Sample cases

Published sample cases and proof bundles

Start with the AI Agent Action Proof Run sample. It is one public example inside the broader package offer, showing how a third party inspects the action boundary, authority map, evidence manifest, receipt, verifier result, challenge path, and digest manifest after an agent acts.

Package one security workflowRead package offer
Primary sample

AI Agent Action Proof Run

A public standalone bundle for one agent-assisted code or configuration change. Use it to inspect the receipt shape and verifier path before submitting your own workflow.

Inspect sample packagePackage one security workflow

Artifact set

  • ACTION_BOUNDARY.json
  • AUTHORITY_MAP.json
  • EVIDENCE_MANIFEST.json
  • RECEIPT.json
  • VERIFY_RESULT.json
  • CHALLENGE_PATH.md
  • MANIFEST.sha256

What these pages are for

Show one bounded workflow class

Each page keeps authority, execution, evidence, verification, and challenge language separate.

Name the limits

Samples are explanatory. They do not imply live customer proof, production deployment, legal compliance, or complete AI governance coverage.

OffSec deliverable sample (R1)

OffSec Shield local server audit

Download a synthetic Shield proof bundle to see how OffSec deliverables relate to WitnessOps verification. Not a substitute for PV/QV receipts on /verify.

Inspect Shield sampleOpen /verify

Artifact set

  • RECEIPT.json
  • evidence_manifest.json
  • MANIFEST.sha256
  • evidence/posture.json
  • evidence/findings.json
  • VERIFY_NOTE.json

Supporting surfaces

Verifier fixtures

Small public receipt examples used on /verify to show what current receipt checks can confirm and how failure appears.

Open verifier

Illustrative sample report

An older dossier shape showing review style without claiming a live customer proof path.

Open sample report

Package lane

The fit-check path for one real GitHub, Codex, AI-agent, access, offsec, or remediation workflow you want packaged.

Package one security workflow

Additional named sample cases

OffSec Shield — local server audit

Reference proof bundle from OffSecAgent + OffSecShield (synthetic demo-host fixture): posture, findings, honest manifest hashes, and explicit WitnessOps /verify boundary.

  • read-only posture evidence
  • offsecshield.receipt.v1 / run_receipt alignment
  • offline Shield verify path

Open named sample case

Privileged access grant review

A named sample case for a time-bounded administrative access request, focused on authority binding, provisioning execution, resulting entitlement evidence, and replayability outside the source systems.

  • approval to execution continuity
  • provisioning evidence
  • target-side entitlement confirmation

Open named sample case

Approval-gated containment review

A named sample case for a containment action that must not execute before recorded approval, focused on gate enforcement, target-state evidence, and portable replay after the event.

  • pre-execution gate enforcement
  • target-side containment state
  • portable replay path

Open named sample case