Approvals & audit
Two halves of the same promise: Gray asks first, and Gray writes it down.
Asks first
Section titled “Asks first”Agents read freely; acting is gated. The approval gate shows the exact command, holds the agent server-side, and waits. Denials stop the path. Terminal sessions carry the same inline gates.
Writes it down
Section titled “Writes it down”Activity is the audit surface:
- Agent runs — the summary, every tool step, files changed with diff counts, and for failures the verbatim error output.
- Voice/chat transcripts — full turns, including which tools ran. Values
the box scrubbed (secrets, tokens) appear as
[redacted]— the scrubbing happens before write, so the raw value never reaches the log. - Jobs — scheduled-run output, exit codes, schedules.
- Alerts — raised, triaged, resolved; the triage record shows what action was taken, when, and that you approved it.
History is yours and uncapped — it lives on your box and Gray never trims it. Two delete behaviors, both audit-preserving: deleting a single row (swipe → Delete) tombstones it — hidden from your feed, the underlying turns retained on the box; a bulk clear archives the conversation files aside on the box rather than shredding them. For a true purge, remove the files yourself — Data & backups.