@undisk-mcp/audit-verifier
v0.54.1
Published
Standalone audit chain verifier for Undisk MCP — verify hash-chain integrity of audit exports offline
Downloads
1,190
Maintainers
25xcodesReadme
@undisk-mcp/audit-verifier
Standalone hash-chain verifier for Undisk MCP audit trails. Supports v1/v2/v3 hash formulas. Zero dependencies for offline compliance verification.
Installation
npm install @undisk-mcp/audit-verifierCLI Usage
# Verify an exported audit trail
npx @undisk-mcp/audit-verifier export.ndjson
# Machine-readable output for CI pipelines
npx @undisk-mcp/audit-verifier export.ndjson --ci
# Output result as JSON
npx @undisk-mcp/audit-verifier export.ndjson --json
# Generate a self-contained HTML report
npx @undisk-mcp/audit-verifier export.ndjson --report audit-report.html
# Show audit summary statistics
npx @undisk-mcp/audit-verifier export.ndjson --summary
# Verbose per-entry progress
npx @undisk-mcp/audit-verifier export.ndjson --verbose
# Combine flags
npx @undisk-mcp/audit-verifier export.ndjson --ci --report audit-report.htmlOptions
| Flag | Description |
|------|-------------|
| --ci | Machine-readable output. Exit 0 if valid, exit 1 if broken. Minimal stdout. |
| --json | Output the full verification result as JSON to stdout. |
| --report <path> | Generate a self-contained HTML report at the given path. |
| --summary | Show a summary table (entry count, time range, agents, operations). |
| --verbose, -v | Show per-entry verification progress. |
| -h, --help | Show help message. |
Exit Codes
| Code | Meaning |
|------|---------|
| 0 | Chain is valid (or no entries) |
| 1 | Chain is broken or an error occurred |
CI Integration
The --ci flag is designed for use in automated pipelines. It produces minimal
output and relies on exit codes for pass/fail signaling.
GitHub Actions
- name: Verify audit trail
run: npx @undisk-mcp/audit-verifier audit-export.ndjson --ci --report audit-report.html
- name: Upload report
uses: actions/upload-artifact@v4
with:
name: audit-report
path: audit-report.htmlProgrammatic Usage
import {
parseAuditExport,
verifyAuditChain,
summarizeAudit,
generateHtmlReport,
} from "@undisk-mcp/audit-verifier";
const content = fs.readFileSync("export.ndjson", "utf-8");
const entries = parseAuditExport(content);
const result = await verifyAuditChain(entries);
if (result.valid) {
console.log(`Verified ${result.checked} entries`);
} else {
console.error(`Chain broken at seq ${result.brokenAt}: ${result.error}`);
}
// Generate summary statistics
const summary = summarizeAudit(entries);
console.log(`${summary.totalEntries} entries, ${summary.uniqueAgents.length} agents`);
// Generate HTML report
const html = generateHtmlReport(entries, result);
fs.writeFileSync("report.html", html);Documentation
See mcp.undisk.app for full documentation.
License
MIT