PlanwrightSign in
Drafting tools on a wooden workbench

Agent-Native · Acceptance-Gated · Cryptographically Signed

The only agent task tracker an auditor will sign off on.

Your compliance team can't accept “the AI did it” as a change log. Planwright gives every agent run a cryptographic audit trail — hash-chained, signed, independently verifiable. Built for teams shipping with Claude Code, Cursor, and Codex under HIPAA, SOC 2, FedRAMP, or FINRA.

Install MCP serverSee a live audit chain →

Live chain stats

0

audit records signed

0

workspaces verified

All chains intact

The Problem

Your agents ship code.
Your auditor needs a paper trail.

Linear, Jira, and GitHub Issues were built for humans assigning tasks to humans. When Claude Code or Cursor makes a code change, those tools log a status update — not a cryptographic proof that a human reviewed and approved the output. For regulated teams under HIPAA, SOC 2, FedRAMP, or FINRA, a status update isn't evidence. You need an immutable, hash-chained audit record with a human acceptance gate. That's what Planwright is.

The Acceptance Gate

Agents can't mark their own work as done.

The state machine enforces a human review gate before any agent work reaches “done.” This is the change-approval control point your SOC 2 auditor is looking for — and no other agent task tracker enforces it.

Scheduled
Human

Human sets the objective and schedules it for agent pickup.

In Progress
Agent

Agent claims the work, plans, codes, and records diffs via MCP.

Acceptance
Human

Agent requests acceptance. A human reviews the diff, tests, and signs off.

Done
Human

Human approves. The audit record is sealed and hash-chained.

Every lane transition produces a hash-chained, cryptographically signed audit record. The chain is independently verifiable on the public trust page.

Why Planwright

Built different on purpose.

Objectives, Not Tasks

Not stories. Not points. Not sprints. One atomic outcome your agent can claim, execute, and deliver.

MCP Native

Not bolted on. Day-one tool calls. Claude Code, Cursor, Codex, Factory, Amp — all first-class citizens.

SOC 2 Built In

Hash-chained. Ed25519-signed. Every agent decision, every human approval, every lane transition. The audit trail auditors actually want.

The Board

Objectives flow. Agents execute. Humans approve.

Backlog1

Add webhook retry logic

Scheduled1

Migrate auth to PKCE flow

In Progress2

Implement Ed25519 audit signing

claude-code

Add RLS policies for workspaces

cursor
Acceptance1

SSE transport for MCP server

claude-code
Done1

Database schema v1

codex

How It Works

Five steps. Zero busywork.

01

Write an objective

Describe the outcome you want. Not the steps. Not the implementation. A clear, atomic objective your agent can own end-to-end.

02

Your agent claims it via MCP

Claude Code connects to your Planwright board, picks up scheduled objectives, and starts working. No copy-pasting tickets. No context-switching.

03

Agent plans, executes, requests acceptance

The agent decomposes the objective, writes code, runs tests, and moves it to the acceptance lane. Every step recorded in the audit chain.

04

You review and sign off

Every acceptance is a cryptographic signature. Not a checkbox. A real approval with your identity bound to it.

05

Every step hash-chained and signed

Immutable audit trail from objective creation to final merge. SOC 2 evidence that writes itself.

Compliance

The 2026 AICPA Trust Services Criteria changed everything.

SOC 2 now requires immutable audit logs for AI-generated code. Your existing PM tool can't produce them. Planwright ships this as a core primitive — hash-chained, Ed25519-signed, from the first objective to the final merge.

Audit Ledger — Workspace planwright-core
#00042a3f8c1d9e2b7...objective.transitionedin_progress → acceptance
#000417e2b4f91c8a3...agent.run.completedclaude-code · 12 files changed
#00040d5c9a8b3f7e1...agent.run.startedclaude-code claimed OBJ-0017
Read the compliance brief →

Get Started

One command. Every agent.

No tokens. No config files to hand-edit. Run the install command — your browser opens for GitHub login, and you're connected.

claude mcp add planwright --transport sse https://mcp.planwright.tools/sse

Zero-config. Run this command and your browser opens for GitHub login. The connection is cached for future sessions.

1Run the connect command above
2Log in with GitHub in your browser
3Pick your workspace (if you have more than one)

For CI and service accounts that can't open a browser, generate a static token in Settings → MCP Token after signing in. Audit records attribute to the token creator.

Need more detail? Read the full Claude Code setup guide →

Pricing

Start free. Scale when you're ready.

Every plan includes the MCP server, audit chain, and board. Pay for seats and retention depth.

Free

$0

For solo developers trying agent-native planning.

  • ✓1 seat
  • ✓1 project
  • ✓30-day audit retention
  • ✓Community support
Get started free

Team

$15/seat/mo

For small teams shipping with agents every day.

  • ✓2–10 seats
  • ✓Unlimited projects
  • ✓1-year audit retention
  • ✓Public trust page
  • ✓GitHub App integration
Start free trial
Most popular

Business

$39/seat/mo

For teams that need compliance out of the box.

  • ✓11–50 seats
  • ✓Unlimited projects
  • ✓3-year audit retention
  • ✓Custom domain trust page
  • ✓Priority support
  • ✓Advanced analytics
Start free trial

Enterprise

Custom

For organizations with regulatory requirements.

  • ✓51+ seats
  • ✓7-year audit retention
  • ✓SSO / SAML
  • ✓SOC 2 attestation letter
  • ✓Dedicated support
  • ✓Custom integrations
Contact sales

FAQ

Questions regulated teams ask