The questions Field notes Code on GitHub Read the Notes Contact
Field Notes · Free · No spam

Subscribe to the notes.

In 2024, Air Canada's chatbot promised a customer a discount that didn't exist. The airline tried to argue the bot was a separate entity. The tribunal disagreed. Air Canada paid. Now imagine it's your company. Your AI is already drafting emails, processing claims, talking to customers, making decisions. When one of them goes wrong, and one will, could you produce the record of what it actually said? Could you prove the record wasn't changed afterwards? Headlights publishes plain-language field notes on incidents like Air Canada's, plus free code that would have caught them. Audit trails are plumbing. Anyone should be able to install them. Anyone should be able to verify them.

Subscribe to the notes

What did the AI agent actually do?

One email. The optional fields help us know who's reading. Not required.

Your email is used only to send you the notes. No third-party sharing. Unsubscribe any time.

You're subscribed.

Thanks. The first field note lands when it lands. In the meantime, head to the publication on Substack:

ellieharris932.substack.com ↗

And the code lives at github.com/saffronandindia/headlights-oss. Open source, Apache 2.0, the reference implementation of the IETF Agent Audit Trail draft.

What you get

Notes when there's something to say. No drip. No upsell.

01

A real AI failure, examined

Each note takes one named incident: Air Canada's chatbot, the latest LLM controversy, a clinical AI mistake. Then walks through what happened, what the audit log should have shown, and where the gap was.

02

Open-source code that addresses it

Each note links to the Headlights repository. Open source, Apache 2.0, implementing the IETF Agent Audit Trail draft. You can install it, read it, fork it, or just check that we're shipping what we write about.

03

An honest market view

Including the Headlights Scorecard, a public ranking of how auditable major AI products are. Scored against a published rubric. Updated quarterly. Vendors can dispute their score in the open.

Who this is for.

Anyone with an AI agent in production. A solo developer shipping a chatbot on their personal site. A two-person startup with an onboarding bot. A 50-person fintech doing automated underwriting. A consultant whose AI sends client emails. A health network using clinical-note AI. A council answering rates queries. A federal agency drafting policy summaries. An ASX 100 bank with thousands of agents. The size of the business is irrelevant. If your AI is touching a customer, a regulator, a patient, a court, or even just your own brand reputation, this is for you. The founder needs the question answerable. The lawyer needs the chain of evidence. The engineer needs the SDK. The auditor needs the verifier. Even the freelancer who built the thing in a weekend needs to know what it said when a screenshot lands in their inbox.

Or you're a builder shipping agentic systems who wants the underlying audit-log primitive: hash chain, signed records, AAT-aligned, open source. Read the code. Fork it. File issues. Tell us where the spec is wrong.

Or you're a journalist or analyst who needs sharper material on AI governance. The notes cite primary sources. Quote freely.