Public-safe case study

CostGuard + NTSB-AIA for agent incidents.

MASTER ATC is the chain-of-custody layer for agentic AI. This public case study shows how abnormal spend pressure, policy gating, scoped approval, and evidence custody become an investigation packet without exposing private incident evidence.

Open JSONL demo dataOpen summaryRun demoVerify proof

Dataset

Synthetic only

Events

10 hash-linked

Head hash

1befc1b3...35cc8e7

Spend truth

Not a real ledger

What can be said publicly

Safety infrastructure, not vendor blame.

The private packet preserves a real operator incident cluster. The public story stays narrower: agent fleets need spend controls, scoped write targets, policy decisions, human approval gates, and evidence chains that survive after the session closes.

Vendor-specific evidence, raw transcripts, internal telemetry dashboards, private billing details, and refund or credit conversations remain private until reviewed.

Confirmed locally

Private evidence artifacts exist, are hashed, and are separated from this public page.

Operator-reported

A real multi-agent workstation surfaced abnormal usage pressure and authority-boundary lessons.

Vendor reconciliation needed

Official billing, refund, credit, and root-cause claims stay private until provider records are reconciled.

Hypothesis

Agent fleets need explicit scope, approval gates, spend controls, and custody receipts before serious automation.

Synthetic demo data

A public chain that demonstrates the control model.

Request private review

01

Case opened

Synthetic NTSB-AIA case starts with public-safe boundaries.

04

20x spike detected

CostGuard marks a synthetic usage spike as Tier 4 and requires approval.

05

Expansion blocked

MASTER ATC blocks unapproved background expansion while spend is under review.

08

Custody event written

AuditTrail writes a hash-linked custody event for later verification.

10

Task completed

The case closes with safety recommendations and a final head hash.

Controls demonstrated

From cost spike to custody receipt.

Spend watch

Usage, token, model-cost, and tool-call signals become structured telemetry.

Policy gate

Tier 4 events require named approval before scope expands.

Scoped approval

The operator can approve a narrow investigation without approving external sends.

Custody bridge

Governed events can be promoted into hash-linked AuditTrail custody envelopes.

Public boundary

Synthetic demo data stays separate from private evidence and real spend truth.

Review packet

Public copy, private data-room index, vendor packets, and demo data stay in their own lanes.

Publication boundary

The demo is useful because it is not pretending to be real spend.

This dataset is synthetic, public-safe, and intentionally separate from the private incident packet. It can be used for public walkthroughs, GitHub docs, evaluator screenshots, and product demos.

It must not be used as production CostGuard truth, a billing reconciliation source, a refund request, or a vendor-fault claim. Real spend claims require approved ledgers or official provider exports.