← All use cases

Prove what an AI told your customers — with evidence that survives.

When an AI surface tells customers something false, defamatory or non-compliant about your product — or recommends you for something regulated — "we saw it last Tuesday" is not evidence. Legal, compliance and brand-safety teams need what any audit needs: a dated, reproducible, tamper-evident record of what was displayed, kept long enough to matter. Most capture tools expire results in 24 hours, which is precisely when an audit trail becomes worthless.

The workflow, end to end.

Real endpoints, real field names — nothing below is pseudocode.

  1. step 1 / 4

    Schedule captures of the prompts that carry risk

    Regulated claims, medical or financial guidance touching your product, brand-adjacent prompts, competitor comparisons — captured on a fixed cadence across surfaces and the markets you operate in.

    POST /v1/search
    curl -sS -X POST "https://api.aisearchapi.dev/v1/search" \
      -H "Authorization: Bearer $AISEARCH_API_KEY" \
      -H "Content-Type: application/json" \
      -d '{
        "query": "is <product> approved for medical use",
        "surfaces": ["chatgpt", "google_ai_overview", "claude"],
        "regions": [{ "country": "US" }, { "country": "DE" }],
        "idempotencyKey": "audit-2026-07-01-q17"
      }'
  2. step 2 / 4

    Retain the three artifacts per capture

    Every capture stores the screenshot (what a person saw), the proof-of-page HTML (what the browser rendered), and the raw upstream payload — durable R2 keys on job.artifacts, not links that die in 24 hours. Fetch the proof reference any time via GET /v1/jobs/:id/proof.

    Envelope excerpt — the evidence fields
    "job": {
      "artifacts": {
        "screenshotKey": "shots/2026/07/01/job_….png",
        "proofHtmlKey":  "proof/2026/07/01/job_….html",
        "rawKey":        "raw/2026/07/01/job_….json"
      }
    },
    "provenance": {
      "capturedAt": "2026-07-01T06:00:12.482Z",
      "loginState": "logged_out",
      "region": { "requested": "DE", "effective": "DE" },
      "schemaVersion": "…", "driverVersion": "…",
      "normalizerVersion": "…", "provenanceVersion": "…"
    }
  3. step 3 / 4

    Anchor each record in version-stamped provenance

    Provenance records how the observation was acquired: the lane, login state, requested-vs-effective region, capture timestamp, and the versions of every component that touched it (schema, driver, normalizer, provenance layer). Observed is separated from inferred throughout — an auditor can see which fields are ground truth.

  4. step 4 / 4

    Report absences and failures as first-class records

    A surface that showed nothing completes as surfacePresent:false with the screenshot proving the absence; a lane that could not run fails loud with a recorded reason. Your audit log has no silent gaps — every scheduled observation resolves to a truthful record.

The Envelope fields that do the work.

Every surface returns the same canonical Envelope, so these fields mean the same thing whether the capture came from ChatGPT, Perplexity or an AI Overview.

job.artifacts (screenshot / proofHtml / raw)

The evidence itself — durable R2 keys with no 24h expiry, re-fetchable when the dispute happens months later.

provenance.capturedAt + callUuid

Exact UTC timestamp and a unique acquisition id per record — the "when" and "which" of every observation.

provenance version stamps

schemaVersion, driverVersion, normalizerVersion, provenanceVersion — reproducibility an auditor can check.

provenance.loginState + region

Under which identity and in which market the observation was made — requested vs effective, never assumed.

provenance.surfacePresent + job.warnings

Truthful absences and loud failures — an audit trail with no fabricated or silently missing entries.

Honest limits

This is evidence-grade capture, not legal advice — admissibility standards are yours to assess with counsel. Captures are guest sessions today (loginState is recorded on every record); what a logged-in, personalized session would have seen awaits the phase-2 account pool. Claude records are api_surrogate (official model API) and stamped as such — an honest record of the API’s answer, distinct from the consumer UI. Gemini and the phase-2 login-walled surfaces cannot be audited yet, and we say so rather than backfilling.

Terms used here, defined precisely: Proof-of-page · Absence-is-data · Provenance · Login-walled surface

Asked precisely.

How long are artifacts actually retained?

Durably — screenshot, proof-of-page HTML and raw payload live in R2 with no 24-hour expiry and are re-fetchable indefinitely, which is the design difference this use case hangs on. (The closest competitor expires async results and CDN artifact URLs at 24h.)

What makes a capture "provable" rather than just stored?

Three layers: the artifacts (pixel and DOM records of what displayed), provenance (how it was acquired — lane, login state, geo requested-vs-effective, timestamps, unique call id), and version stamps on every component that processed it. A skeptic can trace any field in the record back to an acquisition, not to an assertion.

Can I prove an AI did NOT show something?

Yes — absence-is-data makes non-appearance a positive record: the job completes with surfacePresent:false, a surface_absent warning, and a screenshot of the surface showing nothing. "The AI Overview made no such claim in DE on July 1" becomes a documented observation.

How do I keep an unbroken observation schedule?

idempotencyKey makes scheduled submits replay-safe (a retried cron run never double-bills or forks the record), webhooks confirm each terminal capture, and failures arrive loud with acquisition_failed reasons instead of vanishing. Gaps become visible events in your own log, not silent holes discovered during a dispute.

Build it on the capture layer.

500 free credits, charged only on successful captures — the whole workflow above runs on two endpoints.