Claude Can Execute Code. Who's Auditing It?
Claude 3.5 Sonnet just shipped extended thinking and code execution. Your team is using it to:
- Write and run tests
- Generate and execute scripts
- Build and deploy infrastructure
- Query databases
- Process financial data
Then your compliance officer asks: "What code did Claude execute? Show me."
And you have nothing to show.
The Visibility Gap
Claude's code execution is invisible by default:
- Agent runs code in a sandbox
- Code produces output (success/failure)
- Text logs say "executed successfully"
- But nobody saw what actually ran or what it accessed
The problem: Text logs prove execution, not correctness or scope.
Your audit log says: action=code_execution, status=success, lines_executed=42
Your compliance team says: "Show me the actual code. Show me what it accessed. Show me the output."
Text assertions aren't proof. Visual records are.
Why This Matters for Regulated Environments
Financial Services: Claude writes and executes queries on transaction databases. Auditors need: "Show me the exact query. Show me which records were accessed. Show me the results."
Healthcare: Claude processes patient data with code. Auditors need: "Show me the data transformation logic. Show me which fields were read. Show me the output format."
Compliance & Risk: Claude executes critical business logic. Auditors need: "Show me the code. Show me the execution environment. Show me what happened."
Without visual proof, you're relying on Claude's claimed behavior. With it, you have immutable evidence.
The Visual Audit Trail Solution
PageBolt captures screenshots and videos of Claude's code execution:
- Before: Screenshot of the code about to execute
- During: Video of the code running, output appearing in real-time
- After: Screenshot of the final state and results
Store these as immutable proof for auditors.
Integration Pattern
import anthropic
import pagebolt
client = anthropic.Anthropic()
# Capture pre-execution state
pagebolt.screenshot(
url="https://yourapp.com/database-console",
name="before_query"
)
# Run Claude with code execution
response = client.messages.create(
model="claude-3-5-sonnet-20241022",
max_tokens=1024,
tools=[{"type": "bash"}],
messages=[
{
"role": "user",
"content": "Query our transaction database for Q1 refunds. Show me the results."
}
]
)
# Capture post-execution state
video = pagebolt.record_video(
url="https://yourapp.com/database-console",
steps=[
{"action": "screenshot", "name": "query_results"},
{"action": "scroll", "y": 500},
{"action": "screenshot", "name": "full_results"}
]
)
# Store audit trail
audit_entry = {
"prompt": "Query refunds for Q1",
"model": "claude-3-5-sonnet",
"code_executed": response.content,
"visual_proof": video,
"timestamp": datetime.now()
}
Result: Video proof of exactly what Claude executed and what results it produced.
Real Scenarios Where Visual Proof Matters
Scenario 1 — Database Query
Claude queries customer data. Auditor asks: "Which tables did it access? What was the WHERE clause?" You show: video of the query execution with SQL visible and results displaying.
Scenario 2 — Infrastructure Provisioning
Claude provisions cloud resources. Auditor asks: "What was created? What are the security settings?" You show: video of Terraform apply output, before/after screenshots of cloud console.
Scenario 3 — Data Processing
Claude transforms sensitive data. Auditor asks: "Did it filter correctly? What was excluded?" You show: video of the script running, showing input data, transformation logic, and output.
Next Steps
- Identify critical Claude workflows — Code execution in databases, infrastructure, financial systems
- Add visual checkpoints — Screenshot/video before and after execution
- Store immutable proof — Archive for auditor review
- Document for compliance — Show visual proof during audit
Start free: 100 requests/month, no credit card. Add visual proof to your Claude workflows at pagebolt.dev/signup.
Claude executes code. Compliance demands visibility. Visual proof is mandatory.
Top comments (0)