skvil-mcp

skvil_verify

Verify AI agent skills for safety by checking reputation scores, risk levels, certification status, and community scan data using SHA-256 composite hashes.

Instructions

Check if an AI agent skill is safe before installing it. Returns reputation score, risk level, certification status, and community scan data. Use this to verify any skill by its SHA-256 composite hash.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`hash`	Yes	SHA-256 composite hash of the skill (e.g. "sha256:4a2f8b...c81e")

Implementation Reference

src/tools.ts:21-118 (registration)

Tool registration of skvil_verify - defines the tool name, description, input schema, and handler function that processes verification requests and formats the response with reputation score, risk level, certification status, and behavioral analysis findings.

// ── skvil_verify ──────────────────────────────────────────────────────────
server.tool(
  'skvil_verify',
  'Check if an AI agent skill is safe before installing it. Returns reputation ' +
    'score, risk level, certification status, and community scan data. ' +
    'Use this to verify any skill by its SHA-256 composite hash.',
  { hash: hashSchema },
  async ({ hash }) => {
    try {
      const result = await api.verify(hash);

      if (!result.known) {
        return {
          content: [
            {
              type: 'text',
              text:
                `**Unknown skill** (${hash})\n\n` +
                'This skill has never been scanned by the Skvil network.\n' +
                'It has no reputation data or certification.\n\n' +
                '**Recommendation:** Do not install without scanning first.',
            },
          ],
        };
      }

      const score = result.reputation_score ?? 0;
      const totalScans = result.total_scans ?? 0;

      const lines: string[] = [
        `**Skill verification: ${hash}**\n`,
        `- **Reputation score:** ${formatScore(score)}`,
        `- **Total community scans:** ${totalScans}`,
        `- **Risk level:** ${result.risk_summary?.last_risk_level ?? 'unknown'}`,
      ];

      if (result.certification) {
        lines.push(`- **Certification:** ${result.certification}`);
      } else {
        lines.push('- **Certification:** none');
      }

      if (result.confirmed_malicious) {
        lines.push(
          '\n**CONFIRMED MALICIOUS** — a Skvil admin has verified this skill is dangerous.',
        );
        lines.push('Do NOT install this skill.');
      }

      if (result.risk_summary) {
        const f = result.risk_summary.findings_by_severity;
        const critical = f.critical ?? 0;
        const high = f.high ?? 0;
        const medium = f.medium ?? 0;
        const low = f.low ?? 0;
        if (critical > 0 || high > 0) {
          lines.push(
            `\n**Findings:** ${critical} critical, ${high} high, ${medium} medium, ${low} low`,
          );
        }
      }

      if (result.crucible) {
        lines.push(`\n**Crucible behavioral analysis:** ${result.crucible.status}`);
        lines.push(`- Behavioral score: ${result.crucible.score}`);
        if (result.crucible.behavioral_findings.length > 0) {
          const descriptions = result.crucible.behavioral_findings
            .map((f) => f.description)
            .join(', ');
          lines.push(`- Findings: ${descriptions}`);
        }
      }

      // Decision recommendation
      lines.push('\n**Recommendation:**');
      if (result.confirmed_malicious) {
        lines.push('Do NOT install. This skill has been confirmed malicious.');
      } else if (result.crucible?.status === 'malicious') {
        lines.push('Do NOT install. Behavioral analysis detected malicious activity.');
      } else if (score >= 80 && result.certification) {
        lines.push(
          `Safe to install. This skill is certified (${result.certification}) ` +
            'with a strong reputation score.',
        );
      } else if (score >= 60) {
        lines.push('Likely safe, but not yet certified. Install with caution.');
      } else if (score < 40) {
        lines.push('Do NOT install. Low reputation score indicates potential risk.');
      } else {
        lines.push('Proceed with caution. Review findings before installing.');
      }

      return { content: [{ type: 'text', text: lines.join('\n') }] };
    } catch (error) {
      return { content: [{ type: 'text', text: formatError('verify', error) }], isError: true };
    }
  },
);

src/tools.ts:28-117 (handler)

Handler function that executes the skvil_verify tool logic - calls api.verify(), checks if skill is known, formats reputation scores, risk levels, certifications, malicious confirmations, and provides installation recommendations based on the verification results.

async ({ hash }) => {
  try {
    const result = await api.verify(hash);

    if (!result.known) {
      return {
        content: [
          {
            type: 'text',
            text:
              `**Unknown skill** (${hash})\n\n` +
              'This skill has never been scanned by the Skvil network.\n' +
              'It has no reputation data or certification.\n\n' +
              '**Recommendation:** Do not install without scanning first.',
          },
        ],
      };
    }

    const score = result.reputation_score ?? 0;
    const totalScans = result.total_scans ?? 0;

    const lines: string[] = [
      `**Skill verification: ${hash}**\n`,
      `- **Reputation score:** ${formatScore(score)}`,
      `- **Total community scans:** ${totalScans}`,
      `- **Risk level:** ${result.risk_summary?.last_risk_level ?? 'unknown'}`,
    ];

    if (result.certification) {
      lines.push(`- **Certification:** ${result.certification}`);
    } else {
      lines.push('- **Certification:** none');
    }

    if (result.confirmed_malicious) {
      lines.push(
        '\n**CONFIRMED MALICIOUS** — a Skvil admin has verified this skill is dangerous.',
      );
      lines.push('Do NOT install this skill.');
    }

    if (result.risk_summary) {
      const f = result.risk_summary.findings_by_severity;
      const critical = f.critical ?? 0;
      const high = f.high ?? 0;
      const medium = f.medium ?? 0;
      const low = f.low ?? 0;
      if (critical > 0 || high > 0) {
        lines.push(
          `\n**Findings:** ${critical} critical, ${high} high, ${medium} medium, ${low} low`,
        );
      }
    }

    if (result.crucible) {
      lines.push(`\n**Crucible behavioral analysis:** ${result.crucible.status}`);
      lines.push(`- Behavioral score: ${result.crucible.score}`);
      if (result.crucible.behavioral_findings.length > 0) {
        const descriptions = result.crucible.behavioral_findings
          .map((f) => f.description)
          .join(', ');
        lines.push(`- Findings: ${descriptions}`);
      }
    }

    // Decision recommendation
    lines.push('\n**Recommendation:**');
    if (result.confirmed_malicious) {
      lines.push('Do NOT install. This skill has been confirmed malicious.');
    } else if (result.crucible?.status === 'malicious') {
      lines.push('Do NOT install. Behavioral analysis detected malicious activity.');
    } else if (score >= 80 && result.certification) {
      lines.push(
        `Safe to install. This skill is certified (${result.certification}) ` +
          'with a strong reputation score.',
      );
    } else if (score >= 60) {
      lines.push('Likely safe, but not yet certified. Install with caution.');
    } else if (score < 40) {
      lines.push('Do NOT install. Low reputation score indicates potential risk.');
    } else {
      lines.push('Proceed with caution. Review findings before installing.');
    }

    return { content: [{ type: 'text', text: lines.join('\n') }] };
  } catch (error) {
    return { content: [{ type: 'text', text: formatError('verify', error) }], isError: true };
  }
},

src/tools.ts:6-11 (schema)

Input schema definition for skvil_verify - defines hashSchema using zod to validate the SHA-256 composite hash parameter (must be 'sha256:' followed by 64 hex characters).

const HASH_PATTERN = /^sha256:[a-f0-9]{64}$/;

const hashSchema = z
  .string()
  .regex(HASH_PATTERN, 'Must be "sha256:" followed by 64 hex characters')
  .describe('SHA-256 composite hash of the skill (e.g. "sha256:4a2f8b...c81e")');

src/types.ts:10-33 (schema)

Type definition for VerifyResponse - defines the structure of the API response including known status, reputation score, total scans, certification, confirmed malicious flag, risk summary with findings by severity, and crucible behavioral analysis results.

export interface VerifyResponse {
  known: boolean;
  reputation_score?: number;
  total_scans?: number;
  certification?: string | null;
  confirmed_malicious?: boolean;
  risk_summary?: {
    last_score: number;
    last_risk_level: 'safe' | 'caution' | 'danger';
    findings_by_severity: {
      critical?: number;
      high?: number;
      medium?: number;
      low?: number;
    };
  };
  crucible?: {
    status: 'clean' | 'suspicious' | 'malicious';
    score: number;
    certified: boolean;
    behavioral_findings: BehavioralFinding[];
    analyzed_at: string;
  } | null;
}

src/api.ts:124-127 (helper)
API function that makes the actual HTTP GET request to /verify/{hash} endpoint - uses the request helper with retry logic, timeout handling, and proper error handling to fetch verification data from the Skvil server.
```
/** Check if a skill is safe by its composite hash. */
export async function verify(hash: string): Promise<VerifyResponse> {
  return request<VerifyResponse>('GET', `/verify/${encodeURIComponent(hash)}`);
}
```

Tool Definition Quality

A4/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It discloses that the tool returns reputation score, risk level, certification status, and community scan data, which adds useful behavioral context. However, it lacks details on error handling, rate limits, authentication needs, or what happens if the hash is invalid, leaving gaps for a safety verification tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded, with two sentences that efficiently convey purpose, return values, and usage without any wasted words. Every sentence earns its place by adding essential information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (safety verification with one parameter) and no annotations or output schema, the description is fairly complete: it explains what the tool does, what it returns, and how to use it. However, it could improve by detailing output structure or error cases, but it adequately covers the basics for a verification tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already fully documents the single 'hash' parameter with its pattern and example. The description adds minimal value by mentioning 'SHA-256 composite hash' but does not provide additional semantics beyond what the schema specifies, such as how to obtain the hash or its significance.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with a specific verb ('Check') and resource ('AI agent skill'), specifying it evaluates safety before installation. It distinguishes from siblings by focusing on verification using a hash, unlike cataloging, certification, registration, reporting, scanning, or statistics tools.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use this tool ('to verify any skill by its SHA-256 composite hash'), implying it's for pre-installation safety checks. However, it does not explicitly state when not to use it or name alternatives among the sibling tools, such as when to use skvil_certified instead.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Skvil-IA/skvil-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server