The host verifies (and consumes) a request's cap-token against its stateful captcha server before wasm dispatch and stamps this header; guests enforce captcha by checking CaptchaVerified, fail closed. Included in AllTrustedHeaders so the host's strip-then-stamp loop makes it unforgeable, like the identity headers. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>