Optional "Receipt Required" guard for destructive tools (delete_repo, permissions)

[FutureEnterprises]

This server exposes irreversible tools (delete_repository, visibility/permission changes). I maintain EMILIA's open Receipt Required rail (Apache-2.0): a small, opt-in gate so an irreversible tool refuses to run unless a named human signed an authorization receipt for that exact action.

The four-step behavior (CI-verified):

• missing receipt → 428 Receipt Required
• valid, action-bound receipt → runs
• same receipt replayed → refused (one-time consumption)
• forged receipt → refused

It's disabled by default, no protocol lock-in — purely additive. There's a runnable github-admin example mirroring delete_repo, plus a 10-minute guide. Would you be open to a PR adding this behind an opt-in flag? Happy to author it.

Spec + guide: https://github.com/emiliaprotocol/emilia-protocol/blob/main/docs/guides/RECEIPT-REQUIRED-MCP.md