Skip to content

docs(startup-tpm): cmcp verify step with interactive tamper demo#14

Merged
imran-siddique merged 1 commit into
fix/workflow-scoped-permitsfrom
docs/verify-tamper-demo
Jun 11, 2026
Merged

docs(startup-tpm): cmcp verify step with interactive tamper demo#14
imran-siddique merged 1 commit into
fix/workflow-scoped-permitsfrom
docs/verify-tamper-demo

Conversation

@imran-siddique

Copy link
Copy Markdown
Contributor

Adds Step 7 to the quickstart: cmcp verify claim.json --audit-bundle bundle.json passes on the genuine record, then a one-field mutation makes the signature FAIL -- the tamper-evidence guarantee in one command. Output shown is from a real run against a captured claim.

Requires agentrust-io/cmcp#287 (the verify command). Stacked on #13.

Generated with Claude Code

Verify the captured claim and audit bundle in one command, then mutate a
single field and watch the signature fail. Makes the tamper-evidence
guarantee tangible in the quickstart. Requires agentrust-io/cmcp#287.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@imran-siddique imran-siddique merged commit 9a6e1a8 into fix/workflow-scoped-permits Jun 11, 2026
1 check passed
imran-siddique added a commit that referenced this pull request Jun 11, 2026
… healthcare demos (#13)

* fix(policy): workflow-scoped permits, no catch-all, in financial + healthcare bundles

The bundles opened with permit (principal, action, resource), making the
documented workflow restrictions decorative: any workflow could call any
catalog tool unless a forbid fired. Each tool is now explicitly permitted
only for its declared workflow (the globex-financial pattern); wrong
workflow, missing workflow, or unlisted action hits Cedar default-deny.

Verified live: happy paths allow, HITL/escalation forbids fire with advice,
and a call without _cmcp.workflow_id is denied. trace-output reference
claims recaptured (policy bundle hashes changed). Requires
agentrust-io/cmcp#285 (egress context carries workflow_id).

Closes #12.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* docs(startup-tpm): add cmcp verify step with interactive tamper demo (#14)

Verify the captured claim and audit bundle in one command, then mutate a
single field and watch the signature fail. Makes the tamper-evidence
guarantee tangible in the quickstart. Requires agentrust-io/cmcp#287.

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
imran-siddique added a commit that referenced this pull request Jun 12, 2026
PRs #11, #13, and #14 were stacked on #10. When #10 squash-merged and its
branch was deleted, GitHub closed/merged the rest of the stack into the
deleted feature branches, so their content never reached main: financial
and healthcare shipped the unparseable advice{} Cedar policies, agents
called endpoints that do not exist, the mock servers and the cmcp verify
tamper demo were missing.

This restores the verified stack tip for the four original examples plus
.gitignore, with em dashes scrubbed per repo style, and merges the root
README: corrected table and 3-terminal quickstart from the stack, plus the
industrial-embodied-ai row with the #18 wording.

Verified before commit: all Cedar bundles parse and produce the documented
decisions (workflow-scoped allow, escalation/HITL deny, default deny), and
all catalog entries validate against the cmcp schema.

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant