Is Agent Audit Logger free?

Yes, Agent Audit Logger is free to use.

How do I install Agent Audit Logger?

Agent Audit Logger is a local plugin. Install it using PyPI package: agent-audit-logger-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What AI apps work with Agent Audit Logger?

Agent Audit Logger uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Agent Audit Logger MCP Server

by CSOAI ORG

Developer ToolsUse Caution3.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Hash-chained HMAC-signed audit log MCP for A2A (agent-to-agent) calls. Every tool-call, agent-ha...

About

Hash-chained HMAC-signed audit log MCP for A2A (agent-to-agent) calls. Every tool-call, agent-ha...

Security Report

3.2

Use Caution3.2High Risk

The Agent Audit Logger MCP implements reasonable authentication and cryptographic signing for audit logging, but has several security and code quality issues that reduce confidence. Key concerns include: a development fallback signing key that should never reach production, an insecure attestation API call that sends sensitive data over HTTPS without certificate pinning or replay protection, environment variable handling that could leak credentials in error messages, and reliance on in-memory storage without persistence guarantees. While the server's stated purpose (A2A audit logging) justifies its permissions, the implementation has gaps that create operational risk. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).

6 files analyzed · 15 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

Unverified package source

We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-csoai-org-agent-audit-logger-mcp": {
      "args": [
        "agent-audit-logger-mcp"
      ],
      "command": "uvx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Agent Audit Logger MCP

Hash-chained, HMAC-signed audit log for A2A agent calls. Tamper-evident by construction. EU AI Act Art 12 / DORA Art 17 / ISO 42001 clause 9 auditor-ready.

By MEOK AI Labs.

Why

When agent A delegates to agent B who invokes tool C, the causal chain disappears the moment anything fails. Auditors need a record that proves:

The event actually happened (cryptographic signature)
The record wasn't modified after the fact (hash chain)
The chain is continuous (no deletions)

Point every agent at this MCP's log tool. Each entry is HMAC-SHA256 signed and hash-chained to the previous entry.

Tools

log — append a new (from_agent, to_agent, action, outcome) entry, signed + chained
verify_chain — re-verify the entire chain for a tenant; flags the first break
search — query by agent, operation, outcome
daily_stats — per-day log volume
sign_day_attestation — Pro: signed end-of-day evidence packet with tip hash

Install

pip install agent-audit-logger-mcp

Claude Desktop

{
  "mcpServers": {
    "audit": { "command": "agent-audit-logger-mcp" }
  }
}

Example

# In your orchestrator MCP, immediately after an A2A delegation:
log(
    tenant_id="acme-corp",
    from_agent="orchestrator",
    to_agent="compliance-scorer",
    action="score_dora_article_9",
    payload_hash=sha256(payload),
    outcome="success",
    context_csv="high-risk,financial"
)

# End of day: emit signed attestation for auditor
sign_day_attestation(
    tenant_id="acme-corp",
    date_utc="2026-04-23",
    api_key="meok_pro_..."
)

Tiers

Free — 1,000 log entries/day, ephemeral, chain verification
Pro £199/mo — unlimited + signed end-of-day attestations + chain integrity reports — subscribe
Enterprise £1,499/mo — multi-tenant + SIEM webhook push + retention policy — subscribe

Related MEOK MCPs

agent-rate-limiter-mcp — fleet-wide shared rate limiter
agent-policy-enforcement-mcp — per-agent-pair IAM
a2a-governance-bridge-mcp — map A2A to compliance frameworks
meok-attestation-verify — verify signed certs anywhere

License

MIT — MEOK AI Labs, 2026.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Agent Audit Logger MCP Server

About

Security Report

Findings (15)Action required

Permissions Required

How to Install

Documentation

Agent Audit Logger MCP

Why

Tools

Install

Claude Desktop

Example

Tiers

Related MEOK MCPs

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent