Openterms-mcp

Overview Schema Related Servers Score Discussions

issue_receipt

Generate cryptographically signed receipts to prove user consent before AI agents perform actions, enabling policy enforcement and independent verification.

Instructions

Issue a cryptographically signed terms receipt BEFORE your agent takes an action. Returns an Ed25519-signed receipt proving consent to terms. If this returns POLICY_DENIED or POLICY_ESCALATION_REQUIRED, STOP and notify the user.

Input Schema

TableJSON Schema

Name	Required	Description
`agent_id`	Yes	Identifier for this agent
`action_type`	Yes
`terms_url`	Yes	URL of the terms being agreed to
`terms_hash`	Yes	SHA-256 hash of the terms document (64 hex chars)
`timestamp`	No	ISO 8601 timestamp (defaults to now)
`pricing_version`	No	Pricing version (defaults to 2025-01)
`action_context`	No	Optional metadata (provider, model, endpoint, etc.)

Implementation Reference

openterms_mcp_server.py:185-234 (handler)

The handler implementation for the 'issue_receipt' tool, which constructs the payload and makes a POST request to /v1/receipts.

if name == "issue_receipt":
    payload = {
        "agent_id": arguments["agent_id"],
        "action_type": arguments["action_type"],
        "terms_url": arguments["terms_url"],
        "terms_hash": arguments["terms_hash"],
        "timestamp": arguments.get("timestamp",
            datetime.now(timezone.utc).strftime("%Y-%m-%dT%H:%M:%S.%f")[:-3] + "Z"),
        "pricing_version": arguments.get("pricing_version", "2025-01"),
    }
    if arguments.get("action_context"):
        payload["action_context"] = arguments["action_context"]

    resp = client.post("/v1/receipts", json=payload, headers=_headers())

    if resp.status_code == 201:
        receipt = resp.json()
        headers_info = receipt.get('headers', {})
        return (
            f"✅ Receipt issued successfully\n"
            f"  receipt_id: {receipt['receipt_id']}\n"
            f"  canonical_hash: {receipt['canonical_hash']}\n"
            f"  signature: {receipt['signature'][:32]}...\n"
            f"  key_id: {receipt['key_id']}\n"
            f"  amount_charged: {receipt['amount_charged']} (USDC minor units)\n"
            f"  --- Headers for API provider ---\n"
            f"  X-Openterms-Receipt: {headers_info.get('X-Openterms-Receipt', 'n/a')}\n"
            f"  X-Openterms-Verify: {headers_info.get('X-Openterms-Verify', 'n/a')}"
        )
    elif resp.status_code == 403:
        err = resp.json().get("error", {})
        code = err.get("code", "")
        if code == "POLICY_DENIED":
            details = err.get("details", {})
            return (
                f"🚫 POLICY DENIED — Action blocked by workspace policy\n"
                f"  Policy version: {details.get('policy_version', '?')}\n"
                f"  Reasons: {', '.join(details.get('reasons', ['Unknown']))}\n"
                f"  ⚠️  Do NOT proceed with this action. Notify the user."
            )
        elif code == "POLICY_ESCALATION_REQUIRED":
            details = err.get("details", {})
            return (
                f"⏸️  ESCALATION REQUIRED — Human approval needed\n"
                f"  Policy version: {details.get('policy_version', '?')}\n"
                f"  Reasons: {', '.join(details.get('reasons', ['Unknown']))}\n"
                f"  ⚠️  Do NOT proceed. Ask the user to approve this action."
            )
    return _format_error(resp)

openterms_mcp_server.py:23-43 (schema)

The schema definition for the 'issue_receipt' tool, including its name, description, and input parameters.

{
    "name": "issue_receipt",
    "description": (
        "Issue a cryptographically signed terms receipt BEFORE your agent takes an action. "
        "Returns an Ed25519-signed receipt proving consent to terms. "
        "If this returns POLICY_DENIED or POLICY_ESCALATION_REQUIRED, STOP and notify the user."
    ),
    "inputSchema": {
        "type": "object",
        "required": ["agent_id", "action_type", "terms_url", "terms_hash"],
        "properties": {
            "agent_id": {"type": "string", "description": "Identifier for this agent"},
            "action_type": {"type": "string", "enum": ["api_call", "data_access", "purchase", "custom"]},
            "terms_url": {"type": "string", "description": "URL of the terms being agreed to"},
            "terms_hash": {"type": "string", "description": "SHA-256 hash of the terms document (64 hex chars)"},
            "timestamp": {"type": "string", "description": "ISO 8601 timestamp (defaults to now)"},
            "pricing_version": {"type": "string", "description": "Pricing version (defaults to 2025-01)"},
            "action_context": {"type": "object", "description": "Optional metadata (provider, model, endpoint, etc.)"},
        },
    },
},

Tool Definition Quality

A4.2/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. Discloses critical behavioral details: Ed25519 cryptographic signing, specific error states (POLICY_DENIED, POLICY_ESCALATION_REQUIRED), and return value type. Could improve by mentioning idempotency or persistence guarantees.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three sentences with zero waste: purpose/timing first, return value second, error handling third. Every sentence contains critical operational information. Exceptionally efficient structure.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

No output schema exists, yet description adequately covers return value characteristics (Ed25519-signed receipt) and specific error conditions. Given the tool's complexity (cryptographic + policy integration), coverage is strong but could detail the receipt data structure more precisely.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 86% (high), so baseline 3 is appropriate. Description implicitly references parameters ('terms', 'action') but adds minimal semantic detail beyond the schema's existing descriptions. No compensation needed for undocumented params.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description uses specific verb 'Issue' with clear resource 'cryptographically signed terms receipt' and distinguishes from siblings like verify_receipt and list_receipts through the creation-oriented language.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Provides explicit temporal guidance ('BEFORE your agent takes an action') and critical error handling instructions ('STOP and notify the user' for specific error codes). Lacks explicit comparison to alternatives like simulate_policy, but the timing constraint is highly actionable.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jstibal/openterms-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server