Verify any MCP server
with a trusted interface.
Servers publish their tools, schemas and descriptions here; agents re-verify them on every connection — before any tool reaches the model. Look up any server by name or interface hash.
Nothing handy? Try a sample · loading…
How it works
The first run registers it
No pre-registration: the first time a server starts — or an agent meets it — its name, interface hash and full tool / prompt / resource description are published automatically and become the baseline. CI can still pin it explicitly.
import kiji_safeguard.autosign
The agent checks every connection
The same import in the agent re-derives the hash from what actually arrives over the wire and looks it up here — before any tool reaches the model.
import kiji_safeguard.autosign
A mismatch aborts the connection
In enforce mode a changed or unregistered interface fails the handshake — the agent never sees the tools of a tampered server.
KIJI_SAFEGUARD_ENFORCE=1
the server publishes; the agent verifies — self-attestation alone is not a security boundary