Cryptographic audit trail for Semantic Kernel plugin invocations

[jagmarques]

Built an integration that signs every plugin invocation and agent step in Semantic Kernel with post-quantum signatures, creating a tamper-evident audit log.

The problem: when agents invoke plugins and chain actions together, you need an independent record that no action was modified or deleted after the fact.

from semantic_kernel import Kernel
from semantic_kernel.connectors.ai.open_ai import OpenAIChatCompletion
import asqav

asqav.init(api_key="sk_...")
auditor = asqav.Agent.create("sk-auditor")
session = auditor.start_session(name="kernel-audit")

kernel = Kernel()
kernel.add_service(OpenAIChatCompletion(service_id="chat"))

result = await kernel.invoke_prompt("Summarize the compliance report")

session.log("kernel:invoke_prompt", metadata={
    "prompt_hash": asqav.hash_content("Summarize the compliance report"),
    "result_hash": asqav.hash_content(str(result)),
    "service": "chat"
})

Each entry gets an ML-DSA-65 signature hash-chained to the previous one. Export the trail as JSON for compliance reviews.

Useful for enterprise deployments where you need to prove to auditors exactly what your AI system did - EU AI Act Article 12, SOC 2, etc.

Repo: https://github.com/Upsonic/Upsonic