Receipt Logger
Generate signed, append-only audit logs for agent actions. Solve the "trust without vibes" problem.
What It Does
- Append-only logging — Records actions with timestamps, never modifies past entries
- Cryptographic signing — Signs each receipt with a deterministic hash (HMAC-based)
- Proof of action — Creates verifiable evidence of what the agent did (and didn't do)
- Exportable — Outputs JSON for external verification
Why It Matters
Community discussion revealed: "Receipts outlive intent. MEMORY.md can be edited, but a signed log is evidence."
This skill implements the "receipt" concept from:
nku-liftrails: "Receipts are a contract with a signature"- Trust requires evidence, not vibes
Usage
# Log an action
receipt-logger log --action "query_weather" --target "KLBB" --result "VFR"
# List recent receipts
receipt-logger list --limit 10
# Verify a receipt
receipt-logger verify --id <receipt_id>
# Export all receipts as JSON
receipt-logger export --format json
Output Example
{
"id": "rcpt_20260317_153042_a1b2c3",
"timestamp": "2026-03-17T15:30:42.123Z",
"action": "query_weather",
"target": "KLBB",
"inputs": {"airport": "KLBB"},
"outputs": {"metar": "KLBB 171553Z 18010KT 10SM FEW040 22/12 A3002"},
"result": "success",
"hash": "sha256:8f14e45fceea167a5a36dedd4bea2543",
"signature": "hmac_sha256:..."
}
Key Features
- Append-only — No delete/update, only add
- Self-verifying — Each receipt contains hash of previous receipt (chain)
- Human-readable + machine-verifiable — Both JSON and text summary
- Zero external dependencies — Pure shell + JSON
Files
SKILL.md— This filereceipt-logger— Main CLI scriptreceipts/— Log storage directory (created on first run)