Install Receipts

Durable record of every install. Conforms to apai.receipt.v0.1.

v0.1 demo data

v0.1: no auth, no real persistence. This dashboard shows realistic demo data that matches the shapes the Phase 4 backend will emit. Open-approval rule IDs (e.g. no-production-deploy, no-external-send) are illustrative for the coding-safe-mode policy; real policy packs may use any rule-ID scheme. Once auth + DB land, the same UI swaps to real data without changes.

See honest status ->

mcp-audit

v0.1.0-preview·codex_cli·local-tool·May 13, 2026, 8:04 PM

successcross-agent (3 installs)click to expand

rcpt_01HXY8N4P5Q6R7S8T9V0W1X2Y3

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/mcp-audit

Files added (2)

+~/.apai/installed/mcp-audit/audit.js
+~/.apai/installed/mcp-audit/scoring-rules.yaml

Permissions granted (1)

·mcp_server_inspection: read_only

Approval state

granted_by_operator_at_install

Provenance chaincross-agent (3 installs)

apai.provenance.v0.1 spec

prov_J3XEF65MGZ7AEBVBE2B2A4XVVH

Steps present: publish -> retrieval -> install -> install -> install

Install steps on this chain

·agent-claude-code|claude_code|rcpt_01HXY8K2L3M4N5P6Q7R8S9T0V1
·agent-codex-jwgh02|codex_cli|rcpt_01HXY8M3N4P5Q6R7S8T9V0W1X2
>agent-codex-griffin|codex_cli|rcpt_01HXY8N4P5Q6R7S8T9V0W1X2Y3this receipt

Cross-agent attestation: one artifact, one chain, three install records by different agents. At v0.1 the chain links are verified; signer identities (actor.id and actor.key_id) are opaque strings with no key authority. See section 8 of /spec/provenance.

trustRoot: stub-v0.1-no-trust-root. At v0.1 the chain LINKING is verified; signatures are placeholder strings with no key authority. Real signing in v0.2.

Rollback command

apai rollback mcp-audit --install-id rcpt_01HXY8N4P5Q6R7S8T9V0W1X2Y3

mcp-audit

v0.1.0-preview·codex_cli·local-tool·May 13, 2026, 4:42 PM

successcross-agent (3 installs)click to expand

rcpt_01HXY8M3N4P5Q6R7S8T9V0W1X2

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/mcp-audit

Files added (2)

+~/.apai/installed/mcp-audit/audit.js
+~/.apai/installed/mcp-audit/scoring-rules.yaml

Permissions granted (1)

·mcp_server_inspection: read_only

Approval state

granted_by_operator_at_install

Provenance chaincross-agent (3 installs)

apai.provenance.v0.1 spec

prov_J3XEF65MGZ7AEBVBE2B2A4XVVH

Steps present: publish -> retrieval -> install -> install -> install

Install steps on this chain

·agent-claude-code|claude_code|rcpt_01HXY8K2L3M4N5P6Q7R8S9T0V1
>agent-codex-jwgh02|codex_cli|rcpt_01HXY8M3N4P5Q6R7S8T9V0W1X2this receipt
·agent-codex-griffin|codex_cli|rcpt_01HXY8N4P5Q6R7S8T9V0W1X2Y3

trustRoot: stub-v0.1-no-trust-root. At v0.1 the chain LINKING is verified; signatures are placeholder strings with no key authority. Real signing in v0.2.

Rollback command

apai rollback mcp-audit --install-id rcpt_01HXY8M3N4P5Q6R7S8T9V0W1X2

mcp-audit

v0.1.0-preview·claude_code·local-tool·May 13, 2026, 3:15 PM

successcross-agent (3 installs)click to expand

rcpt_01HXY8K2L3M4N5P6Q7R8S9T0V1

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/mcp-audit

Files added (2)

+~/.apai/installed/mcp-audit/audit.js
+~/.apai/installed/mcp-audit/scoring-rules.yaml

Permissions granted (1)

·mcp_server_inspection: read_only

Approval state

granted_by_operator_at_install

Provenance chaincross-agent (3 installs)

apai.provenance.v0.1 spec

prov_J3XEF65MGZ7AEBVBE2B2A4XVVH

Steps present: publish -> retrieval -> install -> install -> install

Install steps on this chain

>agent-claude-code|claude_code|rcpt_01HXY8K2L3M4N5P6Q7R8S9T0V1this receipt
·agent-codex-jwgh02|codex_cli|rcpt_01HXY8M3N4P5Q6R7S8T9V0W1X2
·agent-codex-griffin|codex_cli|rcpt_01HXY8N4P5Q6R7S8T9V0W1X2Y3

trustRoot: stub-v0.1-no-trust-root. At v0.1 the chain LINKING is verified; signatures are placeholder strings with no key authority. Real signing in v0.2.

Rollback command

apai rollback mcp-audit --install-id rcpt_01HXY8K2L3M4N5P6Q7R8S9T0V1

coding-safe-mode

v0.1.0·claude_code·local-tool·May 13, 2026, 7:30 PM

successprovenance chainclick to expand

rcpt_01HXY7G8K9M2P3Q4R5S6T7U8V9W

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/coding-safe-mode

Files added (3)

+~/.apai/installed/coding-safe-mode/policy.yaml
+~/.apai/installed/coding-safe-mode/enforcer.js
+~/.apai/installed/coding-safe-mode/README.md

Permissions granted (1)

·file_write: decision_log_only

Approval state

granted_by_operator_at_install

Provenance chain

apai.provenance.v0.1 spec

prov_G0VBD42JEV47C8Z8CZ8Y2TWTTH

Steps present: publish -> retrieval -> install

trustRoot: stub-v0.1-no-trust-root. At v0.1 the chain LINKING is verified; signatures are placeholder strings with no key authority. Real signing in v0.2.

Rollback command

apai rollback coding-safe-mode --install-id rcpt_01HXY7G8K9M2P3Q4R5S6T7U8V9W

prompt-preflight-starter

v0.1.0·claude·cloud-sandbox·May 13, 2026, 5:30 PM

successclick to expand

rcpt_01HXY6F7J8L1N2P3Q4R5S6T7U8

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/prompt-preflight-starter

Files added (0)

None - cloud-sandbox install applies to the session only; no files persist outside the sandbox.

Permissions granted (0)

None.

Approval state

applied_to_conversation_only

Rollback command

Stop applying the protocol in chat. No persistent state.

costguard

v0.1.0-preview·local_cli·local-tool·May 12, 2026, 5:30 PM

partialprovenance chainclick to expand

rcpt_01HXY5E6H7K0M1N2P3Q4R5S6T7

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/costguard

Files added (2)

+~/.apai/installed/costguard/policy.yaml
+~/.apai/installed/costguard/monitor.js

Permissions granted (1)

·provider_billing_api: not_yet_configured

Approval state

granted_by_operator_at_install

Provenance chain

apai.provenance.v0.1 spec

prov_H1WCD53KFW58D9A9D0A0Z3VWWG

Steps present: publish -> retrieval -> install

trustRoot: stub-v0.1-no-trust-root. At v0.1 the chain LINKING is verified; signatures are placeholder strings with no key authority. Real signing in v0.2.

Rollback command

apai rollback costguard --install-id rcpt_01HXY5E6H7K0M1N2P3Q4R5S6T7

doc-brief

v0.1.0·chatgpt·cloud-sandbox·May 11, 2026, 5:30 PM

successclick to expand

rcpt_01HXY4D5G6J9L0M1N2P3Q4R5S6

User: demo-operator
Workspace: demo-workspace
Source: https://apai.run/packages/doc-brief

Files added (0)

None - cloud-sandbox install applies to the session only; no files persist outside the sandbox.

Permissions granted (0)

None.

Approval state

applied_to_conversation_only

Rollback command

Stop applying the protocol in chat. No persistent state.