Spotlight by Backplanes
Session reports for Claude Code & Codex to improve your code
Start new thread
fmerian

Spotlight by Backplanes - Session reports for Claude Code & Codex to improve your code

by
Tabstack
Keep up with your agents. Spotlight reads your Claude Code and Codex sessions and shows you what your agents actually did, and how to get recursively better every session: what to fix now, what to ship better next time, what's worth sharing. One harness or seven, solo or across your team. Free.

Add a comment

Replies

Best
Seth Blank
Maker
📌

Hey Product Hunt. We're Seth, Neil, and Nick, and we've spent a decade in security and dev tools across Google/Gmail, Valimail, Twilio, and Algolia.

We built Spotlight by Backplanes to help you keep up with your agents. It reads your Claude Code and Codex sessions and shows you what your agents actually did: session reports that make you a better engineer, every day.

This started with a scare. Neil asked Claude to fix one file. It read 47, including his ~/.ssh keys, and wrote an API key into a tracked .env. We build security software, and our own agents did this. We missed it, and caught it by accident while investigating something else.

So we looked deeper, stitching our Claude and Codex sessions together across machines. Two things floored us: how much we'd missed, and how many good moves we were making in one place but not another. Surfaced and shared, those patterns made us better, every day.

That's what Spotlight does for you. After every session, you get a report: what to fix now, what to ship better next time, what's worth sharing. One harness or seven, solo or across your team.

We're building toward a world where you can see and manage everything your agents do. Visibility is where it starts, and we think everyone deserves to know what their agents are doing, so we're making this piece free. We'll be offering paid features and automations in the near future; seeing what your agents did won't cost you. Private and secure by design, with details at backplanes.com/trust.

Install is one line, and your first report lands in ~2 minutes: Get started on backplanes.com.

Click here to join our Slack and say hello.

We hope you love Spotlight, and we can't wait to hear what it illuminates for you.

Walker Williams

@antifreeze congrats on the launch! Such a needed product right now.

Ricky Farmer

@antifreeze The SSH keys is exactly why this matters, gents move fast and

the blast radius is invisible until it isn't. Congrats on launch. Trying it today

Neil Kumaran
Maker

@ricky_farmer : "Invisible until it isn't" is pretty much the whole problem in five words, and is better than much of the copy we wrote for this launch. :)

Glad you're giving it a run today. Tell us what your first report turns up; real sessions on day one are exactly the feedback we want.

Chris Messina

As of this year, I’ve become a “non-engineer engineer”, letting Claude and all his robot friends abuse my terminal. For example, the other day I just discovered how to actually use a `.env` file. Yes, I am embarrassed.

How was I forced to discover this? @antifreeze (who I've known for what? 20 years??) gave me a demo of Backplanes and in a reports on one of my coding sessions I saw red:

And this wasn't the only red I saw...!

Backplanes showed me the ugly underbelly of my agent sessions: leaked credentials, missing tests, sloppy patterns I’d normalized because the app I was building "worked".

By shipping like a maniac, I leaked my secrets all over the place — and Backplanes provided me actionable steps to get my shit locked down.

This isn't just “agent analytics.” It’s a backstop for the bullshit your coding agents quietly create while you’re moving at AGI speed. Like being shown what bacteria lives on your toothbrush when you stop to under a microscope. 🦠🤮

So if you haven't been practicing excellent agentic hygiene, give Backplanes a try.

Because behind every successful coding session is a backplane.

Seth Blank
Maker

@chrismessina Twenty years and I pay it off by showing you the bacteria on your toothbrush. 😅 Don't be embarrassed about the red -- we build security software and our own reports lit up too. It would be embarrassing if it weren't happening to everyone.

"Non-engineer engineers" are exactly why we made seeing this free: everybody's shipping like maniacs now, and everyone deserves to know what their agents are doing. (And "behind every successful coding session is a backplane" is going on a shirt.)

Armand

Congrats @antifreeze - this is one of those products that feels obvious once you see it.

I’m using Claude Code/Codex every day right now, and the trade off is you don’t really know what got touched, what got skipped, or what weird security debt just got created. In our space making sure everything is tightened up and polished is a necessity more than ever.

Spotlight makes it clear what actually happened. Every team using agents seriously is going to need this. Bullish.

Seth Blank
Maker

@armand thank you! "Obvious once you see it" is the best kind of compliment. Excited to hear what Spotlight illuminates for you-- and what you wish it showed. That's the stuff we want to build next!

fmerian
Hunter

@antifreeze curious what's on your product roadmap btw? anything you could share here?

Neil Kumaran
Maker

@fmerian Ha, fair question. Happy to share the general compass, even if I have to hang on to the detailed map for now. ;-)


The direction is in the name: Spotlight is the visibility and advisory layer, illuminating what's happening. The plan for Backplanes is not just being able to see, but to manage/shape everything your agents do, whether you're an individual user or an enormous organization.

Where we're pushing next with Spotlight, directionally:

  1. Deeper: richer insights on individual sessions as well as richer cross-session and team-level patterns.

  2. Broader: more harnesses and agent surfaces beyond Claude Code and Codex.

  3. Automated: from reports to actions. Today a Spotlight finding hands you advice on how to resolve an issue; over time, more of that loop gets automated.

What I'd love from this thread: tell me which harness you'd want next, or what a report should catch that it doesn't today.

We're building this for builders and creators like you, and nothing steers the roadmap like hearing it straight from you.

fmerian
Hunter

"I’m using Claude Code/Codex every day right now, and the trade off is you don’t really know what got touched, what got skipped, or what weird security debt just got created."

@armand exactly! @Spotlight by Backplanes brings clarity to your sessions. it improves your code and makes you a better engineer.

S/O to @antifreeze @gogogadgetneil @natwar86 and team

Curious Kitty
You emphasize “no OAuth into Anthropic/OpenAI” and still show org-level rollups (security/engineering/spend) with spend reconciliation close to invoices. How are you attributing sessions and spend across engineers/repos/tools without provider-side integrations, and what were the key tradeoffs you made to ship that early versus, say, real-time monitoring or policy gating?
Neil Kumaran
Maker

@curiouskitty This one's fun to answer, because the trick is that there's no trick: the harnesses already write everything down. Claude Code and Codex keep a transcript of every session. Spotlight's CLI watches those transcripts on your behalf, redacts sensitive info from new activity locally, and then sends the redacted version up for pattern analysis and report generation.

So attribution falls out of the session itself: it knows its user, its project, and its tools; org rollups are aggregation, not integration. Spend is computed from the same token counts the provider meters, which is why it tracks invoices closely. It's an estimate by construction, but a well-grounded one, and no OAuth or provider-side hooks are involved.

On tradeoffs: we deliberately chose to start with reading over intercepting. Real-time gating means sitting in the request path, and a proxy adds latency to every call and breaks when harnesses update. Our way, you're minutes behind live but never blocked mid-flight: a genuine trade, and one that buys zero added latency and zero workflow friction.

We'd love for you to take a look. The install is one line, and your first report lands in a few minutes. Let us know what you find! :)

fmerian
Hunter

had a blast collaborating with @gogogadgetneil @natwar86 and team!

Some recent discussions here pointed out that using a terminal like @Claude Code might feel too "zoomed out" from the code. Many prefer to stay in the loop and see what their agents are actually doing. [1]

@Spotlight by Backplanes fixed just that. It brings clarity to your agentic coding sessions and, more importantly, it compounds, making you a better engineer every session.

Go to backplanes.com to generate your first report in minutes - or see sample report here.

S/O to the ?makers, keep up the great work 👏👏

[1]: How do you like to work with AI coding agents?

Florent Berrez

The session report angle makes sense. What I'm curious about is how much signal you're actually extracting versus just replaying what happened. Claude Code sessions can get noisy fast, lots of back-and-forth, abandoned branches, retried prompts, and the raw transcript isn't that useful without some layer of interpretation on top. Does Spotlight surface things like where the agent got stuck, or which tool calls failed silently, or is the report mostly a structured summary of the final output? Also curious what the security topic covers here, whether you're flagging things like secrets exposed in prompts or risky code patterns the agent introduced, since that would be a genuinely different use case than the reporting side.

Neil Kumaran
Maker

You're spot on @fberrez1 : the session replay is the easy part; the interpretation layer is the product.


Short version: the raw session info is the input, not the report. The bookkeeping (counts, files touched, domains, cost) is computed mechanically, and the analysis on top is held to one rule: every finding has to point at the specific moment in the session it came from. If it can't cite the event, it doesn't ship.

On noise: that's most of what the engineering portion of the report is for. It surfaces retry storms, redundant tool loops, repeated lookups that should have been cached, and it distinguishes failing retries from deliberate re-verification. Those land as "Faster Next Time" items with payoff grounded in the session, like "~60 calls collapsed into one." CI, test, and lint outcomes get flagged when the transcript shows them. And when something isn't observable, the report says so in a blind-spots section instead of guessing. We'd rather show you an empty field than an invented one.


Security is a separate findings stream, severity-ordered, with categories like credential, shell, file, network, production, and subagent. Concretely: a live-looking key written into a tracked .env (with a paste-into-Claude prompt to rotate it), a destructive command against prod with no dry run, a call to a domain you've never used, a subagent reaching outside the project. One detail worth knowing: secrets are redacted on your machine before anything uploads and a second pass is run on the server before we write, so the report can flag the secret class without ever holding the value.


You're right that those are two different use cases. The report carries both on purpose: the security stream and the engineering narrative come from one pass over the same session and give you the full picture. That's the bet we're making.


Run it on your messiest session and tell us what you find, here on our community Slack. :)

fmerian
Hunter
Van Ho

Hey congrats on the launch!

This looks really promising. I’ve had way too many Claude sessions where I come back after a break and have no clue what just happened in the project. The automatic capture + those session summaries with the “needs review” flags feel like such a sanity saver.

Neil Kumaran
Maker

@van_ho : Thanks, Van! "Come back after a break and have no clue what just happened" is exactly the moment we built this for. If you give it a run, I'd love to hear what your first report catches. :)

Walker Williams

There’s a tension right now between allowing your team to adopt cutting edge AI tools & maintaining good security practices. Backplanes is solving that so you can move fast without compromising on security.

Seth, Neil and Nick are the perfect team to be building this product and I’m thrilled to be an early tester and customer.

Seth Blank
Maker

@walkeriwilliams Walker! You believed before there was anything to test, and you've kept the feedback sharp and neverending ever since -- in the best way. Spotlight is better for every round of it. Thank you. Keep it coming!

Robin Smith

Love this! As an enthusiastic-but-amateur engineer, this is super useful. The rapid evolution of coding agents are like katanas; incredibly powerful tools when used correctly. Wield them wrong and you'll cut your own arm off (I've done it many times). Having an expert keep tabs on ensuring both me and my agent(s) aren't going off-piste is critical.

Looking forward to see how Spotlight and Backplanes evolve.

fmerian
Hunter

@robskigb thanks for the support! IMHO you'll enjoy using @Spotlight by Backplanes as it doesn't just improve your code, it also makes you a better engineer.

Give it a spin and generate your first report on backplanes.com -- enjoy!

Nick Vlku
Maker

@robskigb Thanks! These agents are getting more and more powerful by the day and, as a wise man once said, "With Great Power Comes Great Responsibility." We're excited to introduce Spotlight as a way to use these agents to their fullest, but also still be safe as you do it! Thanks again!

Louis Lecat

looks really cool! Gonna take it for a spin

fmerian
Hunter

@louislecat lfg! here you go: backplanes.com

looking forward to your thoughts

12
Next
Last