Signed Audit Trails for Claude Code Tool Calls Cookbook-style walkthrough for cryptographically signed receipts on every Claude Code tool call. This is the teaching skill. For the runtime implementation, install the plugin. What this gives you Every tool call ( , , , ) is: 1. Evaluated against a Cedar policy before execution. If the policy denies the call, the tool does not run. 2. Signed as an Ed25519 receipt after execution. Receipts are JCS-canonical, hash-chained, and verifiable offline by anyone with the public key. An auditor, regulator, or counterparty can verify the full chain later w…