Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"proofflow": {
"env": {
"PROOFFLOW_BASE_URL": "http://127.0.0.1:8787"
},
"command": "proofflow-mcp"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Local-first audit layer for Codex-compatible AI coding agent workflows.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'proofflow-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked proofflow-mcp against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in devops
MCP server for using the GitLab API
A Unified MCP Server Management App (MCP Manager).
MCP Server for kubernetes management commands
MCP server for Komodo - manage Docker containers, servers, stacks, and deployments via AI
MCP Security Weekly
Get CVE alerts and security updates for io.github.Hyperion-GPU/proofflow and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Agent Work Ledger for AI coding.
Vibe coding is fast. Blind trust is not enough.
ProofFlow makes AI-generated work reviewable, traceable, and reversible by recording the full chain from work contract to proof packet: contract first, record the algorithm decision, declare the cost budget, snapshot the code state, bind claims to evidence, evaluate done criteria, then export an auditable packet.
Latest release: v0.1.8 - Agent Work Ledger for AI coding
▶ Watch the 72s demo: From AI agent claims to verifiable Proof Packets
Demo asset (deferred): The end-to-end dogfood Demo_Asset GIF and the VSCode_Channel inline audit / Approve Gate screenshots for the v0.1.x dogfood-and-channel-polish milestone are deferred to the next dogfood cycle (no capturable VS Code window in this milestone). Tracked in
PLANS.md#vscode-channel-screenshots-deferred-from-v0-1-x-dogfood.
📦 Example Proof Packets: code review · issue triage · agent work ledger · ledger dogfood
Maintainer workflow: docs/maintainer_evidence_workflow.md
Agent Work Ledger guide: docs/agent_work_ledger.md
Ledger Risk Hints: docs/ledger_risk_hints.md
5-minute MCP quickstart: docs/ledger_quickstart_mcp.md
Ledger PR comment template: docs/examples/pr_comment_agent_work_ledger.md
AgentGuard semantic rules: docs/agentguard_semantic_rules.md
ProofFlow is not only a PR review helper. It is a local-first ledger for AI coding work. A Ledger Case captures the workflow before, during, and after an agent changes code:
Main chain: Work Contract -> Algorithm Decision -> Cost Budget -> Snapshot -> Evidence -> Claim -> Evaluation -> Proof Packet. This keeps the core product invariant sharp: no Case, no workflow; no Evidence, no trusted Claim; no done criteria evaluation, no quiet success.
Risk Hints extend the evidence flow without turning ProofFlow into an automatic algorithm judge. They tell the mai