feat(agent): add comprehensive prompt audit system

crates/codetaker-db/migrations/2026-02-27-094438-0000_initial/down.sql

@@ -1,3 +1,11 @@
+DROP TABLE IF EXISTS prompt_hook_on_stream_completion_response_finish_events;
+DROP TABLE IF EXISTS prompt_hook_on_tool_call_delta_events;
+DROP TABLE IF EXISTS prompt_hook_on_text_delta_events;
+DROP TABLE IF EXISTS prompt_hook_on_tool_result_events;
+DROP TABLE IF EXISTS prompt_hook_on_tool_call_events;
+DROP TABLE IF EXISTS prompt_hook_on_completion_response_events;
+DROP TABLE IF EXISTS prompt_hook_on_completion_call_events;
+DROP TABLE IF EXISTS prompt_audit_sessions;
 DROP TABLE IF EXISTS review_thread_messages;
 DROP TABLE IF EXISTS review_threads;
 DROP TABLE IF EXISTS project_memory_summaries;

crates/codetaker-db/migrations/2026-02-27-094438-0000_initial/up.sql

@@ -30,6 +30,7 @@ CREATE TABLE project_memory_summaries (
 CREATE TABLE review_threads (
     id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
     project_id INTEGER NOT NULL,
+    pull_request_id BIGINT NOT NULL,
     file TEXT NOT NULL,
     line INTEGER NOT NULL,
     initial_comment TEXT NOT NULL,
@@ -46,11 +47,125 @@ CREATE TABLE review_thread_messages (
     FOREIGN KEY(thread_id) REFERENCES review_threads(id) ON DELETE CASCADE
 );
 
+CREATE TABLE prompt_audit_sessions (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    project_id INTEGER NOT NULL,
+    pull_request_id BIGINT NOT NULL,
+    entrypoint TEXT NOT NULL,
+    started_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    ended_at TIMESTAMP,
+    status TEXT NOT NULL,
+    error_message TEXT,
+    FOREIGN KEY(project_id) REFERENCES projects(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_completion_call_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    prompt_json TEXT NOT NULL,
+    history_json TEXT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_completion_response_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    prompt_json TEXT NOT NULL,
+    assistant_choice_json TEXT NOT NULL,
+    usage_input_tokens BIGINT NOT NULL,
+    usage_output_tokens BIGINT NOT NULL,
+    usage_total_tokens BIGINT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_tool_call_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    tool_name TEXT NOT NULL,
+    tool_call_id TEXT,
+    internal_call_id TEXT NOT NULL,
+    args_json TEXT NOT NULL,
+    action TEXT NOT NULL,
+    reason TEXT,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_tool_result_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    tool_name TEXT NOT NULL,
+    tool_call_id TEXT,
+    internal_call_id TEXT NOT NULL,
+    args_json TEXT NOT NULL,
+    result_json TEXT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_text_delta_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    text_delta TEXT NOT NULL,
+    aggregated_text TEXT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_tool_call_delta_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    tool_call_id TEXT NOT NULL,
+    internal_call_id TEXT NOT NULL,
+    tool_name TEXT,
+    tool_call_delta TEXT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE prompt_hook_on_stream_completion_response_finish_events (
+    id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+    session_id INTEGER NOT NULL,
+    event_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    sequence_no INTEGER NOT NULL,
+    prompt_json TEXT NOT NULL,
+    response_summary_json TEXT NOT NULL,
+    FOREIGN KEY(session_id) REFERENCES prompt_audit_sessions(id) ON DELETE CASCADE
+);
+
 CREATE INDEX idx_project_memory_entries_project_id
     ON project_memory_entries(project_id);
 CREATE INDEX idx_project_memory_summaries_project_id
     ON project_memory_summaries(project_id);
 CREATE INDEX idx_review_threads_project_id
     ON review_threads(project_id);
+CREATE INDEX idx_review_threads_project_pr
+    ON review_threads(project_id, pull_request_id);
 CREATE INDEX idx_review_thread_messages_thread_id
     ON review_thread_messages(thread_id);
+CREATE INDEX idx_prompt_audit_sessions_project_pr
+    ON prompt_audit_sessions(project_id, pull_request_id);
+CREATE INDEX idx_prompt_audit_sessions_entrypoint_started
+    ON prompt_audit_sessions(entrypoint, started_at);
+CREATE INDEX idx_prompt_hook_completion_call_session
+    ON prompt_hook_on_completion_call_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_completion_response_session
+    ON prompt_hook_on_completion_response_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_tool_call_session
+    ON prompt_hook_on_tool_call_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_tool_result_session
+    ON prompt_hook_on_tool_result_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_text_delta_session
+    ON prompt_hook_on_text_delta_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_tool_delta_session
+    ON prompt_hook_on_tool_call_delta_events(session_id, sequence_no);
+CREATE INDEX idx_prompt_hook_stream_finish_session
+    ON prompt_hook_on_stream_completion_response_finish_events(session_id, sequence_no);

crates/codetaker-db/src/models.rs

@@ -2,8 +2,11 @@ use chrono::NaiveDateTime;
 use diesel::{Associations, Identifiable, Insertable, Queryable, Selectable};
 
 use crate::schema::{
-    project_memory_entries, project_memory_summaries, projects, review_thread_messages,
-    review_threads,
+    project_memory_entries, project_memory_summaries, projects, prompt_audit_sessions,
+    prompt_hook_on_completion_call_events, prompt_hook_on_completion_response_events,
+    prompt_hook_on_stream_completion_response_finish_events, prompt_hook_on_text_delta_events,
+    prompt_hook_on_tool_call_delta_events, prompt_hook_on_tool_call_events,
+    prompt_hook_on_tool_result_events, review_thread_messages, review_threads,
 };
 
 #[derive(Debug, Clone, Queryable, Selectable, Identifiable)]
@@ -71,6 +74,7 @@ pub struct NewProjectMemorySummaryRow<'a> {
 pub struct ReviewThreadRow {
     pub id: i32,
     pub project_id: i32,
+    pub pull_request_id: i64,
     pub file: String,
     pub line: i32,
     pub initial_comment: String,
@@ -81,6 +85,7 @@ pub struct ReviewThreadRow {
 #[diesel(table_name = review_threads)]
 pub struct NewReviewThreadRow<'a> {
     pub project_id: i32,
+    pub pull_request_id: i64,
     pub file: &'a str,
     pub line: i32,
     pub initial_comment: &'a str,
@@ -106,3 +111,111 @@ pub struct NewReviewThreadMessageRow<'a> {
     pub body: &'a str,
     pub created_at: NaiveDateTime,
 }
+
+#[derive(Debug, Clone, Queryable, Selectable, Identifiable, Associations)]
+#[diesel(table_name = prompt_audit_sessions)]
+#[diesel(belongs_to(ProjectRow, foreign_key = project_id))]
+pub struct PromptAuditSessionRow {
+    pub id: i32,
+    pub project_id: i32,
+    pub pull_request_id: i64,
+    pub entrypoint: String,
+    pub started_at: NaiveDateTime,
+    pub ended_at: Option<NaiveDateTime>,
+    pub status: String,
+    pub error_message: Option<String>,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_audit_sessions)]
+pub struct NewPromptAuditSessionRow<'a> {
+    pub project_id: i32,
+    pub pull_request_id: i64,
+    pub entrypoint: &'a str,
+    pub started_at: NaiveDateTime,
+    pub ended_at: Option<NaiveDateTime>,
+    pub status: &'a str,
+    pub error_message: Option<&'a str>,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_completion_call_events)]
+pub struct NewPromptHookOnCompletionCallEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub prompt_json: &'a str,
+    pub history_json: &'a str,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_completion_response_events)]
+pub struct NewPromptHookOnCompletionResponseEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub prompt_json: &'a str,
+    pub assistant_choice_json: &'a str,
+    pub usage_input_tokens: i64,
+    pub usage_output_tokens: i64,
+    pub usage_total_tokens: i64,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_tool_call_events)]
+pub struct NewPromptHookOnToolCallEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub tool_name: &'a str,
+    pub tool_call_id: Option<&'a str>,
+    pub internal_call_id: &'a str,
+    pub args_json: &'a str,
+    pub action: &'a str,
+    pub reason: Option<&'a str>,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_tool_result_events)]
+pub struct NewPromptHookOnToolResultEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub tool_name: &'a str,
+    pub tool_call_id: Option<&'a str>,
+    pub internal_call_id: &'a str,
+    pub args_json: &'a str,
+    pub result_json: &'a str,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_text_delta_events)]
+pub struct NewPromptHookOnTextDeltaEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub text_delta: &'a str,
+    pub aggregated_text: &'a str,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_tool_call_delta_events)]
+pub struct NewPromptHookOnToolCallDeltaEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub tool_call_id: &'a str,
+    pub internal_call_id: &'a str,
+    pub tool_name: Option<&'a str>,
+    pub tool_call_delta: &'a str,
+}
+
+#[derive(Debug, Insertable)]
+#[diesel(table_name = prompt_hook_on_stream_completion_response_finish_events)]
+pub struct NewPromptHookOnStreamCompletionResponseFinishEventRow<'a> {
+    pub session_id: i32,
+    pub event_at: NaiveDateTime,
+    pub sequence_no: i32,
+    pub prompt_json: &'a str,
+    pub response_summary_json: &'a str,
+}

crates/codetaker-db/src/schema.rs

@@ -30,6 +30,108 @@ diesel::table! {
     }
 }
 
+diesel::table! {
+    prompt_audit_sessions (id) {
+        id -> Integer,
+        project_id -> Integer,
+        pull_request_id -> BigInt,
+        entrypoint -> Text,
+        started_at -> Timestamp,
+        ended_at -> Nullable<Timestamp>,
+        status -> Text,
+        error_message -> Nullable<Text>,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_completion_call_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        prompt_json -> Text,
+        history_json -> Text,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_completion_response_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        prompt_json -> Text,
+        assistant_choice_json -> Text,
+        usage_input_tokens -> BigInt,
+        usage_output_tokens -> BigInt,
+        usage_total_tokens -> BigInt,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_stream_completion_response_finish_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        prompt_json -> Text,
+        response_summary_json -> Text,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_text_delta_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        text_delta -> Text,
+        aggregated_text -> Text,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_tool_call_delta_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        tool_call_id -> Text,
+        internal_call_id -> Text,
+        tool_name -> Nullable<Text>,
+        tool_call_delta -> Text,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_tool_call_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        tool_name -> Text,
+        tool_call_id -> Nullable<Text>,
+        internal_call_id -> Text,
+        args_json -> Text,
+        action -> Text,
+        reason -> Nullable<Text>,
+    }
+}
+
+diesel::table! {
+    prompt_hook_on_tool_result_events (id) {
+        id -> Integer,
+        session_id -> Integer,
+        event_at -> Timestamp,
+        sequence_no -> Integer,
+        tool_name -> Text,
+        tool_call_id -> Nullable<Text>,
+        internal_call_id -> Text,
+        args_json -> Text,
+        result_json -> Text,
+    }
+}
+
 diesel::table! {
     review_thread_messages (id) {
         id -> Integer,
@@ -44,6 +146,7 @@ diesel::table! {
     review_threads (id) {
         id -> Integer,
         project_id -> Integer,
+        pull_request_id -> BigInt,
         file -> Text,
         line -> Integer,
         initial_comment -> Text,
@@ -53,6 +156,14 @@ diesel::table! {
 
 diesel::joinable!(project_memory_entries -> projects (project_id));
 diesel::joinable!(project_memory_summaries -> projects (project_id));
+diesel::joinable!(prompt_audit_sessions -> projects (project_id));
+diesel::joinable!(prompt_hook_on_completion_call_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_completion_response_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_stream_completion_response_finish_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_text_delta_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_tool_call_delta_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_tool_call_events -> prompt_audit_sessions (session_id));
+diesel::joinable!(prompt_hook_on_tool_result_events -> prompt_audit_sessions (session_id));
 diesel::joinable!(review_thread_messages -> review_threads (thread_id));
 diesel::joinable!(review_threads -> projects (project_id));
 
@@ -60,6 +171,14 @@ diesel::allow_tables_to_appear_in_same_query!(
     projects,
     project_memory_entries,
     project_memory_summaries,
+    prompt_audit_sessions,
+    prompt_hook_on_completion_call_events,
+    prompt_hook_on_completion_response_events,
+    prompt_hook_on_stream_completion_response_finish_events,
+    prompt_hook_on_text_delta_events,
+    prompt_hook_on_tool_call_delta_events,
+    prompt_hook_on_tool_call_events,
+    prompt_hook_on_tool_result_events,
     review_threads,
     review_thread_messages,
 );