IDE Plugins
PEAC skills and rules for AI-assisted development environments. All plugins connect to the same underlying server: @peac/mcp-server.
How It Works
Each plugin configures the host IDE to launch @peac/mcp-server via the MCP stdio transport. The server exposes receipt verification, inspection, decoding, issuance, and evidence bundling as tools. The IDE agent calls these tools on your behalf during development.
| Capability | Description |
|---|---|
| Receipt verification | Verify signatures and claims on PEAC receipts from the terminal or editor |
| Receipt issuance | Sign and issue new receipts when running in issuer mode |
| Receipt inspection | Decode and inspect receipt metadata without verifying the signature |
| Evidence bundling | Create evidence bundles from receipts and supporting artifacts |
Claude Code
The Claude Code skill is defined in surfaces/plugin-pack/claude-code/. To enable it, add the MCP server to your project-level configuration:
{
"mcpServers": {
"peac": {
"command": "npx",
"args": ["-y", "@peac/mcp-server"]
}
}
}Once configured, Claude Code can verify, inspect, decode, issue, and bundle PEAC receipts directly from the terminal. The skill files provide prompt context for receipt-aware code generation and review.
Cursor
Add the following to .mcp.json in your project root:
{
"mcpServers": {
"peac": {
"command": "npx",
"args": ["-y", "@peac/mcp-server"]
}
}
}Cursor rules for PEAC are defined in surfaces/plugin-pack/cursor/. These provide project-level rules that guide the agent toward correct receipt handling patterns.
Other MCP Clients
Any client that supports the MCP stdio transport can connect to @peac/mcp-server. The configuration pattern is the same across all clients:
| Client | Transport | Notes |
|---|---|---|
| Windsurf | stdio | Same .mcp.json format |
| VS Code Copilot | stdio | MCP support via Copilot agent mode |
| Claude Desktop | stdio | Uses claude_desktop_config.json instead of .mcp.json |
See the MCP Server page for transport details and issuer mode configuration.
Security Model
The Plugin Pack follows a default-deny permission model (DD-139):
- -Permissions are restricted to Read and Bash only; no filesystem writes or network access beyond what the MCP server provides
- -Skill files are linted for risky patterns before inclusion
- -No implicit fetch: URLs in receipts are locator hints only (DD-55); the server never fetches them automatically
- -Keys are provided explicitly via flags; no ambient key discovery (DD-52)
Plugin Pack
The Plugin Pack lives in the surfaces/plugin-pack/ directory of the PEAC monorepo. It is not published to npm; it is distributed as source files that developers copy into their projects.
| Property | Value |
|---|---|
| Location | surfaces/plugin-pack/ |
| Runtime dependencies | Zero (skill files and configuration only) |
| Distribution | Source files in GitHub; not on npm |
| Design decision | DD-139 (Plugin Pack distribution contract) |
Links
Get Started
Add a .mcp.json file to your project root to enable receipt verification, inspection, and issuance from any MCP-compatible IDE. No additional dependencies required beyond @peac/mcp-server.