submit_attestation
Record that a responsible party affirms an external assumption holds, mitigating linked control objectives until the attestation expires.
Instructions
Record that a responsible party affirmed an assumption holds.
Only for external assumptions. Non-applicability assumptions require CI verification (submit assertions + run mipiti-verify) — manual attestation is rejected for them.
An assumption with a current attestation can mitigate linked COs. When the attestation expires, those COs become at-risk until re-attested or covered by controls.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| model_id | Yes | ID of the threat model. | |
| statement | No | What was attested. | |
| expires_at | No | ISO 8601 expiry date (e.g., "2026-06-30T00:00:00Z"). | |
| attested_by | No | Who is attesting (name, role, organization). | |
| evidence_url | No | Optional link to supporting documentation. | |
| assumption_id | Yes | ID of the assumption (e.g., "AS1"). | |
| server_version | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||