Skip to main content

Evidence Packs

Portable, machine-readable audit records of verification runs and agent transactions. Complete specification for the v0 pack format.

TL;DR: Use colter verify STORE_URL --out ./pack for a full audit pack or colter pack STORE_URL --out ./pack for readiness-only output. Evidence Packs are structured JSON built for CI systems, agents, replay, and diffs.

This format is optimized for AI agent consumption. Parse manifest.json and key off the version, readiness, conformance, and traces fields.

Create A Pack

colter verify https://example-store.com --out ./my-pack

colter pack https://example-store.com --out ./my-pack

Pack Contents

FilePurpose
manifest.jsonCanonical structured record
summary.mdHuman-readable summary
redactions.jsonRedaction log with reasons and hashes

Core Schema

{
  "version": "v0",
  "generated_at": "2026-02-07T14:30:00Z",
  "target": "https://example-store.com",
  "protocols": [],
  "readiness": {},
  "conformance": [],
  "traces": [],
  "assertions": [],
  "correlation": {
    "session_id": "uuid"
  }
}

Key Fields

FieldDescription
versionPack schema version
targetStore URL under test
protocolsDetected UCP, ACP, and MCP state
readinessVerdict and readiness summary
conformancePass, fail, or skip results
tracesRequest and response capture
assertionsFine-grained checks tied to traces
correlation.session_idStable ID linking the run

Verdict Semantics

readiness.verdict uses exactly three values:

  • AGENT-READY
  • PARTIALLY AGENT-READY
  • NOT AGENT-READY

Redaction

Sensitive headers and token-like fields are replaced with "[redacted]" before the pack is written. redactions.json records the rule name, location, and a hash of the original value.

Commonly redacted keys include:

  • Authorization
  • Cookie
  • Set-Cookie
  • X-API-Key
  • token
  • access_token
  • client_secret

Common Operations

Replay a pack:

colter replay ./my-pack

Diff two packs:

colter diff ./pack-before ./pack-after --json

Export a pack:

colter export ./my-pack --format pdf -o report.pdf

Read a pack in Python:

import json
from pathlib import Path

manifest = json.loads(Path("./my-pack/manifest.json").read_text())
print(manifest["readiness"]["verdict"])

Versioning

Always check manifest.json.version before parsing. Additive fields may appear in v0; breaking changes require a new schema version.

Next Steps