AIR BLACKBOX

Gateway

The flight recorder for AI systems

200+ Tests Go 1.22+ Apache-2.0

Press → or click Next to begin

The Question

Your AI agent just sent an email, moved money, or changed production data.

"Show me exactly what it saw and why it made that decision."

0%

Can Replay

0

Tamper-Proof

0

PII Protected

0

Compliance Controls

The Fix: One Line

main.py
from openai import OpenAI
import air
# One line. Every AI decision is now recorded.
client = air.air_wrap(OpenAI())
# Your code runs as normal
response = client.chat.completions.create(
    model="gpt-4o-mini",
    messages=[{"role": "user", "content": "..."}]
)

How It Works

Drop-in proxy between your agent and any LLM provider

🤖

Your Agent

→

✈️

AIR
Gateway

→

🧀

LLM
Provider

🏦

Vault
(MinIO/S3)

+

🌋

.air.json
Record

+

📡

OTel
Traces

+

🔗

HMAC
Chain

Prompt Vault — Your Data, Your Infrastructure

Prompts and completions stay in your MinIO/S3 — never a third-party cloud

agent → chat.completions.create("What is a flight recorder?")

[AIR:gateway] Assigned run_id: 550e8400-e29b-...

[AIR:vault] Storing request → vault://air-runs/550e8400.../request.json

[AIR:vault] Storing response → vault://air-runs/550e8400.../response.json

[AIR:otel] Trace span emitted — contains vault references only, no raw content

[AIR:record] 550e8400.air.json written — checksums: sha256:a1b2c3...

Full Vault Metadata Only Hash Only Selective Redaction

Tamper-Proof Audit Chain

HMAC-SHA256 signed entries — each references the previous hash

#0
a7f3...

→

#1
c2e8...

→

#2
9b1d...

→

#3
f4a6...

→

#4
1e7c...

→

#5
8d2b...

→

#6
3f9a...

>>> GET /v1/audit

{"chain_valid": true, "total_entries": 42, "soc2_controls": 12, "iso27001_controls": 10}

# Modify any record and the chain breaks

{"chain_valid": false, "broken_at": 17, "expected": "a7f3c2...", "got": "000000..."}

Guardrails — Runtime Safety

Cost limits, loop detection, PII blocking, tool allowlists, and kill-switch

agent → Request #47 to gpt-4o (total: $12.40)

[AIR:guardrails] Cost approaching limit ($15.00) — 82% consumed

agent → Request #48: same prompt as #44, #45, #46, #47

[AIR:guardrails] LOOP DETECTED — 4 identical requests in sequence

[AIR:guardrails] KILL-SWITCH activated — agent halted

[AIR:audit] Logged: guardrail_triggered | type: loop_detection | action: kill

Kill-Switch Cost Limits Loop Detection PII Blocking Tool Allowlists

Compliance Reporting

22 controls. SOC 2 + ISO 27001. Self-evaluating — no forms to fill.

>>> GET /v1/audit/export

[AIR:compliance] Evaluating 22 controls against live configuration...

[SOC 2] CC6.1 Encryption at rest ......... PASS

[SOC 2] CC7.2 Incident detection .......... PASS

[ISO 27001] A.12.4 Logging & monitoring ... PASS

[ISO 27001] A.18.1 Legal compliance ....... PASS

[AIR:export] Signed evidence package generated

{"controls_passed": 22, "attestation": "hmac-sha256:9f8e7d...", "exportable": true}

Hand it to your auditor as a single JSON document.

Observability vs Accountability

They answer "how is it performing?" — AIR answers "what happened, and can we prove it?"

	Observability Tools	AIR Gateway
Data lives in	Their cloud	Your vault
PII in traces	Raw content exposed	Vault refs only
Tamper-evident	No	HMAC-SHA256 chain
Deterministic replay	No	replayctl
Compliance controls	No	22 (SOC 2 + ISO)
Agent guardrails	No	Cost, loop, PII, tool

By The Numbers

200+

Tests Passing

8

LLM Providers

22

Compliance Controls

15

Repos

4

Privacy Modes

0

Downtime Risk*

1

Line to Record

*Non-blocking proxy — vault failure never stops your AI.

The AIR Blackbox Ecosystem

15 repos. Every layer tested. Apache-2.0.

✈️

Gateway

This Repo

🐍

Python SDK

OpenAI + more

🛡️

Trust Plugins

4 frameworks

📡

OTel Pipeline

3 processors

⚖️

Governance

5 repos

pip install air-blackbox-sdk
github.com/airblackbox

GET STARTED

Record Everything

One import. Full audit trail. Zero blind spots.

from openai import OpenAI
import air
client = air.air_wrap(OpenAI())
# Every decision is now recorded.

github.com/airblackbox

AIR Blackbox — Agent Infrastructure Runtime