Read your Gate Activity (receipts)

What you'll have · ~2 min

Your install's private receipt log, decoded: which tool ran, the verdict, and the action on each row, with the guarantee that no arguments or content are ever stored.

The gate keeps a running record of what it saw: one receipt per gated call, private to your install. It is credential-blind by design. Here is how to find it and read it.

  1. 01

    Find your install id#

    Your gate posts receipts under a 32-character (hex) install id that only you hold. It is generated the first time the gate emits, and stored at ~/.mcpindex/install_id (the same machine id used for optional drift telemetry). Treat it like an unguessable key: anyone with it can read your activity, so it is not indexed and not shared.

    Not seeing this?

    No id yet? The gate writes it on first run. Make sure the gate has actually handled at least one tool call since install.

  2. 02

    Open your Gate Activity#

    Load your receipts page with your install id. The page is private (noindex) and shows your calls in time order.

    Open your Gate Activityone row per gated call: the tool hash, the verdict, the action, and the date. Add your install id to the URL to load your own log.

  3. 03

    Read a receipt row#

    Each row is deliberately spare:

    ColumnWhat it means
    ToolA hash of the tool identity, not its arguments
    VerdictALLOW, REVIEW, or DENY: the in-path decision recorded on the trust axis (a PROCEED is logged ALLOW, a HOLD is logged DENY, an inconclusive REVIEW)
    ActionThe blast-radius class read from the contract (read, write, send, delete, execute)
    DateWhen the call was gated
  4. 04

    What is never in a receipt#

    No arguments, no content, no secrets. A receipt records that a call happened and how the gate ruled on the contract, and nothing about the payload. That is what credential-blind means here: the gate can show you its activity without ever holding what flowed through your tools.

NextTune how strictly the gate holds
Questions
Can mcpindex see the arguments my agent passed to a tool?
No. Receipts are credential-blind: they record the tool identity hash, the verdict, the action class, and the date. Arguments and content are never captured, so there is nothing about the payload to see.
Why does opening my Gate Activity need an install id?
The install id is an unguessable 32-character key unique to your install. The receipts page is private and not indexed; the id is what scopes it to you, so only someone holding your id can read your log.