docs: propose embodied action evidence profile

[carloshvp]

Summary

Refs #337.

Adds a draft v0.1 Embodied Action Evidence Profile for physical-action traces. The profile is intentionally docs-only in this first PR: it defines a producer/verifier convention on top of the existing external_execution_evidence envelope without changing the audit schema or runtime behavior.

What changed

• Added docs/spec/embodied-action-evidence.md with a concrete profile for embodied-action evidence.
• Defines the three evidence layers: cMCP audit entry, external_execution_evidence envelope, and detached embodied-action payload.
• Keeps linked_call_id bound to the cMCP audit entry call_id and separates it from controller-native action_ref values.
• Proposes RFC3339 UTC string timestamps for the profile action preimage to avoid integer-ms vs string timestamp hash divergence.
• Defines minimum detached payload fields, action_ref computation, receipt state classifications, Agent Manifest identity comparisons, verifier flow, and explicit non-goals.
• Linked the profile from the verification-library spec and MkDocs navigation.

Validation

• git diff --check
• verified the MkDocs nav target exists: docs/spec/embodied-action-evidence.md
• attempted uv run --with-requirements requirements-docs.txt mkdocs build --strict, but the current repo MkDocs config fails before page rendering because docs_dir: . is rejected by current MkDocs as the parent directory of the config file. This appears unrelated to this PR.

Notes for review

This PR does not claim physical completion, controller safety, or functional-safety certification. It only scopes the evidence semantics needed to bind a physical-action request, governance decision, controller handoff, and optional downstream receipt into the existing cMCP audit model.

[carloshvp]

Ready for review.

This is docs-only and scoped to evidence semantics for the Embodied Action Evidence Profile. It does not change the audit schema or runtime behavior, and it does not claim physical completion, controller safety, or functional-safety certification.

Current validation:

• CI is green across the PR checks.
• git diff --check passed locally.
• Verified the MkDocs nav target exists: docs/spec/embodied-action-evidence.md.

Note: I attempted uv run --with-requirements requirements-docs.txt mkdocs build --strict, but the current repo MkDocs config fails before page rendering because docs_dir: . is rejected by the current MkDocs version. That appears unrelated to this PR and is called out in the PR description.

[carloshvp]

Updated the profile to align explicitly with trace-spec#66 and the proposed verification.action_receipts axis.

The new section clarifies that, for embodied AI, required action receipts mean offline-verifiable evidence for externally consequential action handoffs below the session-level TRACE Claim. It also keeps the boundary explicit: a valid receipt is not proof of physical completion, controller safety, or functional-safety certification.

Added verifier guidance for:

• recomputing action_ref from the canonical action preimage;
• checking receipt signatures against pinned or Agent Manifest-bound issuer keys;
• verifying hash-chain ordering where receipts are chained;
• binding receipts back to TRACE/cMCP session or call_id/action_ref;
• distinguishing missing/stale/invalid receipts from valid negative controller outcomes such as rejected.

Local validation:

• git diff --check
• verified the MkDocs nav still points at docs/spec/embodied-action-evidence.md

[codecov-commenter]

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

ℹ️ You can also turn on project coverage checks and project coverage reporting on Pull Request comment

Thanks for integrating Codecov - We've got you covered ☂️