Human-in-the-loop approval for agent actions, with verifiable action-bound receipts.
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Human-in-the-loop approval for agent actions, with verifiable action-bound receipts.