Skip to content
v0.11.2Since v0.11.2

IDE Plugins

PEAC skills and rules for AI-assisted development environments. All plugins connect to the same underlying server: @peac/mcp-server.

How It Works

Each plugin configures the host IDE to launch @peac/mcp-server via the MCP stdio transport. The server exposes receipt verification, inspection, decoding, issuance, and evidence bundling as tools. The IDE agent calls these tools on your behalf during development.

CapabilityDescription
Receipt verificationVerify signatures and claims on PEAC receipts from the terminal or editor
Receipt issuanceSign and issue new receipts when running in issuer mode
Receipt inspectionDecode and inspect receipt metadata without verifying the signature
Evidence bundlingCreate evidence bundles from receipts and supporting artifacts

Claude Code

The Claude Code skill is defined in surfaces/plugin-pack/claude-code/. To enable it, add the MCP server to your project-level configuration:

.mcp.jsonJSON
{
  "mcpServers": {
    "peac": {
      "command": "npx",
      "args": ["-y", "@peac/mcp-server"]
    }
  }
}

Once configured, Claude Code can verify, inspect, decode, issue, and bundle PEAC receipts directly from the terminal. The skill files provide prompt context for receipt-aware code generation and review.

Cursor

Add the following to .mcp.json in your project root:

.mcp.jsonJSON
{
  "mcpServers": {
    "peac": {
      "command": "npx",
      "args": ["-y", "@peac/mcp-server"]
    }
  }
}

Cursor rules for PEAC are defined in surfaces/plugin-pack/cursor/. These provide project-level rules that guide the agent toward correct receipt handling patterns.

Other MCP Clients

Any client that supports the MCP stdio transport can connect to @peac/mcp-server. The configuration pattern is the same across all clients:

ClientTransportNotes
WindsurfstdioSame .mcp.json format
VS Code CopilotstdioMCP support via Copilot agent mode
Claude DesktopstdioUses claude_desktop_config.json instead of .mcp.json

See the MCP Server page for transport details and issuer mode configuration.

Security Model

The Plugin Pack follows a default-deny permission model (DD-139):

  • -Permissions are restricted to Read and Bash only; no filesystem writes or network access beyond what the MCP server provides
  • -Skill files are linted for risky patterns before inclusion
  • -No implicit fetch: URLs in receipts are locator hints only (DD-55); the server never fetches them automatically
  • -Keys are provided explicitly via flags; no ambient key discovery (DD-52)

Plugin Pack

The Plugin Pack lives in the surfaces/plugin-pack/ directory of the PEAC monorepo. It is not published to npm; it is distributed as source files that developers copy into their projects.

PropertyValue
Locationsurfaces/plugin-pack/
Runtime dependenciesZero (skill files and configuration only)
DistributionSource files in GitHub; not on npm
Design decisionDD-139 (Plugin Pack distribution contract)

Links

Get Started

Add a .mcp.json file to your project root to enable receipt verification, inspection, and issuance from any MCP-compatible IDE. No additional dependencies required beyond @peac/mcp-server.