Opsis Concepts

Opsis is the safety net for builders who ship fast. It works in two modes: launch checks before you ship, and live monitoring after. Before you ship, your coding agent proves your critical flows with Playwright. After launch, Opsis watches your real users — across whatever session and error tools you already run — finds the broken flows you'd never test for, proves each one with Playwright evidence, and hands you the exact fix to paste back into your editor.

Pre-deploy launch checks

Connect the Opsis MCP server to Claude Code, Cursor, or Windsurf — your agent derives critical flows from the codebase, Opsis runs each one in a real Chromium browser on your machine, and the launch verdict lands on the project dashboard. Set up pre-deploy checks.

The same MCP server can also run an opt-in Pre-deploy Security Scan — a confirmation-first OWASP Top 10 check that opens your app in a local browser and saves redacted findings to your dashboard.

Live monitoring — your real users

After launch, connect a source and Opsis turns real sessions into proven bugs. You're not locked into one vendor — bring whatever you already run, or use Opsis' own recorder:

Opsis SDK (first-party). A zero-dependency browser recorder you drop in with one script tag. It streams uncaught errors, failed requests, and a value-free interaction timeline straight to Opsis — no third party, no session video. Input values are never read and query strings are stripped before anything leaves the page.
PostHog & Sentry — one-click OAuth. Connect your existing PostHog session replay or Sentry issues in a single OAuth click, with no API keys to copy. (Self-hosted or SSO orgs can use a scoped API token instead.)
Datadog RUM, Amplitude, LogRocket & Microsoft Clarity — guided API keys. These tools don't offer self-serve OAuth, so Opsis reads them with a read-only key you generate, following the exact steps shown in-app. Keys are stored encrypted and used only server-side.

Connect more than one if you like — every connected source flows through the same analysis pipeline. See Scans & retention for how and when imports run.

Two proof engines

Engine 1 — Signal detection & AI analysis. Opsis imports sessions and errors from your connected sources, runs deterministic signal detection (rage/dead clicks, console errors, network failures, checkout abandonment), then AI analyzes the suspicious ones.
Engine 2 — Synthetic verification (Playwright). For findings with high confidence/severity, Opsis runs a real browser to reproduce the bug: video, screenshots, trace.zip, console logs, and network logs are stored as evidence.

Principles

Findings must cite real sessions and signals — the AI is never allowed to fabricate evidence.
Findings without sufficient evidence are automatically marked needs_more_data instead of being presented as fact.
The suspected and verified statuses are strictly separated: verified means Playwright evidence exists.
Live monitoring happens entirely in the dashboard. PostHog and Sentry connect with a single OAuth click; Datadog, Amplitude, LogRocket and Clarity with a guided read-only key. The only code you ever add is optional — the Opsis SDK script tag for first-party recording, and the Opsis MCP server, which your coding agent runs locally for pre-deploy flow checks and an optional OWASP security scan.
Opsis ships a real first-party SDK with two modes: initOpsis, a zero-dependency recorder that streams errors, failed requests and interactions straight to /api/ingest (no third party); and initOpsisWithPostHog, a thin wrapper for teams already on PostHog session replay. Don't want to add an SDK at all? Connect a tool you already run instead.

Workflow

Before you ship (optional): connect the Opsis MCP server to your coding agent and run launch checks — every critical flow proven with Playwright before your users hit it, with a launch-ready verdict on the dashboard.

Sign up for Opsis.
Connect a source — PostHog or Sentry in one OAuth click, a guided read-only key for Datadog, Amplitude, LogRocket or Clarity, or drop in the Opsis SDK script tag.
Opsis imports your recent sessions and errors and analyzes them — automatically on connect, and anytime after with Scan now.
Review findings in the dashboard, backed by Playwright proof: video, trace, screenshots, console and network logs.
Paste the fix prompt into Claude Code/Cursor/Lovable, ship the fix, then re-run verification — a flow that now passes marks the finding fixed.

Loading docs

Opsis Concepts

Pre-deploy launch checks

The same MCP server can also run an opt-in Pre-deploy Security Scan — a confirmation-first OWASP Top 10 check that opens your app in a local browser and saves redacted findings to your dashboard.

Live monitoring — your real users

After launch, connect a source and Opsis turns real sessions into proven bugs. You're not locked into one vendor — bring whatever you already run, or use Opsis' own recorder:

Opsis SDK (first-party). A zero-dependency browser recorder you drop in with one script tag. It streams uncaught errors, failed requests, and a value-free interaction timeline straight to Opsis — no third party, no session video. Input values are never read and query strings are stripped before anything leaves the page.

PostHog & Sentry — one-click OAuth. Connect your existing PostHog session replay or Sentry issues in a single OAuth click, with no API keys to copy. (Self-hosted or SSO orgs can use a scoped API token instead.)

Datadog RUM, Amplitude, LogRocket & Microsoft Clarity — guided API keys. These tools don't offer self-serve OAuth, so Opsis reads them with a read-only key you generate, following the exact steps shown in-app. Keys are stored encrypted and used only server-side.

Connect more than one if you like — every connected source flows through the same analysis pipeline. See Scans & retention for how and when imports run.

Two proof engines

Engine 1 — Signal detection & AI analysis. Opsis imports sessions and errors from your connected sources, runs deterministic signal detection (rage/dead clicks, console errors, network failures, checkout abandonment), then AI analyzes the suspicious ones.

Engine 2 — Synthetic verification (Playwright). For findings with high confidence/severity, Opsis runs a real browser to reproduce the bug: video, screenshots, trace.zip, console logs, and network logs are stored as evidence.

Principles

Findings must cite real sessions and signals — the AI is never allowed to fabricate evidence.

Findings without sufficient evidence are automatically marked needs_more_data instead of being presented as fact.

The suspected and verified statuses are strictly separated: verified means Playwright evidence exists.

Live monitoring happens entirely in the dashboard. PostHog and Sentry connect with a single OAuth click; Datadog, Amplitude, LogRocket and Clarity with a guided read-only key. The only code you ever add is optional — the Opsis SDK script tag for first-party recording, and the Opsis MCP server, which your coding agent runs locally for pre-deploy flow checks and an optional OWASP security scan.

Opsis ships a real first-party SDK with two modes: initOpsis, a zero-dependency recorder that streams errors, failed requests and interactions straight to /api/ingest (no third party); and initOpsisWithPostHog, a thin wrapper for teams already on PostHog session replay. Don't want to add an SDK at all? Connect a tool you already run instead.

Workflow

Connect a source — PostHog or Sentry in one OAuth click, a guided read-only key for Datadog, Amplitude, LogRocket or Clarity, or drop in the Opsis SDK script tag.

Opsis imports your recent sessions and errors and analyzes them — automatically on connect, and anytime after with Scan now.

Review findings in the dashboard, backed by Playwright proof: video, trace, screenshots, console and network logs.

Paste the fix prompt into Claude Code/Cursor/Lovable, ship the fix, then re-run verification — a flow that now passes marks the finding fixed.