XcodeBuildMCP has built something genuinely impressive: a full MCP surface over the Xcode build/test/debug lifecycle, with 5,600+ stars and a release cadence that shows real production use. The tool coverage (simulators, UI automation, structured output) is solid.
There's one gap that becomes visible as agents start running unsupervised in CI or enterprise environments: what happened after the agent acted?
When an agent runs xcodebuild, triggers a simulator, or modifies a project structure, there's currently no tamper-evident record that a third party — a senior developer, a compliance officer, an automated audit system — can independently verify without trusting the agent's own summary.
The shape of what's missing:
- A deterministic
action_ref per tool call (SHA-256 over agent_id + action_type + scope + timestamp)
- An optional external anchor — on-chain or otherwise — that proves the record existed at a specific time and hasn't been modified
- A verify endpoint any party can query without access to the agent session
This is exactly the gap Mycelium Trails covers for other MCP-native stacks (AutoGen, LangChain, AgentKit). The mycelium-agt package (pip install mycelium-agt) implements the EvidenceAnchor interface and can be wired as an optional output sink — same pattern tomjwxf used for haystack-receipts.
Would the team be open to a discussion on how a post-execution trail layer could integrate with XcodeBuildMCP's existing tool surface? Happy to share the spec and conformance vectors.
Spec: https://github.com/giskard09/argentum-core/blob/main/docs/spec/action-ref.md
XcodeBuildMCP has built something genuinely impressive: a full MCP surface over the Xcode build/test/debug lifecycle, with 5,600+ stars and a release cadence that shows real production use. The tool coverage (simulators, UI automation, structured output) is solid.
There's one gap that becomes visible as agents start running unsupervised in CI or enterprise environments: what happened after the agent acted?
When an agent runs
xcodebuild, triggers a simulator, or modifies a project structure, there's currently no tamper-evident record that a third party — a senior developer, a compliance officer, an automated audit system — can independently verify without trusting the agent's own summary.The shape of what's missing:
action_refper tool call (SHA-256 over agent_id + action_type + scope + timestamp)This is exactly the gap Mycelium Trails covers for other MCP-native stacks (AutoGen, LangChain, AgentKit). The
mycelium-agtpackage (pip install mycelium-agt) implements theEvidenceAnchorinterface and can be wired as an optional output sink — same pattern tomjwxf used for haystack-receipts.Would the team be open to a discussion on how a post-execution trail layer could integrate with XcodeBuildMCP's existing tool surface? Happy to share the spec and conformance vectors.
Spec: https://github.com/giskard09/argentum-core/blob/main/docs/spec/action-ref.md