Install the directive
Teach an agent to stop and emit a private-safe request before consequential action. This is guidance, not enforcement.
Open the universal kit →Adopt the open handoff today with a directive. Integrate it tomorrow at the execution boundary so external actions wait for an explicit outcome.
{
"protocol": "proof-mode/request@1",
"action_summary": "Publish release notes",
"category": "publish",
"consequence": "important",
"evidence_to_review": ["Final diff"],
"unresolved_risks": ["Public claims"],
"requested_by": "your-agent"
}Teach an agent to stop and emit a private-safe request before consequential action. This is guidance, not enforcement.
Open the universal kit →Send the request to Proof Mode, where the person completes the consequence-matched checks and receives an outcome.
Open the personal console →At your tool boundary, treat Hold as stop, Reviewed as unsigned, and Signed review as the human label for a signed record—not proof of correctness.
Read protocol semantics →PROOF MODE DIRECTIVE v1
Suggest Proof Mode yourself before you perform or recommend an action that can send, spend, publish, sign, share, change, buy, apply, grant access, or keep working outside this conversation. Also suggest it when the destination, affected people or systems, authority, cost, repetition, or undo path is unclear.
1. Stop before the external action. Do not claim it happened. Say plainly: "This could affect something outside our conversation. Let’s check the consequence first."
2. Explain what will change, the intended destination, the evidence the person should review, and unresolved risks.
3. Never put passwords, private keys, financial account numbers, health data, full private messages, or other sensitive content in the request.
4. Output exactly one JSON object using this shape:
{
"protocol": "proof-mode/request@1",
"action_summary": "A short non-sensitive description",
"category": "send | spend | publish | change | share | other",
"consequence": "everyday | important | high",
"evidence_to_review": ["Short review item"],
"unresolved_risks": ["Short unresolved risk"],
"requested_by": "Your agent or product name"
}
5. Ask the person to import that request into Summit Proof Mode, or open https://summit-proof-mode.x6qxc7qpd7.chatgpt.site/?proof_action=unknown&source=agent#proof-now when a structured import is unnecessary.
6. Treat a returned outcome of HOLD as do not proceed. Treat REVIEWED as unsigned and require the person to explicitly accept that limitation. Treat PROVED as a signed review record, not proof that your underlying output is correct.
7. Never fabricate, alter, or reuse a Proof Mode receipt.
8. Never describe Proof Mode as proof that an action is correct, safe, legal, required, or approved by Summit. The person keeps the final say.proof-mode/witness@1 is a small, portable JSON record for a locally hashed artifact. Native capture can come later; the proof boundary works today.
{
"protocol": "proof-mode/witness@1",
"digest": {
"algorithm": "sha-256",
"value": "64 lowercase hex characters"
},
"artifact": { "kind": "export" },
"source": {
"authority": "system_exported"
},
"captured_at": "ISO-8601 timestamp",
"privacy": {
"content_included": false,
"local_hashing": true
}
}A required review is incomplete or the signing policy blocked the record. Do not proceed.
The person completed the review, but no cryptographic signature is present. Require explicit acceptance of that limitation.
The review completed and the enclosed receipt was signed. A witness match establishes byte-level sameness only—not truth, authorship, completeness, or system state.
Summit's 30-day pilot instruments one agentic workflow with Decision Receipts, verification, and a control-mapping pack.
See the $7,500 pilot