AgentTrust
AgentTrust
mcp

Prompts

Three guided MCP workflows — audit a payment, set up an agent, explain a failure. Each composes multiple tool calls into a structured procedure.

MCP prompts are reusable, parameterised templates that the server returns in response to prompts/get. The client (Claude Desktop, Cursor, OpenAI Agents SDK) presents the prompt's messages to the model, which then drives the tool calls. Prompts encode the right order of tool calls for common workflows.

Source: mcp/src/prompts/.

Three prompts

NameWhat it walks the user through
agenttrust_audit_paymentSimulate a payment, read the policy, read the payee's reputation, surface the decision
agenttrust_setup_agentBootstrap a fresh agent identity + first PolicyAccount in one atomic init_policy self-heal
agenttrust_explain_failureGiven a failed payment's reason code, explain root cause + remediation

agenttrust_audit_payment

Required args: payer_agent, payee_agent, amount, mint, policy_id. Optional: caller.

The prompt walks the model through:

  1. agenttrust_get_policy({ agent_asset: payer_agent, policy_id }) — read the spending caps, velocity threshold, counterparty tier requirement, required capability.
  2. agenttrust_get_quantu_reputation({ agent_asset: payee_agent }) — read the payee's tier, risk, confidence.
  3. agenttrust_simulate_payment({ caller, payer_agent, payee_agent, amount, mint, policy_id }) — run the gate.
  4. Compare the simulation result to the policy thresholds + payee reputation. Surface Allow, Deny(reason), or RequireValidation(capability) with the relevant numbers.

Use case: "Audit this payment before I send it." The model produces a structured explanation of the decision rather than a yes/no answer.

agenttrust_setup_agent

Required args: use_case. The use_case is free-text — the prompt uses it to suggest reasonable defaults for the policy fields (per-tx cap, velocity window, counterparty tier minimum).

The prompt walks the model through:

  1. Use agenttrust_init_policy to bootstrap a brand-new agent + policy in one atomic tx. Omit agent_asset to let the tool generate one. The output's agentAsset field is the agent's canonical pubkey for downstream calls. The same call self-heals agent_account + atom_stats (Quantu), PolicyAuthority + KillSwitchState (AgentTrust), and lands the PolicyAccount + VelocityLedger — all under one signature, with healedSteps: ["register_agent_via_cpi", "init_authority", "init_killswitch"] returned in the structured envelope.
  2. Confirm the result by calling agenttrust_get_policy({ agent_asset: <agentAsset from step 1>, policy_id: 1 }).

Use case: "Set up a basic AgentTrust policy for a new agent." The prompt + init_policy's self-heal land a working agent identity plus policy in one or two turns.

agenttrust_explain_failure

Required args: reason_code (1..15). Optional: payer_agent, payee_agent, policy_id.

The prompt walks the model through:

  1. agenttrust_explain_decision({ reason_code }) — translate to canonical name + remediation hint.
  2. If the optional context is present, run the relevant lookup (get_quantu_reputation, get_velocity, get_killswitch, get_validation_attestation) to inspect the actual on-chain state that drove the deny.
  3. Surface the contradiction in plain language ("the policy requires min_counterparty_tier = 3 but the payee's tier_immediate = 1").

Use case: "Why did my last payment fail with reason code 6?" The prompt produces an explanation grounded in real on-chain state, not training-data guesses.

How clients invoke prompts

// Pseudocode — the actual API depends on the MCP client.
const prompts = await mcp.request("prompts/list");
// → [{ name: "agenttrust_audit_payment", description, arguments }, …]

const audit = await mcp.request("prompts/get", {
  name:      "agenttrust_audit_payment",
  arguments: {
    payer_agent: "5Pfa…K8y",
    payee_agent: "C9pY…B3dR",
    amount:      "1000000",
    mint:        "EPjF…Dt1v",
    policy_id:   1,
    caller:      "4tSE…hRG",
  },
});
// → { messages: [{ role: "user", content: { type: "text", text: "Walk me through auditing this payment…" } }, … ] }

The model then picks tools to call, the client surfaces the tool results back to the model, and the prompt's structure produces a grounded answer.

In Claude Desktop, prompts appear as slash commands when an MCP server is connected. Type /agenttrust_audit_payment in chat → the UI prompts for the required arguments → the model executes the workflow.

Validation

Phase M validated all three prompts via direct prompts/get calls. All three return non-empty messages arrays with structured user prompts referencing the right tools. Missing-argument probes return clean -32603 missing required argument errors. Full report: docs/proofs/phase-m-mcp-e2e.md §M1.5.

Phase P verified agenttrust_explain_failure end-to-end with Claude sonnet driving the workflow against live devnet state — the model called agenttrust_explain_decision(6) then agenttrust_get_killswitch to inspect the actual policy fields, and produced a remediation in plain language.

Source

Resources

Four MCP resource URIs — devnet program manifest, docs corpus mirror, demo source files. Path-traversal-safe, MIME-typed, MCP-list-friendly.

Hosted HTTP endpoint

The streamable-HTTP MCP transport at mcp.agenttrust.tech — semantics, healthz, session model, retry behaviour.

On this page

Three promptsagenttrust_audit_paymentagenttrust_setup_agentagenttrust_explain_failureHow clients invoke promptsValidationSource
⌘I