npx altimate-receipts          # no install, no account — reads your last agent session

The problem

Your agent writes the code now. You review the diff — but the diff is only the result. It can't show you the work behind it:

  the agent's work    ████████████████████████████   1 hour · 90 commands · 40 files
  what you review     ███                             the final diff

The test that failed and got retried until green, the file quietly deleted, the check weakened to pass, the "all done!" that wasn't — it's all in the part you didn't read.

What receipts does

It reads the transcript your agent already saved and shows you what it actually did — cited to the line, deterministic, on your machine.

Your tests say whether the code is good. Receipts says what the agent did.

On a pull request

The comment receipts leaves on the PR — the events that deserve a human's eyes, then the full append-only record. No grade, no verdict:

Agent work record — claude-code · 16 files · spent ≈ $13.72 on this PR

push 2 · 7289522 — +0 new · 0 cleared · 1 open · transcript covers 16/16 changed files

Sanity-check

• src/cli.ts:699 — Silently swallowed an error in cli.ts · error hidden · evidence tool-1983-0

Other 15 files: nothing detected.

_{tests: 564 passed (parsed from runner output in transcript)}

Record — pushes, files, checks, custody (append-only)

push	events	change cost
1 · 2026-06-12	+0 new · 0 cleared · 1 open	—
2 · 7289522 · 2026-06-12	+0 new · 0 cleared · 1 open	$13.72

Checks ("not detected" means this check found nothing — not that nothing exists)

check	reading
swallowed errors	1 detected
destructive ops	not detected
CI/CD tampering	not detected
… 14 more checks	not detected

_{a record of the agent's process, not a code review · entries are never edited or removed · re-derivable (L1) · 0 model calls}

Real output — the PR that built this very feature, wearing its own record: the masthead carries the PR's attributed agent spend, the ledger shows per-commit cost, and the one flagged event is the author's own swallowed error.

In your terminal

npx altimate-receipts prints the same record as a card:

  ╔══════════════════════════════════════════════════════════════════════════╗
  ║ 🧾  RECEIPTS — Agent Work Record                        proof, not vibes ║
  ╚══════════════════════════════════════════════════════════════════════════╝

  Session  Pull latest main branch
  Agent    claude-code · claude-fable-5
  Scope    44h 18m · 1k msgs · 407 tools · 342M tok · $713.90

  ┌─ RECORD ─────────────────────────────────────────────────────────────────┐
  │ 3 critical · 4 high · 2 medium                                           │
  └──────────────────────────────────────────────────────────────────────────┘

  CRITICAL
   ⛔ Destructive op: git checkout -- .github/meta/commit.txt
      data-loss risk
   ⛔ Destructive op: git reset --hard origin/main
      data-loss risk
   ⛔ Destructive op: rm -rf /tmp/codex-gaps
      data-loss risk
  HIGH
   ⚠️  Edited a file it never read: SPEC-0074-m75-store-ref-default.md
      clobber risk · SPEC-0074-m75-store-ref-default.md
   ⚠️  Force-pushed over remote history
      history overwrite
   ⚠️  Rewrote git history made earlier this session
      history rewritten
   ⚠️  Stuck loop wasted $8.75 / 3m 12s
      $8.75 · 3m 12s
  MEDIUM
   🔍 Bash failed 10× before succeeding
      10 retries
   🔍 Edit failed 4× before succeeding
      4 retries
     ▸ 1 minor (collapsed)

  EVIDENCE
   21 files changed · 55 edits · 308 commands · tests ran ✓ · 13 destructive ops · cache 100%

  ──────────────────────────────────────────────────────────────────────────
  ✅ Verified by Receipts  ·  deterministic  ·  0 model calls  ·  evidence, not judgement
  what it did — not whether it's correct. your tests are the oracle for success.

Also real, reproduced verbatim: a 44-hour receipts development session, graded by the tool it was building — the destructive ops, the force-push, and the $8.75 stuck loop are all the author's own. A clean session reads nothing detected (not a ✅ pass), because "not detected" is a fact about what was checked, never a verdict on your code.

What it catches that the diff and green CI don't

• "Tests pass" — did they? The run that printed FAILED right before the agent declared success.
• Claimed vs. actually done. "Committed and pushed," "added the validation" — checked against the trace.
• Destructive ops. rm -rf, force-pushes, history rewrites.
• Gamed checks. A weakened linter or tsconfig, an edited grader or test assertion.
• Quiet churn. Files edited then reverted; loops that burned spend with nothing to show.

Every finding is cited to a line in the transcript, or it doesn't ship.

Why you can trust it

• Deterministic — no LLM in the path. Findings come from rules over the transcript. Same session in, same account out. There is nothing to hallucinate.
• It never grades your code. It reports what happened, never whether it's good — no letter grade, no "do not merge." Your tests stay the judge of correctness.
• Near-zero false positives — measured, not claimed. 100% precision on a 70-session labeled corpus; a 1% flag rate across 1,200 real local sessions, every flag adjudicated as a true positive, zero confirmed false positives (docs/eval.md).
• Local-first. Runs entirely on your machine. No account, no upload, no telemetry.
• Works with your agent. Claude Code, Codex, Cursor, OpenClaw — one tool, one format.

Try it (10 seconds)

npx altimate-receipts            # your most recent agent session
npx altimate-receipts --list     # choose from recent sessions, any agent

No install and no signup — it reads transcripts that are already on your disk.

Add it to your repo's PRs

npx altimate-receipts init

Commit the files it writes and merge the PR. From then on, every agent session attaches its Work Record to the PR automatically, before the push — contributors install nothing. The hook rides along with git clone, the CLI is fetched on demand, and publishing a new release updates everyone. Every path is best-effort: a missing session or an unreachable registry never blocks a push.

Humans pushing from a terminal, other agents, or repos that won't commit .claude/ config → the onboarding guide has a one-command fallback for each.

Going deeper (optional)

• receipts --json — a portable, vendor-neutral in-toto Receipt carrying the same evidence, for feeding other tooling (schema).
• Sign it. A Receipt can be Sigstore-signed and posted as a "Verified by Receipts" PR check (docs), then re-derived from its transcript to prove it wasn't hand-edited (trust model). Opt-in — for when compliance or settlement needs make it concrete.
• More surfaces. receipts guardrails (prevention rules for AGENTS.md), receipts trends (what your agent gets wrong over time), receipts mcp (for IDEs/agents, docs), SARIF for code-scanning, badges. Run receipts --help.

How it works

the agent's own local transcript (JSONL / SQLite)
  → adapter        normalize each agent's format to one session model (tool calls raw)
  → spans          edits · commands · reads · cost · destructive ops
  → detectors      deterministic, file:line-cited findings
  → Work Record    the human-readable account (default), or a signed --json Receipt

One pipeline, every agent, nothing leaving your machine. The full set of binding constraints (deterministic, evidence-not-judgement, near-zero-FP, local-first) lives in SPEC-0000.

Status

🚧 Early, and working today across Claude Code, Codex, Cursor, and OpenClaw. The detection engine is measured for fidelity (see trust, above); the roadmap lives in specs/. Receipts audits its own development — every PR in this repo carries its own Work Record.

How we build

Spec-driven: every change starts from a spec in specs/ (template, contributing). See docs/ARCHITECTURE.md for the pipeline and the five extension surfaces (adapters, detectors, test parsers, guard rules, renderers) — each has a one-seam checklist and a Claude skill (/add-detector, /add-adapter, /add-test-parser, /add-guard-rule).

License

Apache-2.0 © altimate.ai