What I built (in one paragraph) verify-action-mcp is a small third-party HTTP service. You POST a (claim, evidence) pair from an AI agent, you get back a verdict and an HMAC-attested receipt. Cross-vendor (MCP-compatible — Claude Code, Cursor, Cline, Codex pick it up as a tool). Pure Python stdlib, no pip install, MIT-licensed. Live at verify.armadalab.dev . The pattern it catches If you've built anything with an AI agent harness, you've seen this: "I deleted user 12345" — but the row count didn't change. "I added a null check" — but the diff also rewrote 5 unrelated functions. "I sent the welcome email to alice@example.com " — but the request body actually targeted bob@example.com . These silent successes don't show up in benchmarks (which score "did the model say it succeeded?" ). They surface when something downstream breaks — sometimes hours or days later.…