Secure Context Customer Proof Pack
Why this page exists. SecurityRecipes now has strong reference evidence. The next credibility gap is customer proof: runtime events, receipts, MCP decisions, redacted telemetry, operational-impact metrics, and renewal signals that prove the secure context layer works in a real pilot.
SecurityRecipes is positioned as The Secure Context Layer for Agentic AI. The open project already shows the control model: secure context, MCP authorization, protocol conformance, source freshness, telemetry, run receipts, evals, reviewer diligence, and value modeling. That is enough to start serious conversations, but it is not enough to claim recurring adoption proof or a trusted-source outcome.
The Secure Context Customer Proof Pack closes that gap honestly. It defines what a design partner must measure before customer evidence can replace assumptions.
What was added
data/assurance/secure-context-customer-proof-profile.json- source profile for proof claims, runtime event classes, metrics, renewal gates, reviewer readout, and proof risks.data/evidence/secure-context-customer-proof-pack.json- generated pack with source-pack hashes, 7 proof claims, 9 metrics, 9 runtime event classes, 5 renewal gates, and 6 proof risks.recipes_secure_context_customer_proof_pack- MCP tool for the full pack, one proof claim, event class, metric, renewal gate, risk, or status-filtered view.
What the pack contains
| Section | Purpose |
|---|---|
customer_proof_summary |
Contract status, source-pack readiness, proof-claim count, metric count, renewal-gate count, and failure count. |
proof_claims |
reviewer claims that require customer runtime proof, including context retrieval, MCP authorization, safe holds, redacted telemetry, ROI replacement, source freshness, and hosted-ready-proof evidence. |
runtime_event_classes |
Metadata-first events a design partner should emit, such as context.package.returned, mcp.authorization.decided, approval.receipt.validated, and reviewer.outcome.recorded. |
metric_definitions |
Renewal metrics such as receipt completeness, context hash coverage, MCP pre-execution decisions, safe hold behavior, sensitive telemetry escape count, reviewer minutes, and hosted-ready-proof confirmation. |
renewal_gates |
Hold conditions that block renewal, expansion, reviewer export, or trust review claims until customer evidence passes. |
acquirer_readout |
What is ready, what is not ready, and the next 90 days of proof collection. |
risk_register |
How the project avoids overclaiming from synthetic demos, leaky telemetry, unproven MCP auth, weak operational-impact proof, source drift, or vague hosted-ready proof paths. |
The generated artifact currently reports customer_proof_contract_ready
with 10/10 source packs ready. It still marks the actual proof state as
customer_runtime_evidence_required, which is intentional.
Why it is review-ready
This pack gives the project a more serious posture in security reviewer conversations:
- It turns a design-partner pilot into a measurable evidence contract.
- It treats holds, denials, and kill decisions as product value when they prevent unsafe agent action.
- It requires metadata-first telemetry and zero counted secret capture.
- It blocks operational-impact claims until customer runtime evidence replaces default assumptions.
- It names the next vendor proof: hosted-ready proof path, budget owner, expansion trigger, support burden, and renewal signal.
That makes the path to a valuable project clearer: open evidence creates trust, customer proof validates the wedge, and hosted MCP controls become the review-ready hosted layer.
MCP examples
Inspect the full customer proof pack:
recipes_secure_context_customer_proof_pack()
Inspect one proof claim:
recipes_secure_context_customer_proof_pack(claim_id="mcp-calls-are-authorized-before-execution")
Inspect one runtime event class:
recipes_secure_context_customer_proof_pack(event_id="mcp.authorization.decided")
Inspect one renewal gate:
recipes_secure_context_customer_proof_pack(gate_id="roi-impact-replaces-assumptions")
Find contract areas that still require customer evidence:
recipes_secure_context_customer_proof_pack(status="customer_metric_required")
Industry alignment
The profile is grounded in current primary sources:
- OWASP Top 10 for Agentic Applications for agent behavior hijacking, tool misuse, and identity abuse.
- OWASP MCP Top 10 for MCP-specific token, scope, tool, command, telemetry, shadow-server, and context risks.
- MCP Authorization for resource indicators, token audience validation, PKCE, token handling, and scope minimization.
- OpenTelemetry MCP semantic conventions for MCP sessions, methods, transports, tool calls, errors, and duration evidence.
- NIST AI RMF Generative AI Profile and NIST AI RMF critical infrastructure concept note for AI governance, monitoring, provenance, incident response, and high-assurance operating expectations.
- CISA AI Data Security and CISA Deploying AI Systems Securely for data security, integrity, detection, response, and secure deployment controls.