SOC 2 Evidence Pack Assembly with Codex: API Runtime Pattern

A production playbook for SOC 2 evidence pack assembly in cross-industry operations using Codex: api runtime pattern, run-scoped inputs, logs, typed results, and artifacts.

Audience: Compliance teams

The problem

Compliance teams need SOC 2 evidence pack assembly to run repeatedly against control evidence, screenshots, exports, and audit notes. In cross-industry operations, the pain is not one good answer; it is repeatability, auditability, exception handling, and evidence that survives handoff.

Implementation path

Package the SOC 2 evidence pack assembly instructions as a skill, send control evidence, screenshots, exports, and audit notes as run-scoped inputs, execute with Codex, poll terminal status, and consume argo.result.v1 instead of parsing a transcript.

Tradeoffs and failure modes

The API boundary forces the workflow to define inputs, terminal states, and result shape before customers depend on it. For SOC 2 evidence pack assembly, the practical test is whether a second run can be debugged, retried, and consumed by a product without reading the raw agent transcript.

Run request

POST /api/skills/<skill_id>/run
provider=codex
workflow=soc2-evidence-pack
inputs[]=@./input-pack.zip
result_schema=argo.result.v1

Run this on Argo