NeuroTrace

NeuroTrace is a real-time security and observability platform for LangGraph agents, visualize workflows, detect AI vulnerabilities, and inspect LLM reasoning, all in a sleek modern dashboard.

Comment

๐Ÿ’ก Inspiration

As a developer working with increasingly complex LangGraph-based AI agents, I realized that debugging and understanding agent behavior was like peering through a fog. There were no good tools to see how agents thought, what went wrong, or where vulnerabilities might be lurking, especially in real-time. Inspired by tools like Sentry, Postman, and LangSmith, I wanted to build something that offered:

  • Real-time observability for AI workflows.
  • A vulnerability scanner tailored for agentic code logic.
  • The ability to trace how large language models "think."

NeuroTrace was born from this gap: a seamless DevTool for inspecting, securing, and controlling LangGraph agents like never before.

๐Ÿค– What It Does

NeuroTrace is a developer-first platform that transforms opaque AI workflows into interactive, inspectable experiences. It brings together:

  • ๐Ÿ”ฎ Agent Flow Visualization: A dynamic graph shows exactly how your LangGraph agent is executingโ€”node by node, edge by edge.
  • ๐Ÿ›ก๏ธ AI Security Scanner:
    • Static and GPT-powered vulnerability analysis (SQLi, command injection, hardcoded secrets, etc.).
    • Categorized risks by severity: Critical, High, Medium, Low.
  • ๐Ÿ“œ Structured Logs:
    • Captures every step, error, decision, and response.
    • Token usage, prompt/responses, execution metadata.
  • ๐Ÿง  LLM Thought Capture: Log the inner monologue of your LLMs with minimal setup.
  • ๐Ÿ’ป Click-to-Inspect Nodes:
    • Source code with syntax highlighting.
    • Runtime context and state.
    • Vulnerability context with auto-suggested remediations.
  • ๐Ÿ“ก Real-time Updates: Frontend continuously polls backend endpoints for latest data.

๐Ÿ› ๏ธ How I Built It

๐Ÿ”— Agent Instrumentation Layer:

  • Built a custom NeuroTrace class that wraps LangGraph workflows.
  • Injects a specialized NTCallbackHandler to capture LLM events, decisions, and metadata.
  • Uses AST parsing to extract code and static analysis for vulnerabilities.
  • GPT-4 used via OpenAI API to generate non-obvious risk vectors and remediation advice.

โš™๏ธ Backend:

  • Python 3.9+, using LangChain, LangGraph, OpenAI, and Requests.
  • API calls to frontend handled via Next.js API Routes instead of a standalone server.
  • Data stored in processed_agent_code.json and processed_logs.json for simplicity and portability.

๐Ÿง‘โ€๐ŸŽจ Frontend:

  • Next.js with TypeScript and Tailwind CSS.
  • Visualized execution flow via ReactFlow, enhanced with animations using Framer Motion.
  • Includes loading skeletons, click-to-expand nodes, and card-style vulnerability summaries.
  • Fully responsive UI with support for keyboard navigation and dark mode.

๐Ÿšง Challenges I Ran Into

  • LangGraph Complexity: Nodes and subgraphs dynamically mutate, making static visualization tricky.
  • Security Detection: GPT-4 outputs were verboseโ€”I had to engineer smart prompt templates and extract concise summaries.
  • Frontend-Backend Sync: Maintaining state between a Python process and a polling JS frontend required careful debounce and refresh tuning.
  • Latency: Real-time logging with LLMs and OpenAI calls had to be optimized to feel snappy.

๐Ÿ† Accomplishments That I'm Proud Of

  • Built a LangGraph-native DevTool that works with a one-line wrapper.
  • Created a GPT-4 powered security engine that finds nuanced logic bugs in AI code.
  • Designed a beautiful, fast frontend that updates live without ever refreshing.
  • Architected for extensibility: modular logging, flexible API endpoints, and frontend-first rendering logic.

๐Ÿ“š What I Learned

  • How to build hybrid AI+frontend tools across Python and JS ecosystems.
  • Practical prompt engineering techniques for generating structured, actionable insights from GPT-4.
  • Graph theory principles for rendering dynamic LLM workflows.
  • Best practices for building developer-facing tools: fail-safe logging, stateless polling, and minimal user config.

๐Ÿš€ Whatโ€™s Next for NeuroTrace

  • [ ] ๐Ÿงช Real-time Agent State Viewer: View the agentโ€™s full state at every decision point.
  • [ ] ๐Ÿ” Log Explorer: Advanced filters, tags, search across token traces, prompts, and errors.
  • [ ] ๐Ÿ” Static + Dynamic Hybrid Security Engine: Integrate runtime behavior to catch edge-case vulns.
  • [ ] ๐ŸŒ Framework Adapters: Add support for CrewAI, AutoGen, and Fetch.aiโ€™s uAgents.
  • [ ] ๐Ÿงต Session Export/Replay: Save workflow executions and replay them with updated code.
  • [ ] ๐Ÿ“ฆ GitHub Integration: CI vulnerability reports, PR checks, and traceable logs per commit.

Built With

Share this project:

Updates