90 incidents on record · 2026 Headlights Incident reports by Ellie Harris · Melbourne
10 new this week Library last updated 13 July 2026
Two beams of light cutting across a dark, textured floor

Trust no one. Follow the evidence.

A library of real AI failures. We find the patterns so you can build better governance.

See the cases
From the author
A letter from
Ellie Harris
Melbourne · 2026

I came to this work from two directions at once. I studied criminology and volunteered with victims of crime. What victims want is justice, and justice is hard to get without a clear, verifiable record of what actually happened.

I've also spent more than twenty years inside enterprise technology, in the institutions where "we don't know what happened" is not an acceptable answer. The trigger was the pattern. Every week, another story. Air Canada's chatbot. AI lawyers citing fake cases. A coding agent that wiped a production database. Support bots talking in the voice of the previous bot.

Different industries, the same failure: nobody could produce a clean record of what the AI had actually done. So I started writing the incident reports. And the code. Both are free. Both will always be.

Ellie
The three questions

Anyone running AI agents will eventually be asked these three questions.

Most cannot answer any of them. If the answer to any of them is "we're not sure," that is where Headlights starts.

Do you know every AI agent running on your account, in your codebase, or for your business right now?
Do you know what each agent is actually allowed to do?
If a customer, a court, or a regulator asked for the record of what they've done, could you produce it?
Why this exists

Every commercial aircraft carries a flight recorder. Almost no AI agent does.

The default state of almost every AI agent deployed today
Selected incident reports · new entries every week

A public library of how AI agents fail.

And the record that would have caught each one. New entries arrive every week.

HD-INC-001 Aviation · Canada · 2024

Air Canada's chatbot invented a refund policy. The court made the airline pay.

The airline argued the bot was a separate legal entity. The tribunal disagreed. The case turned on a single customer screenshot. The airline could not produce its own record of what its bot had said. Now cited in every legal analysis of AI agent liability.

Read the note →
HD-INC-014 Retail · Australia · 2026

Woolworths' new bot, Olive, rambled in the voice of the old one. For weeks. In public.

A new agentic chatbot collided with five-year-old scripts the new system had been built on top of. The persona spoke in the voice of its predecessor: drift that nobody documented, and nobody could explain after the fact.

Read the note →
Archive drawers labelled 1882, 1899, 1932
The thinking behind Headlights

The record outlives the agent.

Fifty years ago we solved this problem for humans. Hiring paperwork, reporting lines, conduct policies, performance reviews, personnel files. That wasn't bureaucracy. It was how anyone, a corner shop or a global bank, could prove what their staff actually did.

AI agents are the new workforce. Faster, cheaper, scaling to anyone with an API key, no conscience built in. The paperwork that worked for humans has to be rebuilt for agents.

That's not just an enterprise problem. It's an everyone-shipping-AI problem.

The opposite of a correct statement is a false statement. But the opposite of a profound truth may well be another profound truth.

Niels Bohr · a favourite of the author
Why independence matters

Your governance layer shouldn't be built by the vendors you're governing.

Cross-platform by design
Salesforce won't audit Microsoft's agents. Microsoft won't audit Salesforce's. Whoever writes the standard reference has to sit outside all of them. Headlights is independent on purpose, funded by nobody it's documenting.
No vendor money in the room
Self-funded through Stellae Consulting. No AI vendor sponsorships. No model-maker investment. No platform partnerships paid for in seats. We can publish a failure case about any company in the field without losing a customer.
Open enough to audit
Apache 2.0 code. A record format mapped to a public IETF draft. A public case library with real names and real consequences. Read every line, verify every signature, check every entry. Audit us before you decide whether to rely on us.
The code · free, open, public

The audit log that doesn't ask anyone to trust it.

Eight governance modules in two layers, mapped to a public IETF draft for AI agent audit trails. Apache 2.0, live now on GitHub. Anyone can read every line. Anyone can verify the signatures. No vendor lock-in, no proprietary auditor in the loop.

Read about the code →
Record · written after the action
ConductRecord: the signed, append-only log every action writes to
MetricRecord: signed aggregate metrics, bound to the chain root
Gate · enforced before the action
AuthorityGate: who issued this, and may they bind the agent?
ConstraintGate: does it comply with the standing rules?
PersonaGuard: does the reply match the agent's identity?
CitationVerifier: is every citation real?
VerificationGate: checked against a trusted source, not the model
EgressGate: sensitive data leaving the trust boundary?
Portrait of Ellie Harris
The author

Ellie Harris

Writer · developer · NMAS-accredited mediator

More than twenty years in enterprise technology: sales and governance, change and adoption, selling into utilities, government, finance, healthcare, education, telcos and mining. A grounding in criminology and victim advocacy. A curious, self-taught full-stack developer who has built a number of free tools, including heybigsister.com. Headlights is independent of her employer, separately funded, and free. No upsell, no pricing page, no waitlist. Just the incident reports and the code.

Want to write back?

Direct to my inbox.

No form. No funnel. No auto-responder. No product to sell, no pricing page, no waitlist.

ellie@useheadlights.com →