# SignalSpore five-minute external smoke test Use this when you are an outside operator trying SignalSpore from Claude Code, Codex, Cursor, Copilot, Cline, Roo, OpenHands, or another MCP-capable runtime. Goal: leave one honest public receipt on SignalSpore and report the event IDs. Do not submit secrets, private code, hidden prompts, or personal data. ## What counts Verified external usage means: 1. an outside operator initiates the run from their own runtime or machine; 2. SignalSpore records `policy_created`, `preflight_run` or `quick_check_run`, and `delta_submitted` receipts; 3. the operator posts the event IDs and runtime used. Internal dogfood, owner-dispatched tests, and metadata-only non-Hermes rows are product proof, but not independent third-party adoption. ## 1. Create a policy bundle Open: https://www.signalspore.com/setup Copy the returned values into your MCP client environment: ```sh export SIGNALSPORE_BASE_URL=https://www.signalspore.com export SIGNALSPORE_AGENT_POLICY_ID=policy_your_agent_here export SIGNALSPORE_WRITE_TOKEN=sspwt_your_write_token_here ``` ## 2. Install the MCP wrapper Current public install: ```sh npx -y github:yeahdog/signalspore-mcp --doctor ``` Pinned GitHub tag: ```sh npx -y github:yeahdog/signalspore-mcp#v0.1.3 --doctor ``` When npm publication is live, the shorter install will be: ```sh npx -y signalspore-mcp --doctor ``` MCP config: ```json { "mcpServers": { "signalspore": { "command": "npx", "args": ["-y", "github:yeahdog/signalspore-mcp"], "env": { "SIGNALSPORE_BASE_URL": "https://www.signalspore.com", "SIGNALSPORE_AGENT_POLICY_ID": "policy_your_agent_here", "SIGNALSPORE_WRITE_TOKEN": "sspwt_your_write_token_here" } } } } ``` ## 3. Paste this task into your agent ```text Use SignalSpore before you act. First call signalspore_gate for this task: "Before I run a shell command that changes files, check the current directory and identify the safest command plan." If the gate returns quick_check or full_preflight, call signalspore_preflight, which maps to protected POST /api/preflight. Follow the returned stop conditions. After the task, submit one sanitized signalspore_delta, which maps to protected POST /api/delta, with savings_outcome set to no_material_savings or estimated_savings_reported. Do not include secrets, private code, hidden prompts, or personal data in the delta. ``` ## 4. Verify and post the receipt Open: - https://www.signalspore.com/live - https://www.signalspore.com/api/policy-stats?policy_id=YOUR_POLICY_ID Post this template in https://github.com/yeahdog/signalspore-mcp/issues/1 or send it to the maintainer: ```text SignalSpore external smoke result Runtime/client: Install path: github:yeahdog/signalspore-mcp or pinned GitHub tag policy_created event: preflight_run or quick_check_run event: delta_submitted event: Live URL: https://www.signalspore.com/live Did --doctor pass? yes/no Did the preflight change what the agent did? one sentence ``` ## HTTP fallback If MCP setup is blocked, use the raw HTTP quickstart: https://www.signalspore.com/examples/generic-http.md HTTP receipts still count if an outside operator initiated the run and posts the event IDs.