Skip to main content
Glama
CSOAI-ORG

meok-mcp-injection-scan-mcp

by CSOAI-ORG
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

signed_safety_report

Issue a cryptographically signed safety report for MCP server scans, returning a certificate with a public verify URL for audit date confirmation. Pro/Enterprise tier only.

Instructions

Issue a cryptographically signed safety report for the scanned MCP server. Returns a cert with a public verify URL anyone can hit to confirm the audit happened on the date claimed.

Pro / Enterprise tier only.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
subjectYes
findings_jsonNo
scoreNo
noteNo
api_keyNo

Implementation Reference

  • server.py:485-524 (handler)
    Main handler function for the 'signed_safety_report' MCP tool. Takes 'subject', 'findings_json', 'score', 'note', and 'api_key' parameters. Requires Pro or Enterprise tier access. Parses findings_json, calls _sign_via_attestation_api to cryptographically sign the report, and returns a dict with the certificate and verification URL.
    @mcp.tool()
def signed_safety_report(
    subject: str,
    findings_json: str = "",
    score: int = 0,
    note: str = "",
    api_key: str = "",
) -> dict:
    """
    Issue a cryptographically signed safety report for the scanned MCP server.
    Returns a cert with a public verify URL anyone can hit to confirm the audit
    happened on the date claimed.

    Pro / Enterprise tier only.
    """
    ok, msg, tier = check_access(api_key)
    if not ok or tier not in ("pro", "enterprise"):
        return {
            "error": "signed reports require Pro tier (£29/mo Starter, £79/mo Pro) or Enterprise £1,499/mo",
            "upgrade_starter": STRIPE_29,
            "upgrade_pro": STRIPE_79,
            "upgrade_enterprise": STRIPE_1499,
        }
    try:
        findings = json.loads(findings_json) if findings_json else []
    except json.JSONDecodeError:
        findings = []
    cert = _sign_via_attestation_api(api_key, {
        "subject": subject,
        "findings": findings,
        "score": score,
        "note": note or f"MEOK MCP Injection Scanner — {len(INJECTION_RULES)} rules applied",
    })
    return {
        "tier": tier,
        "subject": subject,
        "report": cert,
        "verify_at": cert.get("verify_url"),
        "ship_to_ciso": "Forward this cert + verify URL in any procurement / SOC2 / ISO 42001 audit response.",
    }
  • server.py:349-371 (helper)
    Helper function '_sign_via_attestation_api' that makes an HTTP POST request to the attestation API to cryptographically sign the safety report payload. Accepts api_key and payload dict, returns a cert dict with a verify_url.
    def _sign_via_attestation_api(api_key: str, payload: dict) -> dict:
    """Best-effort signing call to meok-attestation-api. Returns cert dict."""
    body = {
        "api_key": api_key,
        "regulation": "MCP-SEC-AUDIT-2026",
        "entity": payload.get("subject", "anonymous"),
        "score": payload.get("score", 0),
        "findings": [f"{f.get('rule_id', '')} {f.get('name', '')}" for f in (payload.get("findings") or [])][:30],
        "articles_audited": [r["id"] for r in INJECTION_RULES],
        "auditor_notes": payload.get("note", ""),
    }
    try:
        data = json.dumps(body).encode("utf-8")
        req = urllib.request.Request(
            f"{_ATTESTATION_API}/sign",
            method="POST",
            data=data,
            headers={"Content-Type": "application/json", "User-Agent": "meok-mcp-injection-scan/1.0"},
        )
        with urllib.request.urlopen(req, timeout=8) as r:
            return json.loads(r.read().decode("utf-8"))
    except Exception as e:
        return {"error": f"signing unavailable: {type(e).__name__}: {e}"}
  • server.py:68-69 (helper)
    Helper function 'check_access' that delegates to '_shared_check_access' to validate the API key and return the tier (free/pro/enterprise).
    def check_access(api_key: str = ""):
    return _shared_check_access(api_key)
  • server.py:485-485 (registration)
    Registration decorator '@mcp.tool()' on line 485 that registers the 'signed_safety_report' function as an MCP tool with the FastMCP server instance 'mcp'.
    @mcp.tool()
  • server.py:493-498 (schema)
    Schema/type definition via the docstring and function signature: parameters are 'subject' (str, required), 'findings_json' (str, default ''), 'score' (int, default 0), 'note' (str, default ''), 'api_key' (str, default ''); returns a dict.
    """
Issue a cryptographically signed safety report for the scanned MCP server.
Returns a cert with a public verify URL anyone can hit to confirm the audit
happened on the date claimed.

Pro / Enterprise tier only.

Tool Definition Quality

C2.8/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided. Description discloses the return of a signed cert and verify URL, but fails to disclose behavioral traits such as whether the tool is read-only or destructive, authentication requirements, or error behavior. The api_key parameter suggests authentication is needed but not stated.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three sentences, front-loaded with the core purpose. Each sentence adds value, though a bit more structure (e.g., bullet points for return value) could improve scanability.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 5 parameters, 1 required, no output schema, and no annotations, the description is inadequate. It does not explain parameter meanings, output details beyond 'cert and verify URL', or error conditions, leaving significant gaps for an agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters1/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, meaning description does not explain any of the 5 parameters (subject, findings_json, score, note, api_key). The description adds no meaning beyond what the schema field titles provide, which are minimal.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states it issues a cryptographically signed safety report and returns a cert with a verify URL. Distinguishes from siblings like scan_mcp_url (scanning) but does not explicitly contrast with all siblings.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Mentions 'Pro / Enterprise tier only' as a usage restriction, but provides no guidance on when to use this tool versus alternatives (e.g., after a scan). Usage context is implied but not explicit.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CSOAI-ORG/meok-mcp-injection-scan-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server