treetrace replay

RECONSTRUCT
THE SESSION

Replay how the work actually got done, not just what changed.

TreeTrace reads the transcript on your machine and rebuilds the lineage of a coding or CLI agent session: the root goal, every steer and correction you accepted, the branches you abandoned, and the moment a secret nearly leaked. A fork-aware tree from prompt topology and your own text, with no upload, no telemetry, no LLM judge.

Run a replay See what it records

SESSION LINEAGE · session_01H9F2K

$ npx treetrace replay session_01H9F2K
● root        prompt     "add JWT refresh to auth middleware"
├─ steer       direction  → "use rotating refresh tokens, not long-lived"
│ ✗ dead-end    abandoned  import jsonwebtoken undeclared dep
├─ correction  human      "read the secret from env, don't hardcode it"
│ ⚠ caught      redaction  console.log("token:", t) LEAKED sk_live_a39f…
├─ checkpoint  accepted   rotating refresh + env secret · tests green ✓
● head        outcome    PR #214 · 7 nodes · 2 dead-ends · 1 secret caught
$ 

Reading the lineage

steered path: the spine you accepted: goal, steers, corrections, checkpoints.
dead-end: a branch the agent tried and you abandoned. Kept, not erased.
LEAKED: a secret the redaction gate caught before any write.

$npx treetrace replay

Runs in any repo after a session. Node 18+. Nothing leaves your machine.

How a replay reads

The path you kept, and the ones you didn't.

A session is not a straight line. TreeTrace derives a fork-aware tree from prompt topology and your text, then separates the accepted spine from every branch you walked away from, so you can see the rework, not just the result.

Steered path · accepted

The spine that shipped

The root goal and the human steers, corrections, and checkpoints that survived to the outcome. This is the lineage that becomes lessons and a memory pack for the next run.

root: the goal that opened the session
direction & correction: where you redirected the agent and the fix that stuck
checkpoint: accepted state with tests green
head: the outcome, with node and dead-end counts

Dead-ends · abandoned

The branches you walked away from

The attempts you rejected: a wrong tool, an overbuilt detour, an undeclared import, a refused action. TreeTrace types and keeps them so you stop paying for the same mistake twice.

typed as abandoned_path, user_rejected_action, wrong_tool_choice
each carries evidence text and the source node IDs
refusals and declines captured: user_declined_tool, model_refusal
every dead-end becomes a candidate regression eval

The leaked-token catch

One branch logged a live key: console.log("token:", t). Every export passes a redaction gate that fails closed: curated rules for AWS, GitHub, Anthropic, OpenAI, Stripe, npm, JWTs, private keys and more, plus a high-entropy fallback and a shadow scan of the rendered artifact before anything is written. The secret is flagged in the replay and never lands on disk. .treetrace/redactions.json stores only content hashes, never the raw value.

Replay your last session.

One command, in any repo. Deterministic, local-first, Node 18+.