Publish execution receipt schema files

[GsCommand]

Motivation

• The public docs and demos reference clas.execution.receipt.v1 but the canonical execution schema and manifest were not published under the public site, so consumers cannot fetch the schema at /schemas/execution/....
• Future CLAS schema syncs should include the new execution family alongside the existing trust-verification family to keep public schemas discoverable and in sync.

Description

• Add the execution receipt schema at public/schemas/execution/execution.receipt.schema.json and the execution manifest at public/schemas/execution/manifest.json to publish clas.execution.receipt.v1 publicly.
• Update the public schema index public/schemas/index.json to expose the execution family and point to /schemas/execution/manifest.json.
• Extend the sync script scripts/sync-clas-schemas.sh to copy both trust-verification and execution families from the CLAS source into public/schemas.
• Update the scoped execution docs page public/docs/scoped-execution-settlement.html to link directly to /schemas/execution/execution.receipt.schema.json and /schemas/execution/manifest.json and add a test file tests/execution-schema-publication.test.js that asserts the files and index entry exist.

Testing

• Ran npm test, and the full test suite completed successfully (147 tests passed, 0 failed).
• Ran npm run check:links, and the site link check reported "All local links/assets resolved" across HTML files.
• Attempted npm run build:clas-schemas but the build:clas-schemas script is not defined in package.json.
• Performed bash -n scripts/sync-clas-schemas.sh (syntax OK), parsed the new JSON files with node to ensure they are valid, and ran git diff --check with no issues.

---

Codex Task

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
commandlayer-commandlayer-org	Ready	Preview, Comment	Jun 13, 2026 10:47pm
commandlayer-org	Ready	Preview, Comment	Jun 13, 2026 10:47pm
commandlayer-org111	Ready	Preview, Comment	Jun 13, 2026 10:47pm

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 658f3ba86b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Allow documented action objects in the schema

Both the scoped execution docs and the execution receipt demo model valid clas.execution.receipt.v1 receipts with action as an object containing fields like name and input_hash, but this newly published schema only accepts a non-empty string here. Consumers who fetch the public schema linked from the docs and validate those advertised receipt shapes will reject them before any proof-scope checks run, so the schema should accept the documented object shape or the examples should be changed.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Reject extra settlement proof coverage

The docs describe the settlement signer as covering only receipt_id and settlement, but this rule only requires covers to contain settlement; a settlement proof with covers: ["receipt_id", "settlement", "action"] would still be schema-valid. That lets a settlement authority appear to attest execution fields despite the separate trust-boundary model, so settlement proof coverage should be constrained to the allowed fields.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Require an execution proof before accepting receipts

Because proofs only requires one item of either proof type, a clas.execution.receipt.v1 receipt with only a settlement proof currently validates even though the documented valid states are execution-only or execution plus settlement. In that scenario, consumers using this public schema would accept an execution receipt that has no agent/runtime attestation for what actually executed, so the array should require at least one type: "execution" proof.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Constrain payee commitments to real digests

The schema describes payee_commitment as a sha256: commitment, but this pattern accepts arbitrary non-empty base64-ish text such as sha256:not_a_digest. When a public receipt includes malformed commitment data, schema validation would still pass even though selective disclosure later cannot verify a real SHA-256 commitment, so this should enforce an actual digest format and length.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Require execution proofs to cover execution fields

For type: "execution", this rule only prevents settlement from being covered; it still validates an execution proof whose covers is just ["receipt_id"]. In that case a receipt would pass the public schema without the agent/runtime signature covering verb, agent, or action, which undermines the documented execution attestation scope, so the execution branch should require the expected execution fields as well.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Forbid sensitive settlement extras in public receipts

The privacy warning explicitly says not to publish fields such as settlement.stealth_address, but additionalProperties: true makes those fields schema-valid in the newly published public receipt schema. Builders using this schema as their pre-publication gate could therefore leak private payment linkage while still passing validation, so the public settlement object should be closed or explicitly reject known sensitive fields.

Useful? React with 👍 / 👎.