This hooks into Claude Code's PreToolUse and PostToolUse events to gate every tool call behind Cedar policies and generate Ed25519-signed receipts that anyone can verify offline. It's designed for situations where you need a cryptographic audit trail, like letting an agent run unattended in a regulated environment or proving to an auditor exactly what decisions were made without them trusting your logs. The receipts are hash-chained and follow RFC 8032, so tampering breaks the chain. If you're just experimenting or working solo, this is overkill. If you're building agent workflows that touch money, PII, or compliance-sensitive operations, the signed evidence and policy enforcement close real gaps that session logs don't.
npx skills add https://github.com/wshobson/agents --skill protect-mcp-setup