Your AI agents act.
This proves what they did.
A receipt is a signed record issued when an agent takes an action — a tool call, an API request, a payment, a consent. Agent Auditor opens any receipt file and shows you exactly what it contains, verified against the signature.
Agent Auditor opens any of these and shows you what's inside.
Drop a receipt and see what's inside
No setup. Drop any receipt file and see it decoded and verified instantly. Inspection and verification happen locally in your browser or CLI. No outbound verification or artifact fetches.
What you get when you open a receipt
Four things, every time.
Who did it
The issuer, subject, and type of interaction — decoded from the signed record.
Is it genuine
Ed25519 signature verification against the public key. Pass or fail, locally.
What happened
Timestamps, extension fields (commerce, identity, access), and structured details.
Full bundles too
Drop a dispute bundle (.zip) and inspect every receipt inside it, individually.
Or use it from the terminal
Works in CI, scripts, and local dev. Same verification, no browser required.
CLI
npm install -g @originaryx/agent-auditor # inspect a receipt file agent-auditor inspect ./receipt.jws # verify the signature agent-auditor verify ./receipt.jws --key ./public-key.bin # inspect a dispute bundle agent-auditor inspect ./bundle.zip # run the demo with a sample receipt agent-auditor demo@originaryx/agent-auditor on npm
Read-only by design
Agent Auditor never writes, signs, or transmits anything.
Does not issue or sign receipts. Use @peac/protocol for that.
Does not send data anywhere. Inspection and verification happen locally.
Does not store keys or state. No database, no config, no session.
Does not validate business logic. It checks signature and structure only.
Want to issue receipts, not just read them?
Agent Auditor reads receipts issued by the PEAC Protocol open standard. If you want to add receipt issuance to your own agent or API, PEAC Protocol is where to start.