@poteshniy/agenttrust-mcp 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +129 -0
  2. package/package.json +30 -0
package/index.js ADDED
@@ -0,0 +1,129 @@
1
+ import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
2
+ import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
3
+ import { z } from 'zod';
4
+
5
+ const API = 'https://agenttrust.uk';
6
+
7
+ async function call(endpoint, body) {
8
+ const r = await fetch(`${API}${endpoint}`, {
9
+ method: 'POST',
10
+ headers: { 'Content-Type': 'application/json' },
11
+ body: JSON.stringify(body),
12
+ });
13
+ return r.json();
14
+ }
15
+
16
+ async function get(endpoint) {
17
+ const r = await fetch(`${API}${endpoint}`);
18
+ return r.json();
19
+ }
20
+
21
+ const server = new McpServer({
22
+ name: 'agenttrust',
23
+ version: '1.0.0',
24
+ description: 'Security scanner and reputation oracle for AI agent skills and MCP servers',
25
+ });
26
+
27
+ // 1. scan_skill_free
28
+ server.tool('scan_skill_free',
29
+ { content: z.string().describe('SKILL.md content to scan (max 50 lines)') },
30
+ async ({ content }) => {
31
+ const r = await call('/v1/scan/free', { content });
32
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
33
+ }
34
+ );
35
+
36
+ // 2. scan_skill
37
+ server.tool('scan_skill',
38
+ { content: z.string().describe('Full SKILL.md content to scan (40 rules, $0.015 USDC)') },
39
+ async ({ content }) => {
40
+ const r = await call('/v1/scan', { content });
41
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
42
+ }
43
+ );
44
+
45
+ // 3. scan_mcp_free
46
+ server.tool('scan_mcp_free',
47
+ { manifest: z.record(z.any()).describe('MCP server manifest JSON to scan (3 rules, free)') },
48
+ async ({ manifest }) => {
49
+ const r = await call('/v1/scan/mcp/free', { manifest });
50
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
51
+ }
52
+ );
53
+
54
+ // 4. scan_mcp
55
+ server.tool('scan_mcp',
56
+ { manifest: z.record(z.any()).describe('MCP server manifest JSON to scan (50 rules, $0.015 USDC)') },
57
+ async ({ manifest }) => {
58
+ const r = await call('/v1/scan/mcp', { manifest });
59
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
60
+ }
61
+ );
62
+
63
+ // 5. trust_gate
64
+ server.tool('trust_gate',
65
+ {
66
+ skill: z.string().optional().describe('SKILL.md content'),
67
+ mcp: z.record(z.any()).optional().describe('MCP manifest JSON'),
68
+ endpoint: z.string().optional().describe('x402 endpoint URL'),
69
+ },
70
+ async (args) => {
71
+ const r = await call('/v1/gate', args);
72
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
73
+ }
74
+ );
75
+
76
+ // 6. check_reputation
77
+ server.tool('check_reputation',
78
+ { url: z.string().describe('x402 endpoint URL to check reputation') },
79
+ async ({ url }) => {
80
+ const r = await get(`/v1/reputation?url=${encodeURIComponent(url)}`);
81
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
82
+ }
83
+ );
84
+
85
+ // 7. verify_hash
86
+ server.tool('verify_hash',
87
+ {
88
+ content: z.string().optional().describe('SKILL.md content to verify'),
89
+ hash: z.string().optional().describe('SHA256 hash to verify'),
90
+ },
91
+ async (args) => {
92
+ const r = await call('/v1/verify', args);
93
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
94
+ }
95
+ );
96
+
97
+ // 8. full_report
98
+ server.tool('full_report',
99
+ {
100
+ content: z.string().describe('SKILL.md content for full audit ($0.050 USDC)'),
101
+ skill_id: z.string().optional().describe('Skill name or identifier'),
102
+ },
103
+ async (args) => {
104
+ const r = await call('/v1/report', args);
105
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
106
+ }
107
+ );
108
+
109
+ // 9. wallet_reputation
110
+ server.tool('wallet_reputation',
111
+ { address: z.string().describe('Agent wallet address to look up ($0.010 USDC)') },
112
+ async ({ address }) => {
113
+ const r = await get(`/v1/trust/${address}`);
114
+ return { content: [{ type: 'text', text: JSON.stringify(r, null, 2) }] };
115
+ }
116
+ );
117
+
118
+ // 10. get_badge_url
119
+ server.tool('get_badge_url',
120
+ { url: z.string().describe('x402 endpoint URL to get trust badge for') },
121
+ async ({ url }) => {
122
+ const badge_url = `${API}/v1/badge?url=${encodeURIComponent(url)}`;
123
+ return { content: [{ type: 'text', text: JSON.stringify({ badge_url, embed: `<img src="${badge_url}"/>` }, null, 2) }] };
124
+ }
125
+ );
126
+
127
+ const transport = new StdioServerTransport();
128
+ await server.connect(transport);
129
+ console.error('AgentTrust MCP Server running');
package/package.json ADDED
@@ -0,0 +1,30 @@
1
+ {
2
+ "name": "@poteshniy/agenttrust-mcp",
3
+ "version": "1.0.0",
4
+ "description": "AgentTrust MCP Server \u2014 security scanner for AI agent skills and MCP servers",
5
+ "main": "index.js",
6
+ "bin": {
7
+ "agenttrust-mcp": "./index.js"
8
+ },
9
+ "type": "module",
10
+ "scripts": {
11
+ "start": "node index.js"
12
+ },
13
+ "dependencies": {
14
+ "@modelcontextprotocol/sdk": "^1.0.0",
15
+ "zod": "^3.0.0"
16
+ },
17
+ "keywords": [
18
+ "mcp",
19
+ "security",
20
+ "ai-agents",
21
+ "agenttrust",
22
+ "x402"
23
+ ],
24
+ "author": "poteshniy",
25
+ "license": "MIT",
26
+ "repository": {
27
+ "type": "git",
28
+ "url": "https://github.com/poteshniy/agenttrust"
29
+ }
30
+ }