Somewhere between Kyoto temples I shipped a signing proxy for Agent Receipts — an open protocol that gives every AI agent action a cryptographically signed audit trail. The idea is simple: when an agent acts on your behalf, you should be able to prove what happened. Not just logs. Proof.
This week I used it to audit itself.
The problem with MCP tool calls When you give Claude access to GitHub via the MCP server, it can create issues, push files, open pull requests. It acts on your behalf. And when it’s done, it tells you what it did.
...
Read more