Best Practices for Building Agents Recap
Arthur

Auditability for AI Agents: How Telemetry Clears a Security Review

July 15, 20266 min read

Shipping an agent into an enterprise environment means passing a compliance or security review before it reaches production. Governance teams need to understand exactly what an agent can do and what it has done, and they will not approve one they cannot see into. This is where auditability stops being an observability nicety and becomes the deciding factor: an agent that cannot demonstrate its own behavior does not clear review.

The good news is that the evidence a reviewer wants is the same instrumentation you already build during development. This post explains what auditability means for an agent, what a governance review actually inspects, and how telemetry turns your development work into the record that gets your agent approved.

What auditability means for an agent

Auditability in the agent context is the ability to show, for any agent, exactly what it can do and what it has done. That means a clear, inspectable record of:

  • The tools it can call.
  • The subagents it delegates to.
  • The models and LLM providers it uses.
  • The data sources and retrievers it touches.

Telemetry is the mechanism that makes this possible. Governance tooling discovers and assesses agents by reading their traces. An agent that emits no telemetry is invisible to the organization. An agent with incomplete telemetry cannot have its risk surface assessed, which means it cannot be approved.

Put simply: if it is not in the traces, a reviewer cannot see it, and if a reviewer cannot see it, the agent does not ship.

What a governance review actually inspects

Compliance teams need to see the full risk surface of an agent before they will let it operate. Governance views surface a consistent set of facts for each agent. Here is the per-agent checklist a reviewer works through:

__wf_reserved_inherit

If your agent can produce this view on demand, the review moves quickly. If it cannot, you face longer cycles and harder questions.

Telemetry is the evidence

The instrumentation work you do during development is the audit evidence you bring to review. This is why thorough observability and tracing matters well beyond debugging.

An agent with incomplete instrumentation fails compliance review because there is no way to assess its risk surface. If your traces capture only final outputs, a reviewer has no way to confirm which tools the agent can invoke, which providers its data reaches, or which systems it can touch. Thorough instrumentation means traces capture the full picture:

  • Tool invocations, with inputs and outputs.
  • Subagent delegation.
  • Model and provider calls.
  • Retrieval and data-source access.

The distinction is between an agent that can narrate what it did and one that cannot. The first clears review. The second stalls in it.

Discovery depends on centralized traces

Governance tooling discovers agents by finding their telemetry. That has a direct implication for how you emit traces.

Use frameworks with out-of-the-box telemetry and send traces to standard, centralized destinations. Agents that emit telemetry to well-known locations can be discovered and inventoried automatically, without requiring manual registration. This is what lets a governance team maintain an accurate inventory as the number of agents grows.

The inverse is the risk: an agent that emits no traces, or sends them somewhere the organization does not monitor, is a shadow agent. It runs outside governance controls, and no one can assess or account for it. Centralized, standardized telemetry is what keeps an agent out of that category.

Demonstrating active controls

Enterprises will ask what safeguards are in place before allowing an agent to operate in their environment. Being able to show active controls is a meaningful signal of production readiness:

  • Continuous evals running against production interactions to catch behavioral issues as they emerge.
  • Guardrails intercepting bad inputs and outputs in real time.

Builders who can demonstrate these controls in review clear it faster. Builders who cannot face longer review cycles and harder questions, because the reviewer has no evidence that the agent behaves safely under real traffic. Emitting guardrail and eval events as telemetry means these controls show up in the same record the reviewer is already reading.

Ownership and accountability

Every agent should have a named owner accountable for its compliance and behavior. Governance tools surface this, and enterprises will ask for it.

An agent without an owner is an agent without accountability, which is a red flag in any compliance review. Assigning clear ownership is a small step during development that removes a predictable obstacle at review time. When a reviewer can see who is responsible for an agent, one of the first questions in any review is already answered.

Takeaway

The instrumentation you build during development is the evidence that gets you to production. Builders who instrument thoroughly, send traces to a centralized location, run continuous evals and guardrails, and assign clear ownership have a much smoother path to approval.

Auditability is not a separate compliance task bolted on at the end. It is the natural output of building an agent well: full traces of what the agent can do and has done, active controls you can demonstrate, and a named owner accountable for the whole thing. Do that work, and the security review becomes a matter of showing the reviewer what you already have.

Want to see agent governance views and centralized telemetry in action? Book a demo with an AI expert or explore the Agent Development Toolkit.

SHARE