Commit watch + mainnet shadow.
A watch daemon polls covered repos and re-runs the pipeline on every commit — diff-aware, so re-audits stay fast. A shadow monitor polls the live program 24/7: log patterns and account-state deltas raise an alert when an invariant is violated on mainnet. Catches the drift that point-in-time audits structurally cannot see.