Verify what your agents produce — before it ships.

Family-different

The caller's model family is excluded from the verifier by construction — no model grades its own homework, even under provider outage.

Reasoning-stripped

The producer's chain-of-thought is stripped before it crosses the family boundary, so a manipulated trace can't inflate the verdict.

Multi-lens, submodular

At least three decorrelated lenses run in parallel; prism refuses if they collapse to a single redundant signal.

Independently-verifiable receipts

Every verdict emits a replayable Ed25519 receipt a different tool verifies with prism's public key — no shared secret.

Citation verification

A deterministic retrieval floor (arXiv/Crossref) + a numeric guard gate a RAG-fed groundedness lens — fabrications refuse, not pass.

Bring your own verifier

Back the citation groundedness check with a model you self-host — opt-in, family-different, and fail-open to your hosted verifiers. The most frequent check, at zero per-call cost.

CLI · MCP · HTTP

Same guarantees from the `prism` CLI, an MCP server, and a FastAPI service (`prism serve`) — pick the surface your workflow needs.

Install

uv tool install prism-verify
# or: pipx install prism-verify
# or, zero Python:
npx @mcptoolshop/prism-verify --help

Verify an artifact

export PRISM_DEV=1   # local dev signing key
prism verify \
  --artifact @myfile.py \
  --intent "Sort a list in O(n log n)" \
  --caller-family openai --provider ollama

Run as an HTTP service

prism serve --port 8000
# POST /verify · GET /replay/{id} · POST /verify-receipt · OpenAPI at /docs

Verify a receipt cross-tool (no shared secret)

prism keygen --out signing_key.pem && prism pubkey > prism-pub.pem
prism verify-receipt receipt.json --public-key prism-pub.pem