Mission Control
Live supervision for everybot.
Risk scoring, live feed, and instant override for every active conversation. When a bot needs help, your operators step in — without losing context.
Regulation is catching up fast
EU AI Act Article 14 compliance is mandatory by August 2026. Mission Control captures the oversight evidence regulators expect.
Silent failures cost most
Risky conversations stall, escalate, or churn customers long before anyone notices. We surface them before they age.
Operators need leverage
Whisper, pause, takeover, approve - five surgical levers beat the blunt 'shut it off' button enterprises usually have.
Built for the people who answer to auditors
Real-time supervision, audit-grade evidence
Mission Control speaks the observability protocols your SRE team already runs, routes alerts to the tools your on-call team already uses, and produces the evidence trail your compliance team already needs.
Observability standards — pipe into your existing stack
OpenTelemetry
spans + metrics over OTLP
W3C Trace Context
traceparent across every hop
Structured JSON logs
ECS-aligned fields
Prometheus metrics
scrape endpoint + remote write
Webhook delivery
HMAC-signed event fan-out
Route alerts to the tools your on-call team lives in
Aligned to the oversight + audit frameworks your auditors cite
EU AI Act Article 14
Human oversight evidence baked into the audit log
GDPR Article 22
Right to human review of automated decisions
SOC 2 CC7 / CC8
Monitoring + change-management controls
ISO/IEC 27001:2022
Clause 8.16 — monitoring activities
HIPAA §164.312(b)
Audit controls for protected workflows
Oversight guarantees — with honest status
Every commitment tagged with its real production status. No vague badges, no implied attestations.
Append-only audit, 16 typed actions
OversightAudit log captures every intervention, approval, alert, status change, and system action. Writes go through enforced rules; reads remain open to authorized operators.
Role-scoped dashboards
Operators see only the conversations, bots, and risk scores their role and org permit. Read-only auditors get evidence without intervention capability.
Tenant isolation, end-to-end
Every Firestore subscription, query, and audit write is scoped by org_id at the rules layer — verified twice (rules + middleware) before a single row crosses tenant boundaries.
Intervention controls
Whisper, pause, take-over, and kill actions ship today. Every intervention is signed by the operator, timestamped, and reproducible from the run trace.
Audit export for evidence
Filter, search, and export the OversightAudit log for compliance reviews, customer audits, and post-mortems. Output is signed JSON with a verifiable hash chain.
Retention policies
Configurable retention for audit logs and run traces per org — designed to align with SOC 2 and HIPAA evidence-preservation expectations.
Framework alignment, not certification. References to EU AI Act, GDPR, SOC 2, ISO/IEC 27001, and HIPAA reflect architectural alignment with these published frameworks and statutes — they are not third-party attestations or legal compliance opinions. Alert-destination brand names and marks belong to their respective owners and indicate technical compatibility through their public webhook and API interfaces, not endorsement or partnership.
How it works
Watch. Score. Route. Intervene. Resolve. Audit.
Six real-time layers run continuously. Every stage hands enough context to the next so operators act on signal, not noise.
Live ops cockpit
observe · score · intervene · auditObserve
live feed · risk score
Score
5 weighted signals
Intervene
whisper · pause · kill
Audit
append-only trail
Watch
Every live conversation, on one screen
Mission Control streams every active bot conversation in real time via Firestore subscriptions. Operators see message counts, duration, assigned bot, assigned operator, and current status without leaving the dashboard.
How it works
- Real-time onSnapshot streams for conversations, alerts, and approvals
- Status badges: active, paused, operator_takeover, escalated, ended
- Bot, workflow, and org filters for focused triage
Score
Risk isn't a guess - it's a weighted signal
A scoring engine continuously computes a conversation-level risk value by blending five independent signals. Each signal is surfaced to operators so they see why a conversation lit up, not just that it did.
How it works
- Guardrail (30%) - blocks, escalations, policy hits
- Pattern (25%) - loops, repetition, stalled negotiation
- Sentiment (20%) - frustration / urgency keywords
- Topic (15%) - PII, crisis, compliance-sensitive content
- Duration (10%) - extended or stalled sessions
Route
Alert the right operator, not the whole room
Configurable AlertRules decide when to escalate. Thresholds, cooldowns, and operator targets are tuneable per org. Fired alerts land in the dashboard and route via the channels you already use.
How it works
- 8 trigger types incl. risk spike, guardrail block, repeat failure
- Per-rule cooldown to prevent pager fatigue
- Operator routing by shift, role, or specialty tag
Intervene
Five surgical actions, always with a rationale
Operators act with the lightest possible tool. Whisper guides silently. Pause freezes. Takeover lets a human drive. Inject pushes a scripted message. Kill ends the session with a safe fallback. Everything that changes the bot's behaviour is rationale-logged.
How it works
- Whisper - invisible guidance to the bot, never shown to the user
- Pause - stop new messages until a human clears the session
- Takeover - operator drives the conversation directly
- Inject - scripted message sent as the bot
- Kill - end session with a safe fallback and audit entry
Resolve
Time-boxed approval queues, never abandoned
When a bot attempts a gated action, it pauses and fires an ApprovalRequest with an SLA-aware urgency. If no operator responds in time, the request auto-denies - so sessions never hang silently.
How it works
- Urgencies: immediate (15s), standard (120s), extended (900s)
- Pending queue surfaced in real time with elapsed timers
- Auto-deny on timeout - configurable per rule
- Every decision becomes a reviewable audit entry
Audit
Immutable trail - built for SOC 2 and the EU AI Act
Every intervention, approval, alert, and status change is written to an append-only OversightAudit log. The data model is purpose-built for EU AI Act Article 14 evidence and SOC 2 change-management requirements.
How it works
- Append-only: reads are open, writes go through enforced rules
- 16 audit action types across operator and system activity
- Exportable for compliance reviews and customer audits
- Ties back to the run trace for reproducibility
Risk scoring signals
Five inputs, one transparent score.
Guardrail
Blocks, policy triggers, and escalations from safety rules.
Pattern
Loop detection, repetition, stalled negotiation.
Sentiment
Frustration and urgency keywords in user messages.
Topic
PII, crisis, financial, or compliance-sensitive matter.
Duration
Extended or stalled sessions past org thresholds.
Intervention deck
The five actions operators use mid-session.
Whisper
Silent guidance to the bot mid-conversation.
rationale optionalInject
Push a scripted assistant message verbatim.
rationale requiredPause
Freeze further messages until a human clears it.
rationale optionalTakeover
Human operator drives the conversation.
rationale requiredKill
End session with a safe fallback message.
rationale requiredApproval SLAs
Time-boxed, never silently stalled.
Immediate
15sSafety-critical or financial actions.
Standard
120sRoutine gated actions needing a human check.
Extended
900sDeliberate reviews that can tolerate latency.
Approvals default to auto-deny on timeout so conversations never hang. Thresholds and fallbacks are configurable per rule.
Built for SOC 2 and the EU AI Act
Evidence, rationale, and immutability by default.
EU AI Act - Article 14
Live human oversight, ability to intervene or override, rationale capture, and audit trail - the exact evidence expected for the August 2026 deadline.
SOC 2 change management
Every intervention, approval, alert rule change, and operator shift is recorded against a user, timestamp, and conversation. Exportable for auditors.
Answers
What teams usually ask
Does Mission Control work with existing bots?
Yes. Any bot that routes through Rylvo automatically appears in the live feed. Risk scoring, alerts, and the audit log activate once Mission Control is enabled for the org.
Is every action logged?
Yes. Interventions, approvals, and alert acknowledgements are written to an append-only OversightAudit collection with 16 action types - ready to export for compliance or customer audits.
How does this map to the EU AI Act Article 14 deadline?
Article 14 demands ongoing, effective human oversight for high-risk AI. Mission Control provides the live feed, intervention controls, rationale capture, and evidence trail that article requires - built to satisfy the August 2026 deadline.
Can operators override the bot entirely?
Yes. Takeover transfers the conversation to a human operator who drives the response, while Kill ends the session with a safe fallback. Both require rationale and are logged.
Deep dive
What “effective human oversight” actually looks like
Watch every session, not yesterday's logs
Mission Control is built on a real-time stream — risk scores update per turn, queues drain in seconds, and operators see what bots see while the conversation is still live. There's no “export the logs and grep” loop between an incident and an intervention.
Risk is a number, not a feeling
Every session gets a 0–100 score from five weighted signals — guardrail triggers, pattern detection, sentiment, topic sensitivity, and duration. Thresholds are tunable per bot so each team decides what “needs a human” means in their domain, instead of guessing case by case.
Five interventions, calibrated to the moment
Whisper for guidance, Inject for scripted replies, Pause to freeze, Takeover for full human control, Kill for emergency stop. Each is one keystroke away, each captures rationale, and each is signed — so compliance reviewers can answer “who did what and why” in seconds, not weeks.
Audit-ready by construction
The OversightAudit log is append-only with 16 typed actions across operator and system activity. The data model is purpose-built for SOC 2 change-management and EU AI Act Article 14 evidence — and every entry ties back to the original trace, so reproducibility is built in, not bolted on.
Stand up oversight in a day
Put a human in the loop - without slowing the bot down.
Mission Control is available on Growth plans and up. Risk scoring, live feed, five intervention actions, approval SLAs, and the immutable audit log are all included.