protect-mcp — Policy Enforcement + Signed Receipts Cryptographic governance for every Claude Code tool call. Each invocation is evaluated against a Cedar policy and produces an Ed25519-signed receipt that anyone can verify offline. Overview Claude Code runs powerful tools: , , , . By default there is no audit trail, no policy enforcement, and no way to prove what was decided after the fact. closes all three gaps: - Cedar policies (AWS's open authorization engine) evaluate every tool call before execution. Cedar deny is authoritative. - Ed25519 receipts record each decision with its inputs, th…