Rewind for Agents

Make AI agents transparent, reversible, and under control.

Comment

Rewind for Agents

Inspiration

As AI agents become more capable, they are also becoming more powerful inside real user workflows. They can read calendars, draft emails, create issues, and make decisions across connected tools. That power is exciting, but it also creates a trust problem.

Most agent experiences today still feel like a black box. A user gives an instruction, something happens in the background, and the user is expected to trust that the agent interpreted the request correctly, used the right permissions, and did not take an unintended action.

We built Rewind for Agents to address that gap.

The core idea is simple: if an agent is going to act on behalf of a user, the user should be able to:

  • see what the agent is doing
  • understand why it is doing it
  • approve sensitive actions before they happen
  • undo actions when needed
  • review a clear timeline of everything that happened

Instead of just making agents more powerful, we wanted to make them more understandable, auditable, and controllable.

What it does

Rewind for Agents is an interface for AI-powered tool use that makes agent behavior visible and reviewable.

The app supports workflows across connected tools such as:

  • Google Calendar
  • Gmail
  • GitHub

Key capabilities include:

  • Rewind Timeline
    Every important step is recorded in a readable sequence so users can inspect how the agent interpreted a request and what it tried to do.

  • Approval before sensitive writes
    If an action changes external state, such as creating a calendar event or drafting an email, the user must explicitly approve it.

  • Undo support
    Executed actions can be rolled back, turning the system into something not just observable, but reversible.

  • Grouped request history
    Requests are grouped into clean UI sections so the timeline remains readable even as the session grows.

  • Policy-based provider blocking
    Access to tools can be disabled, and the agent will clearly show when a request is blocked by policy instead of silently failing.

  • Auditability
    The system maintains a trace of what happened so the user can verify actions and outcomes later.

How we built it

We built the project as a full-stack web application using:

  • Next.js
  • TypeScript
  • Auth0 for authentication
  • Tool integrations for Google Calendar, Gmail, and GitHub

Core architecture

The app is organized around a few major layers:

1. Request interpretation

User prompts are parsed and mapped into actionable intent, such as:

  • checking calendar availability
  • scheduling an event
  • drafting an email
  • creating a GitHub issue

2. Agent orchestration

The agent layer determines:

  • what the user is asking
  • which provider is needed
  • whether the action is read-only or write-sensitive
  • whether approval is required
  • what should be recorded in the rewind timeline

3. Approval system

For sensitive actions, the app creates a pending approval item rather than executing immediately. This keeps the user in control before a write happens.

4. Rewind timeline

We built a dedicated timeline experience to show:

  • user request received
  • interpretation and planning
  • provider access reasoning
  • approvals
  • execution
  • rollback or failure events

5. Undo and rollback

Executed actions are stored with enough metadata to support a compensating undo flow, such as deleting a created calendar event or closing a created issue.

6. UI organization

We improved the dashboard to make complex sessions easier to follow by adding:

  • grouped request cards
  • accordion behavior
  • paging through older requests
  • color-coded request groups
  • visible undo flows

Challenges we ran into

1. Making agent behavior understandable without overwhelming the user

One of the biggest challenges was balancing transparency with usability. If we showed every internal step naively, the interface became noisy very quickly. If we hid too much, we lost the core value of explainability.

We solved this by grouping actions into request-based flows and making them collapsible, so the user can inspect details when needed without losing the overall view.

2. Handling sensitive writes safely

It was important that the app never feel like it was acting too aggressively. Scheduling an event, drafting an email, or creating an issue should not happen silently. Designing a clean approval system that feels secure but not annoying was a major product and engineering challenge.

3. Designing undo for real integrations

Undo sounds simple, but real tool actions are not always trivially reversible. We had to think in terms of compensating actions rather than true time travel. For example:

  • undoing a created calendar event means deleting it
  • undoing a created GitHub issue means closing it
  • undoing a draft means removing it

This required careful action tracking and metadata design.

4. Overlap and policy handling

For calendar scheduling, we had to think through what should happen when the requested time is already busy. Instead of blindly failing or blindly scheduling, we added a flow where the user can explicitly approve overlapping scheduling.

Similarly, when provider access is disabled, the app needs to clearly explain that the request is blocked by policy.

5. Keeping the UI aligned with trust

Because the project is about trust, the UI itself needed to communicate clarity and control. We spent a lot of time refining how requests are grouped, how actions are labeled, and how status is surfaced so that the dashboard supports the product story.

What we learned

This project taught us a lot about the difference between agent capability and agent trustworthiness.

We learned that:

  • a powerful agent is not enough if users cannot understand what it did
  • approvals, undo, and visibility are not “extra features”, they are core trust mechanisms
  • good agent UX requires both strong backend orchestration and thoughtful interface design
  • policy enforcement and action history are just as important as execution itself
  • building for real connected tools forces you to think carefully about reversibility and accountability

We also learned how important it is to design AI systems not just around automation, but around human confidence.

Accomplishments that we're proud of

  • Built a working AI agent interface that makes agent actions transparent, reviewable, and reversible instead of behaving like a black box.
  • Designed and implemented the Rewind Timeline, which tracks the sequence of actions taken by the agent in a clear, user-friendly way.
  • Added approval flows for sensitive write actions, so users stay in control before the agent modifies external systems.
  • Implemented undo support for executed actions, making the system not only observable but also reversible.
  • Integrated real tools like Google Calendar, Gmail, and GitHub, showing that the product works beyond a mock demo.
  • Added policy-based access control, allowing provider access to be turned on or off and clearly showing when an action is blocked.
  • Improved the UI with grouped request history, accordion behavior, pagination, and color-coded request organization to make the experience easier to follow.
  • Built a project that combines AI usability, trust, auditability, and real-world integrations into one end-to-end application.

Why this matters

As agentic systems become more common, users will need more than convenience. They will need confidence that the system is acting correctly, safely, and visibly.

Rewind for Agents is our attempt to push that idea forward.

Instead of asking users to trust a black box, we wanted to build a system where trust is earned through:

  • transparency
  • explicit approvals
  • reversibility
  • and a complete rewindable history

What’s next

We see several directions to extend this project:

  • support for more providers and workflows
  • stronger policy configuration
  • richer audit export and verification
  • better natural language explanations for agent reasoning
  • deeper rollback support for more tool actions
  • enterprise-ready persistence and observability

Final thought

Rewind for Agents is about making AI systems feel less like hidden automation and more like accountable collaborators.

We believe the future of AI agents is not just about what they can do, but about how clearly, safely, and reversibly they do it.

Bonus Blog Post

Building Rewind for Agents pushed us to think beyond what an AI agent can do and focus instead on what an AI agent should do when it is acting inside real user workflows. From the beginning, our goal was not just to build another agent demo, but to design an experience where actions across tools like Google Calendar, Gmail, and GitHub feel transparent, reviewable, and safe.

One of the biggest technical challenges was handling real connected accounts in a way that preserved both usability and trust. We wanted users to connect tools smoothly, but we also needed the system to respect boundaries between authentication, permissions, and provider access. That is where working with Auth0 and Token Vault became especially valuable. Instead of treating provider access as a hidden background detail, we designed the app so connected-account actions could be surfaced clearly in the interface, while the underlying token management remained secure and structured.

Another challenge was aligning agent execution with user control. Sensitive write actions, such as scheduling a calendar event, could not feel automatic or risky. We solved this by building an approval flow, an auditable rewind timeline, and undo support for executed actions. That combination helped transform the project from a simple automation tool into something more accountable.

What we are most proud of is that Rewind for Agents does not just showcase agent capability. It showcases agent trust. By combining connected accounts, secure token-backed integrations, visible action history, approval-based writes, and rollback support, we built a system that makes AI agents feel less like black boxes and more like responsible collaborators.

Built With

  • ai-agent-orchestration
  • approval-workflows
  • audit-timeline
  • auth0
  • control
  • css
  • css-frameworks-/-libraries:-next.js
  • github
  • github-core-concepts-/-features:-ai-agent-orchestration
  • gmail
  • google-calendar
  • html
  • javascript
  • next.js
  • policy-based
  • provider
  • react
  • react-authentication:-auth0-platforms-/-cloud:-vercel-integrations-/-apis:-google-calendar
  • tokenvault
  • typescript
  • undo/rollback-logic
  • vercel
Share this project:

Updates