Skip to content

Approvals & audit

Two halves of the same promise: Gray asks first, and Gray writes it down.

Agents read freely; acting is gated. The approval gate shows the exact command, holds the agent server-side, and waits. Denials stop the path. Terminal sessions carry the same inline gates.

Activity is the audit surface:

  • Agent runs — the summary, every tool step, files changed with diff counts, and for failures the verbatim error output.
  • Voice/chat transcripts — full turns, including which tools ran. Values the box scrubbed (secrets, tokens) appear as [redacted] — the scrubbing happens before write, so the raw value never reaches the log.
  • Jobs — scheduled-run output, exit codes, schedules.
  • Alerts — raised, triaged, resolved; the triage record shows what action was taken, when, and that you approved it.

History is yours and uncapped — it lives on your box and Gray never trims it. Two delete behaviors, both audit-preserving: deleting a single row (swipe → Delete) tombstones it — hidden from your feed, the underlying turns retained on the box; a bulk clear archives the conversation files aside on the box rather than shredding them. For a true purge, remove the files yourself — Data & backups.