Attest Mcp

Name: Attest Mcp
Author: chudah1

chudah1/attest-dev

Wrap or harden MCP servers so every tool call must present a scoped Attest token verified against your Attest server before execution.

Overview

Attest MCP is a Ship-phase MCP middleware that enforces scoped credential verification on every MCP tool call via your Attest server.

What is this MCP server?

Middleware-style credential enforcement on MCP tool invocations
Scoped token verification on every tool call, not just session start
npm package @attest-dev/mcp (v0.1.0) with stdio transport
Configured via ATTEST_BASE_URL pointing at your Attest server
TypeScript SDK subfolder in attest-dev monorepo on GitHub
Package version 0.1.0
Environment variable ATTEST_BASE_URL required
npm identifier @attest-dev/mcp

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 1 GitHub stars.

What problem does it solve?

Custom MCP tools often trust the host session once, leaving no per-tool scoped proof when an agent chains risky operations.

Who is it for?

Builders operating several MCP servers with sensitive integrations who already run or can deploy Attest for token issuance and verification.

Skip if: Hobby prototypes with only read-only public APIs and no identity layer, or teams unwilling to run Attest infrastructure.

What do I get? / Deliverables

Tool calls fail closed without valid scoped Attest tokens, narrowing what a compromised or over-eager agent can execute.

Per-tool-call token verification gate
Reduced unauthorized MCP tool execution surface

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Ship is when agent tools touch real data and production-adjacent systems; credential enforcement belongs with security gates before wide rollout. Security subphase covers authZ for autonomous tool use—scoped tokens per call reduce blast radius when agents over-invoke tools.

How it compares

MCP security middleware with per-call token checks, not a general secrets vault or static API-key store.

Common Questions / FAQ

Who is Attest MCP for?

Developers shipping MCP-based agent stacks who need scoped, verifiable credentials on each tool invocation rather than ambient session trust.

When should I use Attest MCP?

Use it before exposing MCP tools to production data, shared workspaces, or multi-tenant setups where tool blast radius must be bounded per action.

How do I add Attest MCP to my agent?

Deploy or connect to an Attest server, set ATTEST_BASE_URL, install @attest-dev/mcp from npm, wire the middleware per Attest docs in your MCP server pipeline, then register the secured server in your agent host.