"When a Boeing plane crashes, investigators pull the black box.
When an AI agent crashes a $2M trade — there is no black box.
Until now."
AI agents make consequential decisions in finance, healthcare, and legal every day. When they go wrong, nobody knows why. The reasoning chain is lost. Regulators demand explainability. Auditors demand trails. Engineering teams are left guessing.
ORACLE wraps any existing AI agent with a complete forensic system:
- Timeline scrubber — drag to any moment in the agent's history to see exactly what it was "thinking."
- Gemini Forensic Interrogation — 1M context window analyzes the complete interaction history to explain exactly what went wrong.
- Immutable Audit Ledger — SHA256-chained, append-only, tamper-proof record of every agent thought and tool call.
- Lobster Trap DPI — Deep Packet Inspection for agents; detects declared-versus-detected intent mismatches in real-time.
- Blue Team Auto-Policy — Gemini Pro automatically generates Lobster Trap YAML rules to prevent incident recurrence.
- Compliance Reports — One-click export of forensic PDFs covering SOC2, GDPR Article 22/30, and MiFID II requirements.
# Before
agent.base_url = "https://generativelanguage.googleapis.com"
# After — ORACLE is now recording
agent.base_url = "https://orcle.vercel.app/api/proxy"That's it. No rebuilding. No refactoring. ORACLE transparently intercepts, inspects, and logs every Gemini API call.
| Scenario | Root Cause | Risk | Action |
|---|---|---|---|
| The Rogue Trader | DATA_POISONING — manipulated NVDA signal causes $2.1M liquidation | 88/100 CRITICAL | QUARANTINE |
| The Data Ghost | PII_EXFILTRATION — HR agent leaks salary data | 76/100 HIGH | REDACT |
| The Compliance Ghost | GDPR_PATTERN — legal agent violates Article 17 across 15 contracts | 91/100 CRITICAL | HUMAN_REVIEW |
| The Intent Mismatch | LOBSTER_TRAP — Agent declares benign intent but detected payload is malicious | 94/100 CRITICAL | BLOCK |
Gemini Pro's 1M token context window is the only reason forensic analysis at this depth is possible. A complete agent session — every thought, tool call, and response — fits in a single context window. No chunking. No context fragmentation. Full coherence across the entire interaction history.
In the Compliance Ghost scenario, ORACLE analyzes multiple sessions simultaneously (~800K tokens) to find a pattern of GDPR violations that no human reviewer or small-context LLM could detect.
Lobster Trap's declared-versus-detected intent mismatch is ORACLE's early warning system. When an agent declares intent "protect portfolio value" but Lobster Trap detects a "mass liquidation pattern," ORACLE flags the mismatch before the damage is done. Every interaction is inspected at the DPI layer, and every enforcement decision is logged to the immutable ledger.
- SOC2 CC7.2 — Anomaly detection controls
- SOC2 CC7.3 — Incident response procedures
- GDPR Article 22 — Automated decision explainability
- GDPR Article 30 — Records of processing activities
- MiFID II — Financial audit trail requirements
- HIPAA 164.312(b) — Audit controls
The platform is live at: https://orcle.vercel.app
# 1. Clone and configure
git clone https://github.com/your-repo/orcle
cp .env.example .env # add GEMINI_API_KEY
# 2. Run with Docker
docker-compose up
# 3. Access Dashboard
open http://localhost:3000- Gemini 2.5 Pro (Forensic analysis & Multi-modal reasoning)
- Gemini 2.5 Flash (Victim agent simulation — fast & cost-effective)
- Veea Lobster Trap (DPI + Declared vs Detected Intent)
- FastAPI + SSE (Real-time forensic streaming)
- Next.js 16 + TypeScript (High-fidelity timeline UI)
- SQLite (SHA256 immutable ledger & session storage)
- ReportLab (Automated compliance PDF generation)
ORACLE — Built for AI agents that operate in the dark. Now they can't hide.