Review this week's agent activity with a human

An owner-side weekly review of immutable audit history and automation control state, with explicit limits on what can safely run unattended today.

Updated · published

markdown for agents →

difficulty intermediate · time to value 10 minutes · execution human review required

Start from this

Review the last seven days of immutable Agentry audit history and the current automation control state. Summarize material actions, failed or escalated runs, pending approvals, external follow-up, and anything that needs an owner decision.

Why this remains a human review

An unattended scheduler must never hold AGENTRY_PRIVATE_API_KEY. Owner keys can read project-wide audit and policy data and are intentionally broader than a single automation. Runner credentials are narrowly bound to one automation and cannot perform generic audit reads.

That means an owner-key cron which reads all audit rows and posts them to a chat webhook is not a supported safe automation pattern. Do this review in an authenticated interactive session. If you need a scheduled report, use a versioned automation workflow whose server-owned report source is explicitly listed in its policy; do not widen a runner credential.

Run the review

Fetch the exact schemas from the filtered OpenAPI document, then read:

GET /v1/audit/recent?hours=168
GET /v1/projects/:project_id/automation-control

The default audit view contains completed operations. Include attempts only when reconciling an external-provider mutation that may be intent, failed, or indeterminate. Treat an indeterminate provider outcome as unknown and inspect the authenticated provider before retrying.

The automation control response is a bounded, telemetry-free, eventually consistent view. Use its single as_of clock, attention priorities, stable item IDs, and source cursors. It deliberately has no durable acknowledgement ledger, so record any reviewed item in your team’s existing issue or handoff system if it must survive the session.

Suggested review order

  1. Global and per-automation kill switches.
  2. Failed, escalated, or overdue runs and released claims.
  3. Pending approvals and approvals that are non-actionable because policy is paused.
  4. Draft PRs missing trusted CI proof, deploy binding, traffic, or completed verification.
  5. Cancelled runs whose external_follow_up says provider state is unknown.
  6. Credential expiry, revocation, or missing automation bindings.
  7. Completed audit operations grouped by action and actor.
  8. External mutation attempts that require reconciliation.

Keep counts and IDs separate from interpretation. Human-authored descriptions and runner-attested usage values are labelled as such; they are not proof that an external action succeeded.

Output format

Weekly automation review — <period>

Owner decisions
- <approval or policy decision, exact id and deadline>

External follow-up
- <run id, provider object, why state is unknown>

Reliability
- <failed/escalated runs and recurring error codes>

Credentials and budgets
- <expiring/revoked bindings and rolling capacity>

Completed material actions
- <action, actor, resource id, committed time>

Readiness gaps
- <anything the available control/audit data cannot establish>

Do not invent week-over-week trends unless you queried exact non-overlapping windows. Do not claim a merge, deploy, rollback, message delivery, or case fix from a runner summary alone. Do not publish or send the review without a human explicitly choosing the audience and destination.

When to use a scheduled report instead

For a weekly conversion review, use [email protected]. Its runner receives only a server-executed, run-bound aggregate generated from an immutable query plan. It does not receive an owner key, raw users, generic HogQL, or authority to change code, publish a report, or run an experiment.

Adapt this workflow in your own agent.

Ask your agent to map the starter prompt to your saved signal map, live events, and the current HTTP API before answering.

Agentry gives coding agents production context from errors, product analytics, and deploys through one HTTP API. Fetch and read https://agentry.sh/install.md completely, then install Agentry's full first-time telemetry baseline in this repository. I authorize device-code login, saving the owner key only to ~/.agentry/credentials.json, creating one Agentry project for this repository, and read-only inspection of shipped source plus hidden CI/provider configuration. Deeply analyze the product's business logic and complete value flow before choosing telemetry. Save the complete source-backed plan and show me its exact contents and hash. Until I explicitly approve that plan or request a replacement, do not edit app/CI source, place runtime/CI credentials, commit, exercise product traffic, start proof, push, or deploy. After approval, I authorize only the reviewed targets: place the required scoped browser/server/CI credentials through the established environment or secret mechanism, preserve existing telemetry, implement and test the baseline, commit it, push that reviewed commit when the shipped CI/provider path requires it, exercise safe proof paths with test/non-customer data, and perform one deployment through the reviewed shipped CI/provider path. Ask first if proof would charge money, contact a third party, change real customer data, or require new external access. After the plan is saved, immediately before every onboarding state-changing POST, GET current onboarding state, perform only its single returned next_action, then read state again; do not batch or infer later stages. Continue until status is verified, installation_complete is true, and next_action is null. Keep all secrets, source snapshots, proof markers, and scratch files outside the repository.

+ Full access
5.5 Extra High
  1. 1. Open your repo in Codex, Claude Code, Cursor etc.
  2. 2. Paste the install prompt.
  3. 3. Your agent reads the install doc and shows you an implementation plan for approval.