Destructive action
CRM AgentCRM Agent attempts crm_update without human approval — write action with no audit log.
- tool
- crm_update
- risk
- high
- dur
- 1.8s
ArcadeOps Control Tower
Replay or paste an ArcadeOps agent trace. Control Tower audits tools, sub-agents, costs, approvals and risky outputs, then decides whether the run should ship, need review, or be blocked.
Pick a multi-agent runInspect agents, tools & evidenceGemini decides: ship, review or block
Catch unsafe AI agent runs before they ship. Pick the unsafe sample to see the production gate in action.
These are the signals Gemini will use before making a production decision.
CRM Agent attempts crm_update without human approval — write action with no audit log.
Email Agent attempts send_email to an external customer without human review.
No replay ID was persisted for this run and no audit log was emitted for the writes.
Control Tower halts the run: destructive write + outbound message + missing audit are non-negotiable gates.
Under the hood
This demo focuses on the production gate, but ArcadeOps is built to orchestrate autonomous agents, tools, and multi-agent workflows end-to-end. Control Tower is the gate that decides whether any of those runs can ship to production.
Plan → execute → evaluate → summarize, with budget caps and stop conditions.
Read, write, search, send, generate — every call typed, scoped, and auditable.
CEO and Manager agents delegate to specialists, sub-agents and ephemeral recruits.
AgentRun, AgentStep and LLMCall stored end-to-end — replay-friendly by design.
Tokens, USD, latency, providers, models and risk flags surfaced per run.
Approvals, HITL, write-without-audit and outbound-without-review enforced server-side.