Metadata-Version: 2.4
Name: dominion-trust-check
Version: 0.1.0
Summary: Gate your AI agent's MCP tool calls against Dominion Observatory runtime trust — one call, zero dependencies. Returns a signed diligence receipt.
Project-URL: Homepage, https://dominionobservatory.com/sdk
Author: Dominion Observatory
License: MIT
Keywords: agent-safety,ai-agents,mcp,model-context-protocol,security,supply-chain,trust
Requires-Python: >=3.8
Description-Content-Type: text/markdown

# dominion-trust-check (Python)

Gate your AI agent's MCP tool calls against **Dominion Observatory** runtime trust — one call, zero dependencies (stdlib only). Before your agent connects to or invokes an unfamiliar MCP server, check it, and get back a **signed diligence receipt** proving you did.

Timely after the ClawHavoc (OpenClaw/ClawHub) and Miasma (npm) supply-chain attacks: invoking an unvetted server without a trust check is negligent.

## Install

```bash
pip install dominion-trust-check
```

## Use

```python
from dominion_trust_check import gate, trust_check, verify, DominionGateError

# Block on FAIL (default), or require a minimum score:
gate("https://some-mcp-server.com/mcp", min_score=60)  # raises DominionGateError on FAIL

# Non-throwing check:
res = trust_check("https://some-mcp-server.com/mcp")
print(res["verdict"], res.get("trust_score"))  # "PASS" | "UNCERTAIN" | "FAIL" | "UNRATED"

# Gate a ClawHub / OpenClaw skill instead of an MCP server:
gate("calendar", registry="clawhub")

# Independently verify any Dominion-signed receipt (no trust in us required):
v = verify(res["diligence_receipt"]["jws"])
print(v["valid"])  # True
```

Wrap a gate in a `try/except` to fail closed:

```python
try:
    gate(server_url, min_score=60)
except DominionGateError as e:
    log.warning("blocked untrusted server: %s", e.dominion.get("verdict"))
    raise
```

## API

- `gate(server, min_score=None, block=True, registry=None, base=None)` — raises `DominionGateError` if the verdict is `FAIL` (or below `min_score`); otherwise returns the pre-flight result including a signed diligence receipt. `block=False` never raises.
- `trust_check(server, registry=None, base=None)` — returns the verdict + evidence without raising.
- `verify(jws, base=None)` — cryptographically verify a Dominion receipt against the [published public key](https://dominionobservatory.com/.well-known/jwks.json).

## Honest by design

Servers with no runtime behavioral data return `UNRATED` — never a fabricated score. Verdicts reflect independently-measured runtime behavior, not static code scans. Not a security audit or a guarantee.

MIT · [dominionobservatory.com/sdk](https://dominionobservatory.com/sdk)
