Skip to main content
Every sandboxed execution is recorded as an audit session. The audit trail captures what command was run, when, what paths were tracked, what changed, and how the process exited. This gives you a complete history of agent activity for debugging, compliance, and forensic analysis.

How It Works

Each session records:
  • Command: The exact command and arguments
  • Timestamps: Start time, end time, duration
  • Tracked paths: Which directories were tracked for rollback (if enabled)
  • Changes: Files created, modified, or deleted (when rollback is active)
  • Merkle roots: Cryptographic commitment to filesystem state at each snapshot (when rollback is active)
  • Exit code: How the process terminated
  • Network events: Proxy audit log (when network proxy is active)
Audit is enabled by default for all supervised executions (nono run, nono shell). No flags are needed. To disable audit recording for a session, use --no-audit: 
nono run --no-audit --allow-cwd -- my-command

Commands

nono audit list

List all recorded sessions, grouped by project directory. 
# Show all sessions (grouped by project)
nono audit list

# Show only today's sessions
nono audit list --today

# Filter by date range
nono audit list --since 2026-02-01 --until 2026-02-15

# Filter by command
nono audit list --command claude

# Filter by tracked path
nono audit list --path ~/dev/my-project

# Show only the 10 most recent
nono audit list --recent 10

# Machine-readable output
nono audit list --json
Example output: 
[nono] 14 session(s)

  ~/dev/sprockets (11 sessions)
    20260219-092017-8117 completed claude
    20260219-091403-90291 completed claude
    20260218-134433-28210 completed claude
    ...

  ~/dev/widgets (3 sessions)
    20260219-100000-1234 completed claude
    20260218-120000-5678 completed my-agent
    ...
Filters can be combined: 
# Claude sessions from last week that touched the project directory
nono audit list --command claude --path ~/project --since 2026-02-10

nono audit show

Show complete details for a specific session. 
# Human-readable output
nono audit show 20260214-143022-12345

# Machine-readable JSON export
nono audit show 20260214-143022-12345 --json
The JSON output includes all session metadata, snapshot Merkle roots, the full change timeline, and exit status. This format is suitable for ingestion by compliance tools or log aggregators.

Use Cases

Debugging

When an agent produces unexpected results, the audit trail tells you exactly what files it changed and when: 
# What did the last Claude session do?
nono audit list --command claude --recent 1
nono audit show <session-id>

Compliance

For teams that need to demonstrate control over AI agent activity, the audit trail provides:
  • Timestamped proof that sandboxing was active
  • Complete record of filesystem changes with cryptographic integrity (Merkle roots)
  • Machine-readable JSON export for automated compliance reporting

Forensics

If something goes wrong, the audit trail helps reconstruct what happened: 
# What touched this file recently?
nono audit list --path /etc/config.yaml

# Full details of a suspicious session
nono audit show <session-id> --json

Relationship to Rollbacks

Audit and rollback are independent features that share the same session directory and ID:
AspectAuditRollback
DefaultAlways onOpt-in (--rollback)
Opt-out--no-audit--no-rollback
ScopeAll supervised sessionsSessions with writable tracked paths
PurposeRecord keepingRecovery
DataCommand, timestamps, exit code, network eventsFull file content snapshots + Merkle roots
Commandsnono audit list/shownono rollback list/show/restore/verify/cleanup
When both are active, rollback enriches the audit record with snapshot data (tracked paths, change details, Merkle roots). When only audit is active, the session records metadata without file content.

Storage

Audit sessions are stored in ~/.nono/rollbacks/. Audit-only sessions are tiny (a single session.json file) and are not subject to rollback storage limits. They accumulate freely and can be cleaned up with nono rollback cleanup.