feat(partner-built): add certnode-provenance — compliance layer for finance agents (FRE 902(13)/(14), EU AI Act Article 50)

.claude-plugin/marketplace.json

@@ -99,6 +99,11 @@
       "source": "./plugins/partner-built/spglobal",
       "description": "S&P Global - Financial data and analytics skills including company tearsheets, earnings previews, and transaction summaries"
     },
+    {
+      "name": "certnode-provenance",
+      "source": "./plugins/partner-built/certnode-provenance",
+      "description": "CertNode - Cryptographic provenance for finance-agent outputs. Signs every pitch deck, IC memo, earnings note, KYC output, and valuation report with FRE 902(13)/(14)-framed evidence + EU AI Act Article 50 disclosure surface."
+    },
     {
       "name": "claude-for-msft-365-install",
       "source": "./claude-for-msft-365-install",

plugins/partner-built/certnode-provenance/.claude-plugin/plugin.json

@@ -0,0 +1,32 @@
+{
+  "name": "certnode-provenance",
+  "description": "Cryptographic provenance layer for finance-agent outputs. Wraps any agent's deliver step with CertNode signing — pitch decks, IC memos, earnings notes, KYC outputs, valuation reports carry FRE 902(13)/(14)-framed evidence + EU AI Act Article 50 disclosure surface.",
+  "version": "0.1.0",
+  "author": {
+    "name": "CertNode"
+  },
+  "homepage": "https://certnode.io/solutions/financial-services",
+  "repository": "https://github.com/srbryant86/certnode/tree/main/partner-plugins/anthropic-financial-services/certnode-provenance",
+  "license": "Apache-2.0",
+  "keywords": [
+    "fre-902-13",
+    "fre-902-14",
+    "ai-provenance",
+    "anthropic-finance-agents",
+    "eu-ai-act",
+    "compliance",
+    "audit-trail",
+    "financial-services",
+    "finra",
+    "rfc-3161"
+  ],
+  "mcpServers": {
+    "certnode-provenance": {
+      "command": "npx",
+      "args": ["-y", "@certnode/mcp-server"],
+      "env": {
+        "CERTNODE_API_KEY": "${CERTNODE_API_KEY}"
+      }
+    }
+  }
+}

plugins/partner-built/certnode-provenance/.mcp.json

@@ -0,0 +1,11 @@
+{
+  "mcpServers": {
+    "certnode-provenance": {
+      "command": "npx",
+      "args": ["-y", "@certnode/mcp-server"],
+      "env": {
+        "CERTNODE_API_KEY": "${CERTNODE_API_KEY}"
+      }
+    }
+  }
+}

plugins/partner-built/certnode-provenance/README.md

@@ -0,0 +1,135 @@
+# CertNode Provenance — Partner Plugin for Anthropic financial-services
+
+Cryptographic provenance layer for Anthropic finance agents. Wraps any agent's deliverable with three-layer timestamped signing designed for **FRE 902(13)/(14)** self-authenticating digital evidence and **EU AI Act Article 50** disclosure.
+
+## What this plugin does
+
+Every output from a finance agent (pitch builder, earnings reviewer, IC memo, KYC screener, valuation reviewer, statement auditor, etc.) reaches a client, LP, regulator, auditor, or official record. Internal logging doesn't satisfy:
+
+- **FRE 902(13) / 902(14)** admissibility when a deliverable becomes evidence
+- **FINRA Rule 2241** recordkeeping for published research
+- **BSA/AML** audit trail for KYC screening decisions
+- **EU AI Act Article 50** machine-readable disclosure for AI-generated content (in force August 2026)
+
+This plugin makes every output's cryptographic provenance a one-line addition:
+
+```typescript
+import { CertNode } from '@certnode/sdk'
+
+const cert = new CertNode({ apiKey: process.env.CERTNODE_API_KEY! })
+const signed = await cert.signAIOutput({
+  output: pitchDeckContent,
+  model: 'claude-opus-4-7',
+  provider: 'anthropic',
+})
+
+// signed.receiptId — store with the deliverable in your CRM / DMS
+// signed.verifyUrl — give to client / LP / regulator / counsel
+// signed.timestamps.{certnode, rfc3161, bitcoin} — independent chain
+```
+
+## What the three timestamp layers prove
+
+1. **Layer 1 (CertNode signature)** — ES256 JWS over content hash. Verifiable against CertNode's published public key. Reproducible by any opposing expert.
+2. **Layer 2 (RFC 3161 timestamp)** — Countersignature from an independent Time Stamp Authority. The format cited in case law for self-authenticating digital evidence.
+3. **Layer 3 (Bitcoin OpenTimestamps anchor)** — Merkle commitment to a Bitcoin block, confirmed within 1–2 hours. Strongest non-revocable proof-of-existence. Even if CertNode + the RFC 3161 TSA both disappear, the Bitcoin proof remains independently verifiable forever.
+
+## Install
+
+### As a Claude Code plugin
+
+```bash
+claude plugin marketplace add anthropics/claude-for-financial-services
+claude plugin install certnode-provenance@claude-for-financial-services
+```
+
+### Via Cowork plugin UI
+
+```
+Settings → Plugins → Add plugin
+Search for: certnode-provenance
+```
+
+### Direct npm install (for non-plugin usage)
+
+```bash
+npm install @certnode/sdk
+```
+
+## Auth
+
+Get an API key at <https://certnode.io/dashboard/provenance>. Free tier: 100 receipts/month, no card required. Metered pricing above ($0.01/receipt with volume discounts down to $0.002).
+
+Set in environment:
+
+```bash
+export CERTNODE_API_KEY=cn_live_...
+```
+
+The plugin's MCP server auto-reads this env var (see `plugin.json` → `mcpServers`).
+
+## Privacy patterns for sensitive workflows
+
+KYC screening, LP-statement audits, IC memos, and similar workflows touch PHI / PII / privileged content. CertNode supports a sealed-content pattern where raw content stays in your infrastructure and only a salted hash crosses the wire:
+
+```typescript
+const promptHash = crypto.createHash('sha256').update(SALT + sensitiveContent).digest('hex')
+
+const signed = await cert.signAIOutput({
+  output: `<sealed-content content-hash="${promptHash}" model="claude-opus-4-7" />`,
+  model: 'claude-opus-4-7',
+  provider: 'anthropic',
+  promptHash,
+})
+```
+
+CertNode receives only the sentinel + hash — no PHI, no privileged content, no client identifiers. See <https://certnode.io/docs/provenance/recipes/sign-user-prompts-privacy> for the full implementation.
+
+## Verification
+
+Anyone — client, LP, regulator, auditor, opposing counsel — can verify a receipt without a CertNode account:
+
+```bash
+# Public verify endpoint (no auth required)
+curl -X POST https://certnode.io/api/v1/provenance/verify \
+  -H "Content-Type: application/json" \
+  -d '{"receiptId": "uuid-from-signed-deliverable"}'
+
+# Or open in any browser:
+# https://certnode.io/verify/uuid-from-signed-deliverable
+```
+
+For verification-only integrations (browser extensions, audit tooling, verification pipelines), use the lightweight verify-only SDK:
+
+```bash
+npm install @certnode/verify
+```
+
+## Compliance framing notes
+
+- **"Designed for FRE 902(13)/(14)"** — not unqualified "court-admissible." No court has ruled on a CertNode receipt specifically. The underlying primitives (ES256, JWS, RFC 3161, OpenTimestamps) are well-precedented.
+- **Independent verifiability** is the defensive cornerstone. Opposing experts run the same verification using open standards. Customers don't need to trust CertNode for the cryptography to hold.
+- **Multi-model neutral** — works with Claude, OpenAI, Mistral, Llama, or any model. CertNode does not preference any AI provider.
+- See <https://certnode.io/docs/provenance/compliance> for the full counsel-facing breakdown.
+
+## Cross-references
+
+- Recipe (end-to-end): <https://certnode.io/docs/provenance/recipes/sign-finance-agent-outputs>
+- Solutions page (compliance mapping): <https://certnode.io/solutions/financial-services>
+- API reference: <https://certnode.io/docs/provenance/api-reference>
+- Compliance framing: <https://certnode.io/docs/provenance/compliance>
+- npm SDK: <https://www.npmjs.com/package/@certnode/sdk>
+- Verify-only SDK: <https://www.npmjs.com/package/@certnode/verify>
+- MCP server: <https://www.npmjs.com/package/@certnode/mcp-server>
+
+## License
+
+Apache 2.0 (matches the parent anthropics/financial-services repo).
+
+## About CertNode
+
+CertNode provides cryptographic provenance APIs for AI outputs, chargeback evidence (Stripe Reflex), payment evidence vaults, and refund-abuse detection. <https://certnode.io>
+
+For procurement / enterprise terms / SOC 2 evidence (in-flight): email <contact@certnode.io>.
+
+**Important:** CertNode is not affiliated with or endorsed by Anthropic. This plugin is proposed as a community / partner integration to make finance-agent outputs compliance-defensible.

plugins/partner-built/certnode-provenance/commands/sign-with-provenance.md

@@ -0,0 +1,48 @@
+---
+name: sign-with-provenance
+description: Sign any AI-generated output with CertNode cryptographic provenance. Returns a public verify URL anyone can use to confirm the content existed in this exact form at the signing time. Designed for FRE 902(13)/(14) admissibility + EU AI Act Article 50 disclosure. Use after producing a deliverable that will reach a client, LP, regulator, or official record.
+---
+
+# /sign-with-provenance
+
+Sign the current document, conversation transcript, or any AI-generated content with CertNode three-layer cryptographic provenance.
+
+## Usage
+
+```
+/sign-with-provenance
+```
+
+Run after producing content you want to verifiably preserve. The command will:
+
+1. Call the `sign-output` skill with the current context
+2. Display the receipt id + public verify URL
+3. Suggest where to embed the verify URL (deck footer, email signature, report appendix, CRM record)
+
+## Prerequisites
+
+- `CERTNODE_API_KEY` set in environment (get one at <https://certnode.io/dashboard/provenance>)
+- Free tier: 100 signings/month, no card
+
+## Example output
+
+```
+✓ Signed
+  Receipt ID:    7e3a9b2f-4c5d-4e6f-8a9b-1c2d3e4f5g6h
+  Verify URL:    https://certnode.io/verify/7e3a9b2f-4c5d-4e6f-8a9b-1c2d3e4f5g6h
+  Signed at:     2026-05-11T03:42:18Z
+  RFC 3161:      ✓ countersigned by independent TSA
+  Bitcoin:       ⏳ queued (confirms in 1-2 hours)
+
+Suggested next steps:
+  - Embed verify URL in your deliverable's footer / signature
+  - Persist receipt id with the deliverable in your CRM / DMS
+  - For LP / regulator / counsel delivery, include verify URL + "Designed for
+    FRE 902(13)/(14) self-authenticating digital evidence" framing
+```
+
+## Related
+
+- Skill: `sign-output` (the underlying implementation)
+- Recipe: <https://certnode.io/docs/provenance/recipes/sign-finance-agent-outputs>
+- Compliance: <https://certnode.io/docs/provenance/compliance>

plugins/partner-built/certnode-provenance/skills/sign-output/SKILL.md

@@ -0,0 +1,141 @@
+---
+name: sign-output
+description: Wrap any Anthropic finance-agent deliverable with CertNode cryptographic provenance signing before delivery. Produces a public verify URL alongside the artifact so clients, LPs, regulators, and counsel can independently verify the chain. Designed for FRE 902(13)/(14) self-authenticating digital evidence + EU AI Act Article 50 disclosure.
+---
+
+# Sign Output Skill
+
+Fire CertNode signing on any finance-agent deliverable. Returns the original output plus a receipt id + public verify URL.
+
+## When to fire
+
+This skill fires automatically when:
+
+- A named agent is about to deliver content to a client, LP, regulator, or official record
+- The user invokes `/sign-with-provenance` slash command on any text or document
+- A wrapping skill chains into this skill before its own delivery step
+
+## What it does
+
+1. Hashes the deliverable (sha256) — raw content stays in your infrastructure
+2. Calls `POST https://certnode.io/api/v1/provenance/sign` with content + model + metadata
+3. Returns a receipt object containing:
+   - `receiptId` (uuid)
+   - `verifyUrl` (public verify page anyone can check)
+   - `signedAt` (ISO 8601 timestamp)
+   - `timestamps.certnode.id` (internal HMAC-SHA256 timestamp)
+   - `timestamps.rfc3161` (optional — independent Time Stamp Authority countersignature)
+   - `timestamps.bitcoin.status` (pending → anchored within 1-2 hours)
+
+## Auth
+
+Set `CERTNODE_API_KEY` in your environment (key from <https://certnode.io/dashboard/provenance>).
+
+Free tier: 100 signings/month, no card. Metered above that ($0.01 → $0.002/signing on volume tiers).
+
+## Compliance framing
+
+- **FRE 902(13)/(14)** — Receipts are structured to satisfy Federal Rule of Evidence 902(13) (electronic records generated by accurate process) and 902(14) (digital signatures). The signing process is deterministic + reproducible by opposing experts.
+- **EU AI Act Article 50** — Receipt's public verify URL is the machine-readable disclosure required for AI-generated content under EU rules (in force August 2026).
+- **FINRA** — Recordkeeping rules satisfied by including receiptId + verifyUrl in supervisory records.
+- **No bare "court-admissible" claims** — use "designed for FRE 902(13)/(14) admissibility" framing. No court has ruled on a CertNode receipt specifically; the underlying primitives (RFC 3161, ES256, JWS, OpenTimestamps) are well-precedented.
+
+## Privacy patterns
+
+For PHI, PII, attorney-client-privileged, or trade-sensitive content:
+
+- **Hash before signing.** Pass `promptHash` field with a sha256 of the sensitive part; the raw content stays in your infrastructure.
+- **Sealed-content variant.** Sign a sentinel string `<sealed content-hash="..." model="..."/>` and store the salted hash of the real content in your encrypted storage. Receipt becomes a binding ledger entry without exposing content.
+
+See <https://certnode.io/docs/provenance/recipes/sign-user-prompts-privacy> for the implementation patterns.
+
+## Implementation
+
+```typescript
+import { CertNode } from '@certnode/sdk'
+
+const cert = new CertNode({ apiKey: process.env.CERTNODE_API_KEY! })
+
+export async function signFinanceAgentOutput(input: {
+  agentName: string                              // 'pitch-builder' | 'earnings-reviewer' | ...
+  output: string
+  model: string                                   // 'claude-opus-4-7' typically
+  contentType?: 'ai_output' | 'document' | 'json' | 'image'
+  clientContext?: Record<string, string>          // optional audit-trail metadata (hashed)
+}): Promise<{
+  receiptId: string
+  verifyUrl: string
+  signedAt: string
+}> {
+  // Hash any sensitive client context — never send raw client IDs to CertNode
+  const promptHashParts: string[] = [`agent=${input.agentName}`]
+  if (input.clientContext) {
+    const crypto = await import('node:crypto')
+    for (const [key, value] of Object.entries(input.clientContext)) {
+      const hashed = crypto.createHash('sha256').update(value).digest('hex').slice(0, 16)
+      promptHashParts.push(`${key}=${hashed}`)
+    }
+  }
+
+  const signed = await cert.signAIOutput({
+    output: input.output,
+    model: input.model,
+    provider: 'anthropic',
+    promptHash: promptHashParts.join('|'),
+  })
+
+  return {
+    receiptId: signed.receiptId,
+    verifyUrl: signed.verifyUrl,
+    signedAt: signed.signedAt,
+  }
+}
+```
+
+## Agent integration map
+
+The 10 Anthropic finance agents that should wrap this skill on their delivery step:
+
+| Anthropic agent | Why it needs provenance |
+|---|---|
+| Pitch builder | Branded pitch decks delivered to clients — SEC/FINRA scrutiny on advertised claims |
+| Earnings reviewer | Published analyst notes — FINRA Rule 2241 recordkeeping |
+| Statement auditor | LP statement reviews — auditor + LP discovery |
+| KYC screener | Document parsing + flagging — BSA/AML FinCEN audit |
+| IC memo (private equity) | Investment committee memos — discoverable in fund litigation |
+| Model builder | DCF / LBO / 3-statement Excel — "did the AI build this, when, with what inputs" |
+| Valuation reviewer | GP package valuations — LP advisory committee audit |
+| Market researcher | Sector overviews to clients — published research recordkeeping |
+| Meeting preparer | Pre-meeting briefing packs — internal recordkeeping |
+| Month-end closer | Accruals + variance commentary — auditor scrutiny |
+
+## Errors
+
+- `free_tier_exceeded` (HTTP 402) → org has hit 100/mo free cap. Response body includes `upgrade_url` pointing at the dashboard. Customer must add a payment method to continue signing.
+- `content_too_large` (HTTP 413) → content > 1 MB. For long deliverables, sign a sha256 hash of the content rather than the full content.
+- `invalid_or_revoked_api_key` (HTTP 401) → key missing, malformed, or revoked. Regenerate from <https://certnode.io/dashboard/provenance>.
+
+## Verifying later
+
+Anyone — client, LP, regulator, auditor, opposing counsel — can verify a receipt without a CertNode account:
+
+```bash
+# Public verify endpoint (no auth required)
+curl -X POST https://certnode.io/api/v1/provenance/verify \
+  -H "Content-Type: application/json" \
+  -d '{"receiptId": "uuid-from-signed-deliverable"}'
+
+# Or open the verify URL in any browser:
+# https://certnode.io/verify/uuid-from-signed-deliverable
+```
+
+## Cross-references
+
+- Plugin manifest: `plugin.json`
+- Slash command: `commands/sign-with-provenance.md`
+- MCP server: `@certnode/mcp-server@1.2.2+` (auto-configured via `mcpServers` in plugin.json)
+- Full recipe: <https://certnode.io/docs/provenance/recipes/sign-finance-agent-outputs>
+- Solutions page: <https://certnode.io/solutions/financial-services>
+- Compliance framing: <https://certnode.io/docs/provenance/compliance>
+- npm SDK: <https://www.npmjs.com/package/@certnode/sdk>
+- Verify-only SDK (for browser extensions / audit tooling): <https://www.npmjs.com/package/@certnode/verify>