llm-leash console

HIGH risk averted
block / review on critical rule

MEDIUM risk handled
redact / soft signal

LOW notices
warns & advisory

Human review queue
awaiting human approval now (HITL)

active sessions

spend since proxy boot restart-scoped · sparkline = last 24 h

· cap in ~min · stable

policy rules loaded

PII redactor

Issues

Status: Sort:

No issues in the last .

Trends

Live charts built from the audit log. Spend chart updates every 5 s. Threats chart reflects the selected period ().

Spend per hour (last 24 h)

max bar: $ · total: $

Threats by agent ()

click a bar → drawer

Human review queue — awaiting decision

Requests paused by a policy rule (Human-In-The-Loop / HITL) and waiting for a human operator to approve or reject them before they're forwarded to the LLM. Approve to let through; reject to block with a reason.

Nothing awaiting human review right now. (Backend: )

	request_id	agent	session	tool / reason

Active sessions (by spend, since proxy boot)

A session is an end-to-end agent run, identified by the X-LLM-Leash-Session-Id header. Zero-cost rows are sessions that connected but didn't yet incur LLM cost.

	session_id	cost (USD)
			killed err

Threats prevented — by rule ()

Each row aggregates audit events from one policy rule. Hover the rule name or expand the detail panel below to see what the rule detects and why each block fired.

rule	risk	block	redact	review	warn	total

Threats prevented

No threat events in this period. Either traffic is clean, the policy chain hasn't fired yet, or the period is too narrow — try .

Rule performance (operator feedback, last )

Estimated false-positive rate per rule, derived from operator Approve/Reject decisions in the human-review queue. Rules with high FP rate may be too broad. Requires at least 5 HITL decisions for a recommendation.

rule	fires	HITL total	approved	rejected	FP est.	recommendation

Detection quality (eval pipeline, last )

F1 scores per rule against the bundled dataset. Drift = F1 dropped > 5pp vs 7-day baseline. Run llm-leash eval-record periodically to populate.

rule	F1	precision	recall	FPR	n	Δ vs baseline	status

Per-agent spend ()

Live model_call audit events grouped by agent. The current cap column reflects the per-agent budget cap in effect on the proxy right now.

agent	calls	cost (USD)	current cap (USD)

Per-agent budget caps

Caps apply on the next request from that agent. Cap precedence: per-agent > per-tenant > default. Default cap:

agent	current cap (USD)

— or —

Export audit data

Download filtered threat events or full audit log for offline analysis or SOC 2 evidence submission.

period:

Recent audit events (live) — last

ts	kind	session	agent	provider / model	cost	detail

`⌘K` / `Ctrl-K`	Open Cmd-K search palette
`j` / `k`	Next / previous event in audit table
`e`	Expand / collapse current event
`?`	Show this help
`Esc`	Close any open modal or drawer