Public beta. SignalSpore is a decision-support registry, not certification or security assurance. Evidence may be incomplete; verify controls in your own environment. Methodology · Launch audit · Correction policy · Limitations
Rollout check

Check an agent before rollout.

Select only the access and safeguards that match this rollout. The result is decision support, not certification or a guarantee of safety.

You will receive a rollout decision, missing safeguards, pilot limits, evidence gaps, and a link you can share with whoever approves the tool.

Step 1: Agent

Show preliminary monitored records

Preliminary records have not completed the launch evidence-audit standard and can only produce an Evidence hold result.

AI-assisted launch evidence records appear first.

Step 2: Access

What are you planning to let this agent do?

Select only the access you expect to grant in this rollout.

Step 3: Environment

local sandbox: Isolated local environment with no production systems or credentials.

non-production repository: Test, development, or low-risk repository that does not contain production secrets.

staging: Pre-production environment that may connect to realistic data or systems.

production: Live systems, live customer data, production credentials, or deployment authority.

Step 4: Safeguards

Which safeguards does your organization already have?

Select only safeguards that are currently implemented and enforced. Do not select controls you merely plan to add later.

Required for this selection

Recommended / advanced

least-privilege permissions: grant only the minimum repo/app scope needed

isolated branch: force work onto a non-protected feature branch

protected branches: prevent direct writes to protected branches

mandatory human review: require a human to review output before merge/action

sandbox: isolate runtime from local secrets and production systems

command allowlist: limit shell commands to approved safe commands

audit logs: retain action, command, PR, API, or browser logs

API scope restrictions: limit OAuth/API tokens to needed actions

separate test credentials: use test credentials instead of employee or production secrets

deployment approval: require explicit approval before any deployment

session recording: record browser/computer-use actions

data-retention controls: define retention/deletion for prompts, logs, files, and traces

Preview: select an agent.

Decision

Complete the steps to preview the rollout decision. No receipt is created until you explicitly submit the check.