Use TN with your agent
No skill required. Tell your agent what you want and point it at one file. The agent learns the patterns, the naming rules, and how to grant, revoke, and read back.
The one-file option
There is a single instruction file at
tnproto.org/AGENT.md. Any AI
assistant that can read a URL can use it: tell your agent to load
that page, or paste its contents into the chat. From that point on
the agent knows the patterns, the naming rules, and how to grant,
revoke, and verify.
# option A: point the agent at the file Read https://tnproto.org/AGENT.md and use TN for logging in this project. For example, use tn.log("order.placed", order_id=o.id, amount=o.total) to write an event, and tn.read() to read the log back. # option B: paste the contents into the chat <paste contents of AGENT.md here> Use TN for logging from here on. For example, tn.log("order.placed", order_id=o.id, amount=o.total) to write, and tn.read() to read.
Results vary by model and by how much context the agent already has about your codebase. A strong model with a clear project layout writes TN-compliant code from the first reply.
The plugin option (Claude Code)
If your agent is Claude Code, a plugin is available that bundles every TN skill with examples and safety checks. The agent picks the right one for each request, and decisions that touch keys or access ask for confirmation before acting.
# from Claude Code /plugin install tn-logging # the agent now has the full TN toolkit
Six skill packs, each with its own knowledge, examples, and safety rules. The agent chooses the right one based on what you ask for. You do not have to name them. If you like to know what is under the hood, here they are.
What you can ask for
“Log this like we usually do.”
Your agent emits TN log lines in the spots that matter: after a database write, an HTTP call, a payment, a user action. It follows your project conventions so the event names stay tidy.
“Add TN logging to this file.”
Point it at an existing file full of print() or console.log() calls. The agent retrofits them to TN, preserves comments and behavior, and keeps your sensitive values out of the event name.
“Is this record tampered?”
The agent walks the chain, checks signatures, and reports back in plain English. Ask it to compare the same event across two parties and it tells you whether both sides agree.
“Give the auditor access to the amount field.”
Grants, rotations, and revocations happen through a short conversation with the agent. It tells you what changes, asks for confirmation on the sensitive ones, and writes the config.
“Show me the last ten payment errors.”
The agent reads your tables, decrypts the fields you are allowed to see, and answers with real records. No SQL, no manual joins.
“Audit this codebase against PCI.”
The agent loads the active packs, walks the source, and reports prose findings. Missing logs, wrong groups, fields leaking into event types, post-auth forbidden values. It cites the spec.
“Add a new reader named partner-acme.”
The agent edits tn.yaml for you: event types, groups, recipients, field visibility. It stays inside the rules so the config keeps loading.
Industries the agent already knows
Logs become receipts when they’re signed and sealed. Sealed by what? By the rules of the industry the receipt belongs to. PCI knows what counts as cardholder data. HIPAA knows what counts as a patient record. FERPA knows what counts as a student record. The agent ships knowing all of them, so when it walks a codebase it can tell which values need locking and which can stay legible. That is what DRM for logs looks like in practice.
| Industry | Standard | What the standard is about |
|---|---|---|
| Identity and auth | OIDC Core 1.0 + RFC 7519 | The names a login system uses for who someone is, what they can do, and the tokens that prove it. |
| Payments | PCI DSS v4.0 | What banks call “the card data”. The number, the expiry, the CVV, the PIN. Some of it must vanish the moment a charge clears. |
| E-commerce orders | Schema.org Order | Customer name, address, line items, totals, fulfillment. The shape Shopify, Stripe, and direct-to-consumer storefronts already use. |
| Healthcare records | HL7 FHIR R4 | The clinical record. Who the patient is, what the doctor noted, what the lab measured, what was prescribed. PHI under HIPAA. |
| Customer relationships | Salesforce object model | Contacts, leads, opportunities, support cases. The data sales and customer-success teams keep about people and deals. |
| Cloud audit logs | AWS CloudTrail | The receipt every cloud account leaves behind. Who did what, from where, against which resource. The same shape covers GCP and Azure. |
| RFC 5322 and RFC 5321 | The headers and body of an email message. From, To, Subject, the routing trail, and the body itself. | |
| Trading | FIX 4.4 / 5.0 SP2 | The wire format banks and exchanges use to place orders and confirm fills. Symbols are public; account ids and the prices on a working order are not. |
| IoT and geolocation | NMEA 0183 + OGC SensorThings 1.1 | Device telemetry. A stable id, where the device is, how fast it is moving, what it is reading. Location plus a stable device id is a person. |
| K-12 education | 1EdTech OneRoster 1.2 | The student information system. Who is enrolled in which class, with which teacher, at which school. FERPA-protected. |
| Custody and portfolio | ISO 20022 semt.002 | The end-of-day statement of holdings. Which account owns how many of which security and what it is worth. |
How the agent uses what it knows
Ask the agent to look at a file, a folder, or the whole repo. It reads the code, recognises the standards in play, and points to every spot where a value should be sealed instead of left in the open. The agent does not invent rules. It cites them. Every flag traces back to the section of the standard that named the field.
Fixes happen in the same conversation. Seal a field. Rotate a key. Grant the auditor read access to one column and nothing else. The receipts that result prove what happened. The people allowed can read them. Everyone else sees ciphertext. DRM for logs.
What it looks like in chat
checkout.py.print() calls around the charge,
the refund, and the error path. I will replace them with
tn.info("payment.charged", …),
tn.info("payment.refunded", …), and
tn.error("payment.failed", …). Field names follow
your existing tn.yaml. Proceed?
partner-finance to the amount
field’s reader list and rotated the group key. From the next
entry on, they can decrypt amount for
payment.charged. The customer and card fields stay
sealed.
If you already use an AI assistant for day-to-day coding, the TN plugin lets you add a new question to its repertoire: “what does this log say”, “who can read it”, “prove it has not changed”. Answers come back in the same chat window.