Signed receipts for agent, API, and MCP interactions. Portable and offline-verifiable.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"io-github-peacprotocol-peac": {
"args": [
"-y",
"@peac/mcp-server"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Portable signed records for agent, API, MCP, and cross-runtime interactions.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@peac/mcp-server' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @peac/mcp-server against OSV.dev.
Click any tool to inspect its schema.
peac-termsMachine-readable PEAC terms published by a provider
/.well-known/peac.txt
peac-issuerPEAC issuer information and public keys
/.well-known/peac-issuer.json
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security / developer-tools
Copy/paste detector for programming source code, supports 223 formats. AI-ready with token-efficient reporter, skill and MCP server.
XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.
A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
Manage Supabase projects — databases, auth, storage, and edge functions
MCP Security Weekly
Get CVE alerts and security updates for io.github.peacprotocol/peac and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Signed action records for AI agents, APIs, MCP tools, and gateways.
Automated systems already call APIs, run MCP tools, make gateway decisions, report payment events, and provision resources across system boundaries.
PEAC records those actions, decisions, and events as portable signed interaction records, so another party can verify what happened later without relying on screenshots, private logs, or unverifiable assertions.
Record locally. Verify across boundaries.
docs/guides/offline-sample-index.mddocs/guides/verification-options.mddocs/guides/integration-patterns.mddocs/START_HERE.mdPEAC is useful when a system does work and another party later needs to verify what happened without trusting that system's logs.
| Event | Familiar surfaces | Example record |
|---|---|---|
| API call | Stripe-style APIs, Cloudflare Workers, Vercel functions, internal HTTP services | request, response, usage, access decision, policy-visible outcome |
| MCP tool run | MCP servers, Smithery-listed tools, internal MCP servers | tool input/output reference, tool result, issuer, timestamp, signature |
| Agent action | A2A handoffs, agent-framework steps, Microsoft AGT-style runtime events | action invoked, delegated, approved, denied, cancelled, or timed out |
| Gateway decision | Cloudflare, Portkey, Kong, API gateways, AI gateways | access, routing, export, or boundary decision reported by a gateway |
| Payment event | x402, paymentauth / MPP, ACP, AP2-style commerce flows | payment request, authorization, settlement observation, mandate, dispute context |
| Provisioning event | Stripe Projects-style provider setup, Vercel deployments, GitHub Actions, Terraform-managed resources | catalog, provider link, account, credential, budget, subscription, domain, deployment, or resource lifecycle event |
These are orientation examples, not partnership claims or exclusive integration targets. PEAC records what those systems report; it does not replace them.
PEAC does not make those decisions. It records what another system reported, binds it to an issuer and time, and makes it portable for verification.
A PEAC record is signed evidence about an