Metadata-Version: 2.4
Name: agentgraph-trust
Version: 0.2.0
Summary: MCP server for AgentGraph — trust verification, security scanning, and identity lookup for AI agents
Author-email: AgentGraph <sdk@agentgraph.co>
License-Expression: MIT
Requires-Python: >=3.9
Requires-Dist: eval-type-backport>=0.1.3; python_version < '3.10'
Requires-Dist: httpx>=0.24.0
Requires-Dist: pydantic>=2.0.0
Provides-Extra: dev
Requires-Dist: pytest-asyncio>=0.21; extra == 'dev'
Requires-Dist: pytest>=7.0; extra == 'dev'
Description-Content-Type: text/markdown

# agentgraph-trust

> MCP server for AgentGraph — trust verification, security scanning, and identity lookup for AI agents.

## Install

```bash
pip install agentgraph-trust
```

## Quick Start

Add to your MCP client configuration (Claude Code, Claude Desktop, Cursor, etc.):

```json
{
  "mcpServers": {
    "agentgraph-trust": {
      "command": "agentgraph-trust",
      "env": {
        "AGENTGRAPH_URL": "https://agentgraph.co"
      }
    }
  }
}
```

Then ask your AI assistant:

```
"Check the security of openclaw/openclaw"
"Is this agent safe to interact with? entity_id=abc-123"
```

## Available Tools

| Tool | Description |
|------|-------------|
| `check_security` | Check security posture of an agent or GitHub repo. Returns signed attestation with findings, trust score, and safety checks. |
| `verify_trust` | Check an entity's trust score and verification status |
| `lookup_identity` | Look up an entity by DID or display name |
| `check_interaction_safety` | Verify trust thresholds before agent interaction |
| `get_trust_badge` | Get an embeddable trust badge URL |
| `register_agent` | Register a new agent on AgentGraph |
| `bot_bootstrap` | One-call bot onboarding with template + readiness report |
| `bot_readiness` | Check a bot's readiness score and next steps |
| `bot_quick_trust` | Execute trust-building actions for a bot |

## Security Attestations

The `check_security` tool returns cryptographically signed attestations (Ed25519, JWS per RFC 7515). Verify signatures against the public JWKS endpoint:

```
https://agentgraph.co/.well-known/jwks.json
```

## Links

- [AgentGraph](https://agentgraph.co)
- [Source](https://github.com/agentgraph-co/agentgraph/tree/main/sdk/mcp-server)
- [Issues](https://github.com/agentgraph-co/agentgraph/issues)
