signet

Overview Schema Related Servers Score Discussions

signet_content_hash

Compute SHA-256 hash of any JSON value after canonical serialization (RFC 8785 JCS) to ensure consistent content fingerprints for audit and accountability.

Instructions

Compute SHA-256 hash of canonical JSON (RFC 8785 JCS). Accepts any JSON value.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`content`	Yes	JSON content to hash (object, array, string, number, boolean, or null)

Implementation Reference

packages/signet-mcp-tools/src/tools.ts:132-137 (handler)
Handler for the signet_content_hash tool. Calls contentHash() on the provided content argument and returns the hash as JSON.
```
case 'signet_content_hash': {
  const hash = contentHash(args?.content);
  return {
    content: [{ type: 'text', text: JSON.stringify({ hash }) }],
  };
}
```

packages/signet-mcp-tools/src/tools.ts:60-70 (registration)

Registration of the signet_content_hash tool in the MCP ListTools handler, including its description and input schema requiring 'content' (any JSON value).

{
  name: 'signet_content_hash',
  description: 'Compute a deterministic SHA-256 hash over canonical JSON using RFC 8785 JCS. Use this when you need a stable digest for receipt params, audit records, or comparing semantically identical JSON with different formatting or key order. Returns JSON {hash: string}.',
  inputSchema: {
    type: 'object' as const,
    properties: {
      content: { description: 'Any JSON value to hash: object, array, string, number, boolean, or null.' },
    },
    required: ['content'],
  },
},

packages/signet-mcp-tools/src/tools.ts:60-70 (schema)

Input schema for signet_content_hash: takes a single required 'content' parameter (any JSON value).

{
  name: 'signet_content_hash',
  description: 'Compute a deterministic SHA-256 hash over canonical JSON using RFC 8785 JCS. Use this when you need a stable digest for receipt params, audit records, or comparing semantically identical JSON with different formatting or key order. Returns JSON {hash: string}.',
  inputSchema: {
    type: 'object' as const,
    properties: {
      content: { description: 'Any JSON value to hash: object, array, string, number, boolean, or null.' },
    },
    required: ['content'],
  },
},

packages/signet-core/src/index.ts:313-315 (helper)
The core contentHash() function that JSON-stringifies the input and delegates to the WASM implementation wasm_content_hash.
```
export function contentHash(value: unknown): string {
  return wasm_content_hash(JSON.stringify(value));
}
```

plugins/claude-code/wasm/signet_wasm.js:7-27 (helper)

The WASM binding for content hashing (wasm_content_hash) that passes the JSON string to the Rust/WASM module and returns the hash string.

function wasm_content_hash(json) {
    let deferred3_0;
    let deferred3_1;
    try {
        const ptr0 = passStringToWasm0(json, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
        const len0 = WASM_VECTOR_LEN;
        const ret = wasm.wasm_content_hash(ptr0, len0);
        var ptr2 = ret[0];
        var len2 = ret[1];
        if (ret[3]) {
            ptr2 = 0; len2 = 0;
            throw takeFromExternrefTable0(ret[2]);
        }
        deferred3_0 = ptr2;
        deferred3_1 = len2;
        return getStringFromWasm0(ptr2, len2);
    } finally {
        wasm.__wbindgen_free(deferred3_0, deferred3_1, 1);
    }
}
exports.wasm_content_hash = wasm_content_hash;

Tool Definition Quality

A4/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It transparently states the computation (SHA-256 hash) and the canonicalization method (RFC 8785 JCS). It discloses no side effects or permissions needed, which is acceptable for a pure computation tool. However, it could mention that the output is a hex-encoded string.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise, consisting of two sentences. It front-loads the action ('Compute SHA-256 hash') and the specification ('RFC 8785 JCS'). Every word contributes meaningfully without redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the low complexity (1 parameter, no nested objects, no output schema), the description is mostly complete. It covers the input and the core operation. However, it could mention that the return value is a hex-encoded hash string, as this is not obvious from the description alone.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, so the baseline is 3. The description adds 'any JSON value' which is already in the schema's parameter description. No additional semantics are provided beyond what the schema already conveys.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states 'Compute SHA-256 hash of canonical JSON (RFC 8785 JCS). Accepts any JSON value.' It specifies the algorithm (SHA-256), the canonicalization standard (JCS), and the accepted input types. This distinctly sets it apart from sibling tools like signet_sign and signet_verify.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

While the tool's purpose is clear, the description does not provide guidance on when to use this tool versus alternatives. It does not mention prerequisites, exclusions, or contexts where hashing is preferred over signing/verification. Usage is implied but not explicitly guided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Prismer-AI/signet'

If you have feedback or need assistance with the MCP directory API, please join our Discord server