Decision Receipt by Summit Cognitive

Every autonomous AI action requires a receipt

Autonomous agents are writing code, merging PRs, and deploying infrastructure at machine speed. Decision Receipt is the admissibility layer that determines whether those actions are allowed to matter — replayable, evidenced, policy-admitted, and cryptographically signed.

Get API Key — Free API Reference Deploy Guide

588

Receipts Issued

581

Accepted

Blocked

Escalated

The problem

Autonomous execution without governance is unauthorized execution

AI agents are gaining repository write access, merging pull requests, modifying infrastructure, and executing multi-step workflows. Most produce zero admissibility evidence. That creates provenance gaps, unverifiable reasoning chains, authorization drift, and untraceable actions at machine speed.

Cognition (Devin) optimizes for autonomous capability.
Summit optimizes for admissible authority.
Those are not the same market.

How it works

Three steps to admissibility

Every autonomous action passes through the full admissibility pipeline before receiving a Decision Receipt.

Submit Evidence

Register an autonomous action and attach evidence — CI results, code reviews, agent traces, security scans. Each source gets provenance metadata and a chain of custody.

Evaluate Admissibility

The policy engine runs nine deny-by-default rules: source diversity, provenance, deterministic replay, decision rights, confidence thresholds, human approval, and risk scope bounds.

Receive Receipt

A cryptographically signed Decision Receipt with full evidence hashes, replay verification, policy check results, and an admissibility verdict: ACCEPTED, BLOCKED, or ESCALATED.

Integration points

Where Decision Receipt sits

Above, beside, underneath, or between autonomous agents and production systems.

GitHub PR Pipeline

Webhook receives PR events, evaluates admissibility, blocks merge on failure. Works with Devin, Codex, Jules, Claude, or any bot-authored PR.

CI/CD Gate

GitHub Action runs as a required check. No receipt, no deployment. Receipts become build artifacts alongside test results.

Multi-Agent Orchestration

Policy-compiled verification for agent-to-agent handoffs. Each agent action in the chain produces its own receipt with provenance.

Runtime Execution

Proof-carrying actions for infrastructure changes, access modifications, and deployment operations. Real-time admissibility enforcement.

Enterprise Audit

Append-only receipt ledger with full replay capability. Export Trust Packs for procurement, legal, compliance, and regulatory review.

Regulated Environments

Defense, finance, healthcare, and critical infrastructure. NIST-aligned policy rules. Sovereign deployment ready. Air-gapped fixture mode.

Try it now

Issue your first receipt in 30 seconds

No account required for the public evaluation endpoint. Submit a claim with evidence and get back a signed Decision Receipt.

curl -X POST https://decrec.summitcognitive.ai/v1/evaluate \
  -H "Content-Type: application/json" \
  -d '{
    "claim_id": "my-first-receipt",
    "entity": "my-org/my-repo",
    "claim": "AI agent requests merge authority for PR #42",
    "sources": [
      {"id": "ci", "type": "ci", "uri": "https://ci/run/1",
       "confidence": 0.9, "content": "All tests pass"},
      {"id": "review", "type": "code_review", "uri": "https://pr/1",
       "confidence": 0.85, "content": "Approved by maintainer"}
    ]
  }'

Response includes a full DecisionReceipt with replay hash, policy checks, evidence hashes, and an Ed25519 attestation. See full API docs →

Enforcement flow

How enforcement works

A bot-authored PR triggers a deterministic pipeline — every step is recorded, signed, and independently verifiable.

PR Opened

Agent opens a pull request on GitHub

→

Webhook Fires

GitHub sends the event to Decision Receipt

→

Evidence Collected

CI status, review state, labels, PR metadata gathered as sources

→

9 Rules Evaluated

Deny-by-default policy engine runs all 9 rules

→

Receipt Signed

Ed25519 signature + hash chain entry

→

Verdict Posted

GitHub status check + PR comment with full policy breakdown

✕ Blocked Agent sees specific rule failures. Improves evidence. Resubmits.

✓ Allowed PR is authorized to merge. Receipt is independently verifiable.

Pricing

Start free. Scale when you're ready.

Try the API, break it, watch it prove out. Then get us in the room.

Free

per month

→ 100 receipts / month

→ Full API access

→ Signed receipts

→ Replay verification

→ Community support

Get API Key

Pilot

$99

per month

→ 10,000 receipts / month

→ GitHub webhook integration

→ Trust Pack exports

→ Custom policy configs

→ Priority support

→ Receipt ledger dashboard

Enterprise

Custom

annual contract

→ Unlimited receipts

→ Sovereign deployment

→ Air-gapped mode

→ Custom policy engine

→ NIST / CMMC alignment

→ Dedicated support + SLA

Why Decision Receipt

What makes this different

Most AI governance tools are retrospective dashboards. Decision Receipt is an enforcement primitive.

Not observability

We don't watch AI act and report afterward. Every action is evaluated before it receives authority. No receipt, no production.

Not another model

We don't compete with Devin, Codex, or Copilot. We verify whether their output is admissible. The more autonomous they get, the more we matter.

Not compliance theater

Receipts are cryptographically signed, chain-linked, and independently verifiable. Replay the decision path. Audit the evidence. Revoke if needed.

30-second setup

One webhook URL. First receipt in under a minute. No agents to install, no config files to manage, no infrastructure to provision.

Protocol, not product

Decision Receipt is a verifiable standard. Receipts travel. Third parties can verify. The spec is public. We're building infrastructure, not a dashboard.

Real production data

Not a demo. 588 receipts issued from real GitHub PRs. 99% acceptance rate. Agents tracked: dependabot, Devin, Codex, Jules, human.

Get started

Get your API key

Enter your email to receive an API key instantly. No credit card required.

Live ledger

Recent receipts

BrianCLong/summit — 14-day acceptance trend

Receipt	Verdict	Agent	Repository	PR
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35622
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35621
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35620
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35619
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35618
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35617
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35616
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35615
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	BrianCLong	BrianCLong/summit	#35614
rcpt_gh-BrianCLong-summit-pr...	ALLOWED	dependabot[bot]	BrianCLong/summit	#35594

View full ledger (JSON) → | Timeline → | Repo analytics →