two-founder team mid-flight: pending approvals in the inbox, real agent traces with transcripts, a partially-acknowledged policy, an open incident, and an existing evidence bundle. Sign in as any principal and try the approval flow.