Audit & compliance

Linkworld is EU-sovereign by default and built for compliance that European businesses actually have to satisfy: DSGVO (GDPR), the EU AI Act, sector-specific rules. This page covers the audit log (the runtime trail) and the broader compliance posture.

The audit log

Every skill / tool call your tenant runs lands in linkworld_skill_audit_log. The platform writes the audit entry in-process via a buffered audit bus — no calls escape unaudited.

Per entry:

Field	Notes
`tenant_id`	Always set
`user_id` / `agent_id`	Whoever initiated the call
`conversation_id`, `goal_id`, `project_id`	When applicable
`skill_name`, `tool_name`	What was called
`tool_input` (JSONB)	The args (sensitive fields redacted before insert)
`status`	success / error / blocked / timeout
`result_summary` (≤ 5000 chars)	First chunk of result for quick display
`result_data` (JSONB)	Full structured result if < 50 KB
`error_message`	When status ≠ success
`duration_ms`	Wall-clock timing
`risk_level`, `action_type`	From the security gate’s classification
`gate_decision`	What the gate decided (“allow”, “deny:no_scope”, …)
`created_at`	UTC timestamp

Apps invoking platform tools also get an attribution: their skill_name is "app:<slug>" so you can filter the audit by app in the UI.

The Audit screen

In Workspace Control → Audit:

Newest first, paginated 100 / page (Load older for deeper history)
Status pills: All / Success / Errors / Blocked / Timeout
Free-text filters: tool name, app id
Per row: status badge, app badge, skill·tool, risk + gate decision, duration, metadata (user / agent / conversation), error or result snippet

Use it for:

Triage: failing heartbeat? Filter by tool + status=error to see exactly what went wrong.
Compliance: “show me every email this tenant sent last week” → filter by tool=graph_email_send.
Forensics: “Who told the marketing app to spend the budget?” → filter by app + look at user_id + agent_id.

Three pillars:

1. Data residency

The platform deploys to EU regions by default. Your tenant’s data (records, agent memory, audit log, file uploads) lives in EU infrastructure. Cross-region replication is opt-in.

2. Data subject rights

For DSGVO Art. 15 (access) / 17 (erasure) / 20 (portability), the platform provides:

Export: tenant admins can export all data attributable to a user (records, audit entries, agent memory mentions). Format: JSON-Lines.
Erasure: deleting a user account triggers cascade deletion of records + audit entries scoped to that user. Audit log entries for tenant operations done by that user are retained but pseudonymized (the user_id is replaced with a hash).
Portability: same export format is consumable by any system that wants to ingest it.

3. Processing transparency

The platform’s audit log gives you the runtime trail. The Wires & Grants UI gives you the static trail (what apps may do at all). Together: you can answer “what is processed, by whom, under what authority” for any user / time range.

EU AI Act posture

The Act classifies AI systems by risk; Linkworld’s posture per category:

General-purpose AI components

Linkworld uses third-party LLMs (Anthropic Claude, OpenAI GPT, Google Gemini, Mistral) as general-purpose AI. The platform itself is the deployer — the legal obligations fall on you (the tenant) and the LLM provider.

The platform helps you meet deployer obligations:

Model logging (Art. 13): every LLM call is logged with the model used, tokens, duration, and the agent / user context.
Output marking (Art. 50): apps that publish LLM-generated content can call ctx.tools.call('mark_ai_output', …) to add the AI-generated marker (per-tenant configurable).
Human oversight (Art. 14): the approval queue (/governance) is the explicit human-in-the-loop surface for any tool call the security gate or app classifies as needing approval.

Tenant’s high-risk-system obligations

If your specific use of Linkworld puts you in a high-risk category (employment decisions, financial scoring, biometrics, critical infrastructure), the tenant remains responsible for:

Risk management documentation (the platform’s audit log helps but doesn’t replace your own register)
Data quality + bias monitoring of the data you feed in
Conformity assessment

The platform doesn’t make you compliant for high-risk uses; it gives you the logging + control infrastructure to be compliant. Treat the platform as plumbing, not as a compliance product.

Approvals queue

Approvals (the /governance UI) is the main human-oversight surface. Tools / agents that produce drafts requiring sign-off (content drafts, sends, payments, …) create an approval row; tenant admins approve or reject.

Approval decisions are themselves audited. If you ever need to prove “a human approved this email send”, the approval log carries the user, timestamp, and the IP / session that approved.

Approvals time out by default (5 minutes for routine, configurable); expired approvals leave an audit record showing the timeout.

Encryption + secrets

Secrets vault (linkworld_secrets): AES-256 at rest, per-tenant key derivation. Apps fetch secrets via ctx.secrets.get(KEY) which audits each read.
TLS everywhere: platform → app container, browser → platform, platform → LLM provider — all TLS.
Cookie scoping: tenant session cookies are scoped to app.linkworld.ai; the apps-CDN bundles cannot read them cross-origin (CORS allow-list).

Retention

Default retention windows (tenant-configurable up to legal limits):

Data type	Default retention
Audit log	365 days
Approval log	365 days
Agent memory	Indefinite (until tenant deletes)
Conversation history	Indefinite (until tenant deletes)
Tenant records	Indefinite
Failed-job logs	30 days

Beyond default windows, archived data lives in cold storage (separate region; encrypted; access requires admin role).

Operational transparency

The platform’s /health/detailed endpoint exposes (to authenticated admins):

Database / Redis / scheduler / worker / compute / skills_framework status
Per-component response times
Active background tasks

If the platform itself has a degraded component, admins see it before users.