Runpacks and Verification
Runpacks are deterministic bundles that capture every decision, evaluation, and disclosure. They are designed for offline verification in CI, compliance, or incident review.
What a runpack contains
- Scenario specification and hashes
- Trigger log and gate evaluations
- Decision log and disclosure packets
- Manifest with SHA-256 hashes for every artifact
Offline verification flow
- Export a runpack with
runpack_export. - Verify the manifest and hashes with
runpack_verify. - Compare the spec hash and decision log against your expected policy.
Integrity guarantees
Runpacks are hashed using canonical JSON. Any missing, tampered, or reordered artifact fails verification. This keeps the audit trail deterministic across environments.