Automation Recipes
Connect AITracer webhooks to Discord, Slack, email, and custom endpoints to build real-time AI operations alerting.
AITracer webhooks deliver trace.created events to any HTTPS endpoint with HMAC-SHA256 signatures. Use these automation recipes to route AI execution data to your team's communication channels.
Available Webhook Events
| Event | Description | Payload |
|---|---|---|
trace.created | Fires when a new AI execution trace is ingested | { event, traceId, actionName, model, status, verification, ingestedAt } |
verification.completed | Fires after post-persist SHA-256 verification | { event, traceId, valid, expectedHash, actualHash } |
policy.failed | Fires when a governance policy blocks or flags execution | { event, traceId, resource, action, reason } |
budget.threshold.exceeded | Fires when cost exceeds configured threshold | { event, traceId, costUsd, thresholdUsd } |
Recipe 1: Discord Notifications
Send trace alerts to a Discord channel via webhook.
Setup
-
Create a Discord webhook — In Discord, go to Server Settings → Integrations → Webhooks → New Webhook. Copy the webhook URL.
-
Configure AITracer — In Settings → Webhooks, add a new webhook:
- URL: Your Discord webhook URL
- Events:
trace.created - Enabled: Yes
-
Add a relay service (Discord webhooks expect a specific JSON format. Use a lightweight relay):
// relay.js — Host on Vercel, Cloudflare Workers, or any Node.js server
export default {
async fetch(request) {
const body = await request.json()
// Verify AITracer HMAC signature
const sig = request.headers.get("X-AITracer-Signature")
// ... HMAC verification logic here ...
const { traceId, actionName, model, status, verification } = body
const discordPayload = {
embeds: [{
title: `Trace Recorded: ${actionName}`,
color: status === "completed" ? 0x3ddc97 : 0xf97316,
fields: [
{ name: "Trace ID", value: traceId, inline: true },
{ name: "Model", value: model ?? "unknown", inline: true },
{ name: "Status", value: status, inline: true },
{ name: "Verified", value: verification?.postPersistValid ? "✓ Yes" : "⚠ No", inline: true },
],
footer: { text: "AITracer" },
timestamp: body.ingestedAt,
}],
}
await fetch("https://discord.com/api/webhooks/YOUR_WEBHOOK_ID/YOUR_WEBHOOK_TOKEN", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(discordPayload),
})
return new Response("OK", { status: 200 })
},
}Result
Every AI execution trace sends a Discord embed with trace ID, model, status, and verification status — color-coded green for success, orange for failure.
Recipe 2: Slack Notifications
Send trace alerts to a Slack channel.
Setup
-
Create a Slack app — Go to https://api.slack.com/apps → Create New App → From Manifest → Incoming Webhooks.
-
Add a webhook to your channel — Install the app, copy the webhook URL.
-
Configure AITracer — Add the Slack webhook URL in Settings → Webhooks.
-
Use a relay (same pattern as Discord, different payload):
const slackPayload = {
blocks: [
{
type: "header",
text: { type: "plain_text", text: `Trace: ${body.actionName}` },
},
{
type: "section",
fields: [
{ type: "mrkdwn", text: `*Trace ID*\n\`${body.traceId}\`` },
{ type: "mrkdwn", text: `*Model*\n${body.model ?? "unknown"}` },
{ type: "mrkdwn", text: `*Status*\n${body.status}` },
{ type: "mrkdwn", text: `*Verified*\n${body.verification?.postPersistValid ? "✓ Yes" : "⚠ No"}` },
],
},
],
}Recipe 3: Email Alerts via Resend
AITracer already supports email alerting. Configure it directly:
- Set
ALERT_EMAILenvironment variable to your team's email address. - Critical and high-severity alerts are automatically delivered via Resend.
- For custom routing, add a webhook in Settings → Webhooks and point it to your email relay.
Recipe 4: OpenClaw → Discord Bridge
Connect AITracer through OpenClaw to get trace notifications in any chat app.
Setup
- Install the AITracer OpenClaw skill:
cp extensions/openclaw/aitracer-skill.ts ~/.openclaw/extensions/aitracer/skill.ts- Add a Discord webhook relay to OpenClaw:
// ~/.openclaw/extensions/discord-relay/skill.ts
export const skill = {
name: "discord-aitracer-relay",
tools: {
async notify_discord(params: { traceId: string; action: string; model: string; status: string }) {
await fetch(process.env.DISCORD_WEBHOOK_URL!, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
content: `🔔 **New trace:** ${params.action}\nTrace: \`${params.traceId}\`\nModel: ${params.model}\nStatus: ${params.status}`,
}),
})
return "Notification sent to Discord"
},
},
}- Now you can say in WhatsApp/Telegram: "Check AITracer for recent traces and notify Discord."
Recipe 5: Webhook Signature Verification
All AITracer webhooks are signed with HMAC-SHA256. Verify them in your relay:
import { createHmac, timingSafeEqual } from "crypto"
function verifySignature(secret: string, headers: Headers, rawBody: string): boolean {
const sig = headers.get("X-AITracer-Signature") ?? ""
const ts = headers.get("X-AITracer-Delivery-Timestamp") ?? ""
const match = /^v1=([a-f0-9]+)$/i.exec(sig)
if (!match?.[1]) return false
const expected = createHmac("sha256", secret)
.update(`${ts}.${rawBody}`, "utf8")
.digest("hex")
try {
return timingSafeEqual(
Buffer.from(expected, "hex"),
Buffer.from(match[1], "hex"),
)
} catch { return false }
}Recipe 6: Webhook → Database Logger
Log all webhook deliveries to your own database for custom analytics:
# relay.py — Flask/FastAPI relay
from flask import Flask, request
import psycopg2
app = Flask(__name__)
@app.route("/aitracer-webhook", methods=["POST"])
def receive_webhook():
payload = request.get_json()
# Verify HMAC signature here...
conn = psycopg2.connect(os.environ["DATABASE_URL"])
cur = conn.cursor()
cur.execute(
"""INSERT INTO trace_events (trace_id, action_name, model, status, ingested_at)
VALUES (%s, %s, %s, %s, %s)""",
(payload["traceId"], payload["actionName"],
payload["model"], payload["status"], payload["ingestedAt"]),
)
conn.commit()
return {"ok": True}Webhook Configuration in AITracer
Configure webhooks in Settings → Webhooks:
- URL: Your relay endpoint (must be HTTPS)
- Events: Select one or more events to subscribe to
- Secret: HMAC signing secret (auto-generated, used to verify authenticity)
- Delivery attempts: 4 retries with exponential backoff (1s → 2s → 4s → 8s)
All webhook deliveries are logged in Settings → Webhook Delivery Log for debugging.