Evidence Interlock · For agent tool calls

Evidence Interlock for MCP tool calls.

When an agent calls a tool, GeoClear helps the receiving system verify operational evidence before accepting the action. Valid evidence proceeds. Missing evidence holds. Policy violations block. Tampered evidence rejects.

Containment limits what an agent can reach. GeoClear verifies whether the tool action is authorized to cross the gate.

Open Evidence Interlock Demo → Request Architecture Brief

Four outcomes. One verification path.

Source Agent → GeoClear Evidence Interlock → MCP Tool / Receiving System

Valid evidence

Missing evidence

Hold

Policy violation

Block

Tampered evidence

Reject

Missing evidence is held before the tool action executes. Policy violations are blocked before the action leaves. Tampered evidence is rejected by verification. Valid evidence proceeds to the receiving system unchanged.

How it integrates.

The Evidence Interlock sits in front of tool calls. The integration shape stays small and standards-aligned.

Works as MCP-compatible middleware over standard transports.
Sits in front of tool calls or server-side tool handlers.
Returns structured guidance when an action is held or rejected.
Supports local, offline-capable verification using customer-held verification material.

Operational evidence, not raw mission data.

The tool action carries a signed operational evidence packet. The packet can include commitments and verification material while raw mission or enterprise data stays inside the customer boundary by default.

Sent with the action

Actor
Action
Policy reference
Evidence commitments
Approval state
Freshness
Signature / issuer reference
Verification result
Customer evidence record

Stays with the customer

Raw imagery
Raw logs
PII
Invoices
Mission data
Full policy systems

Verified locally

Accept
Hold
Reject
Quarantine
Escalate
No live GeoClear application call required for verification.

Full policy systems, raw mission data, PII, raw imagery, invoices, and internal logs stay inside the customer boundary unless the customer explicitly chooses otherwise.

Policy can run where the customer needs it to run.

Three ways to produce the policy result. One verification path.

Mode C

Customer-computed

Customer computes the policy result locally. GeoClear binds and signs the result into operational evidence. Best for federal, high-sensitivity, and existing policy-engine environments.

Mode B

Minimized evaluation

GeoClear evaluates customer-approved minimized attributes only. Best for commercial teams without mature policy infrastructure.

Mode A

Customer-controlled boundary

GeoClear software is deployed inside a customer-controlled or authorized integrator-managed environment. Best for sovereign, DDIL, high-assurance, and federal deployments.

When evidence is missing, the agent receives guidance instead of guessing.

Held and rejected actions return structured guidance the agent can act on. Plain labels, no guessing loops.

Missing evidenceHold and ask for required proof.

Human approval requiredRoute to human clearance.

Policy violationBlock before the action leaves; surface policy reason.

Tampered evidenceReject and stop retry loop.

Expired evidenceRefresh or re-request.

Customer-held proof after the tool call.

The customer keeps the proof. Verification works without a live GeoClear application call.

Signed operational evidence receipt (the technical artifact).
Evidence packet summary.
Verification material (public, customer-held).
Customer-held evidence bundle.
Offline verification path — try the offline verifier →

Deployment patterns.

Three integration shapes for different team sizes and assurance needs.

Developer preview · local MCP server

For evaluation, integration prototyping, and single-team pilots. Run a local Evidence Interlock against your existing agent runtime.

Enterprise MCP gateway · middleware

For org-wide rollout, multi-team agent fleets, and existing gateway architectures. The Evidence Interlock sits as middleware in front of tool calls.

Customer-controlled or enclave deployment

For sovereign, federal, DDIL, and high-assurance environments. GeoClear software runs inside the customer-controlled or authorized integrator-managed boundary.

Request Architecture Brief Request Developer Preview

Questions we hear.

What is an Evidence Interlock?

A neutral verification layer that sits in front of tool calls. Before the receiving system accepts an action, it checks that the action carries a signed operational evidence packet. Valid evidence proceeds. Missing evidence holds. Policy violations block. Tampered evidence rejects.

Does GeoClear replace MCP?

No. The Evidence Interlock is MCP-compatible middleware. The Model Context Protocol stays the protocol. GeoClear adds verification before the receiving tool accepts the action.

Where does policy run?

Where the customer needs it to run. Mode C runs policy customer-side; GeoClear binds and signs the result. Mode B evaluates customer-approved minimized attributes. Mode A runs inside a customer-controlled or authorized integrator-managed boundary. Regardless of mode, the receiving system verifies the same signed operational evidence packet.

Does raw data leave the customer boundary?

Not by default. The signed operational evidence packet carries commitments and verification material. Raw imagery, raw logs, PII, invoices, mission data, and full policy systems stay inside the customer boundary unless the customer explicitly chooses otherwise.

What happens when evidence is missing?

The action is held before the tool executes. The agent receives structured guidance (route to required proof, request human approval, refresh, or stop). No silent block, no guessing loop.

What happens when proof is tampered?

Verification rejects the action and signals stop on the retry loop. Tampered evidence is detected locally; no live GeoClear application call is required to catch it.

Does GeoClear certify the model was right?

No. GeoClear records that a declared action, actor, evidence commitments, policy reference, and decision result were bound together at issuance time. The customer is responsible for what they declared. GeoClear does not certify model correctness, policy correctness, or mission decision validity.

Does verification require a live GeoClear call?

No. Verification is local. The receiving system uses customer-held verification material to check the signed operational evidence packet without a live GeoClear application call. See the offline verifier.

How do we pilot this with ECS, federal, or enterprise workflows?

Email hello@geoclear.io with your workflow shape (agent runtime, receiving system, assurance need). We will respond with a deployment pattern that matches the boundary and a short pilot scope.

The neutral operational evidence layer for AI tool calls.

Valid evidence proceeds. Missing evidence holds. Policy violations block. Tampered evidence rejects. The customer keeps the proof.

Open Evidence Interlock Demo → Request Architecture Brief