Every tool call signed, chained, and mapped to a control your buyer already audits.
SOC 2 · HIPAA · EU AI Act · AIUC-1 · NIST AI RMF · SOX ITGC
Get your receipts started in an hour, prod by EOW.
HOW IT WORKS
Three steps: define what the agent is allowed to do, record what it actually did, and hand your buyer something they can verify themselves.
Set scopes, ceilings, and checkpoints once. The plan says which tools the agent can call, under what conditions, and when a human has to approve.
Plan file
A small policy file defines the rules before the agent takes action. Same plan, every run.
As the agent runs, each allowed, blocked, and checkpointed tool call is checked against the plan, signed, and chained in real time on your infrastructure.
Receipt stream
At the end, you export a receipts ZIP and a verify script. Your buyer runs it on their own machine with your public key, so they can verify the receipts without trusting your logs or your word.
Verification
They run the verify script with your public key and get a yes/no answer on whether the receipt chain is intact and valid. No dashboard access. No screenshots. No engineering walkthrough required.
One plan, one receipt chain, one verification step — repeated across every agent you deploy.
Traces, logs, spans, dashboards — you can build evidence from them, but it means pulling the right slices, mapping them to controls, and explaining them every time someone asks “what happened here?” Your GRC tool can collect those logs, but it still relies on you to tell the story.
Each agent action is captured once at the right level, already mapped to controls and signed when it happens. When someone asks “what happened here?”, you hand them one receipts file and a verify script they can run themselves.
Your internal stays the system of record. AgentMint just gives it agent-level evidence that doesn't require an engineer in the room.
About an hour. Your engineer runs pip install agentmint and agentmint init --write while we're talking. The CLI wraps the functions that call tools; no new services or infra.
You say what “safe” and “scary” look like for this agent. I translate that into scopes, ceilings, and human checkpoints so your team doesn't inherit a new governance system.
We run in shadow mode on real traffic. When a receipt looks wrong or surprising, you flag it; I update the plan and push the change. You're not maintaining anything — just saying “good” or “bad.”
Ship to prod. We will be there for your users. By EOW you have a receipts ZIP from real traffic plus a verify script your buyer can run offline.
When their CISO has questions, I'm on the call so you don't have to improvise. We talk in their language — AIUC-1, EU AI Act, FedRAMP — using receipts instead of screenshots.
Worst case, you uninstall after a week and your agent goes back to how it ran before. You still keep a week of independently verifiable receipts as free insurance.
The library. MIT licensed.
You self-host. You wrap your tool calls. Forever free.
I instrument it with you.
One agent, one environment, one week in shadow mode. We hop on a call, wire it in, and write the plan together. By EOW you're in production and looking at receipts from real traffic.
Talk to me →Custom tiers, volume pricing, and channel deals available.
Q
Your machine, your process, your container. AgentMint sits inside your agent; nothing leaves unless you push it. The private key you use to sign receipts never touches any service — it's yours, on your infra. The corresponding public key is what you share with a buyer so they can verify.
Q
The signature breaks. Each receipt is signed at creation time using Ed25519, and the chain links each receipt to the previous hash. Alter one byte, and verification fails instantly.
Q
Those are great for you; this is for your buyer. LangSmith and Datadog give you debugging traces and operational dashboards. AgentMint produces a single evidence artifact your buyer can verify themselves without needing access to your dashboards or trusting your ops narrative.
Q
Yes, and that's the point. The free library works entirely offline; you sign locally, you store locally, you verify locally. There's no phone-home, no telemetry, no SaaS dashboard. If you want a managed dashboard or long-term storage later, that option exists, but it's never required.
Still have questions? Let's talk.
As AI agents handle money, healthcare, and legal decisions, every company using them will need verifiable evidence that those agents behaved correctly. Today that evidence is built by hand — logs, screenshots, and internal narratives. AgentMint replaces the manual work with a signed, chained, control-mapped receipt that any third party can verify without trusting you.
SOC 2 · HIPAA · EU AI Act · AIUC-1 · NIST AI RMF · SOX ITGC · OWASP AST10 Listed (Ken Huang)
Full control mapping →