hallumark
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@hallumarkscan my project for hallucination issues and output as JSON"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
HALLUMARK
LLM hallucination & grounding auditor for RAG systems
AI Security & Governance โ securing LLMs, agents, and the MCP supply chain.
pip install cognis-hallumark
hallumark scan . # โ prioritized findings in seconds๐ Example output
Real, reproducible output from the tool โ runs offline:
$ hallumark-emit --version
hallumark 0.1.0$ hallumark-emit --help
usage: hallumark [-h] [--version] <command> ...
HALLUMARK - audit LLM/RAG answers for hallucinations by checking whether each
claim is grounded in the retrieved context.
positional arguments:
<command>
audit Audit a file of RAG records for ungrounded / hallucinated
claims.
options:
-h, --help show this help message and exit
--version show program's version number and exit
Input is JSON or JSONL where each record has: question, answer, and contexts
(a list of retrieved chunks). Returns non-zero exit when unsupported claims
are found.Blocks above are real
hallumarkoutput โ reproduce them from a clone.
Sample result format (illustrative values โ run on your own data for real findings):
{
"feed": {
"type": "STIX",
"value": "{\"indicator\":{\"id\":\"1234567890\",\"name\":\"Example Indicator\"},\"observed-data\":[{\"id\":\"1\",\"timestamp\":1643723400,\"data\":\"example data\"}]}"
},
"status": 200,
"message": "Findings successfully forwarded to STIX platform"
}
{"indicator":{"id":"1234567890","name":"Example Indicator"},"observed-data":[{"id":"1","timestamp":1643723400,"data":"example data"}]}Related MCP server: hivelaw
Usage โ step by step
Install:
pip install hallumarkAudit RAG records โ each record is JSON/JSONL with
question,answer, andcontexts(the retrieved chunks). HALLUMARK checks whether each claim is grounded:hallumark audit records.jsonlYou get per-record PASS/FAIL plus faithfulness, context-utilization, and answer-relevance scores.
Read from stdin with
-:cat records.jsonl | hallumark audit -Tune the strictness โ per-claim support threshold and the minimum record faithfulness to PASS:
hallumark audit records.json --threshold 0.35 --min-faithfulness 0.9 --show-groundedCI gate โ emit JSON and rely on the exit code (1 when unsupported/hallucinated claims are found):
hallumark audit records.jsonl --format json | jq '.total_unsupported'
Contents
Why hallumark? ยท Features ยท Quick start ยท Example ยท Architecture ยท AI stack ยท How it compares ยท Integrations ยท Install anywhere ยท Related ยท Contributing
Why hallumark?
LLM hallucination & grounding auditor for RAG systems โ without standing up heavyweight infrastructure.
hallumark is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table ยท JSON ยท SARIF), gate CI on it, and let agents drive it over MCP.
Features
โ Split Claims
โ Audit Record
โ Audit Records
โ Load Records
โ Parse Records
โ Runs on Linux/macOS/Windows ยท Docker ยท devcontainer
โ Ports in Python, JavaScript, Go, and Rust (
ports/)
Quick start
pip install cognis-hallumark
hallumark --version
hallumark scan . # scan current project
hallumark scan . --format json # machine-readable
hallumark scan . --fail-on high # CI gate (non-zero exit)Example
$ hallumark scan .
[HIGH ] HAL-001 example finding (./src/app.py)
[MEDIUM ] HAL-002 another signal (./config.yaml)
2 findings ยท risk score 5 ยท 38msArchitecture
flowchart LR
IN[target / manifest] --> P[hallumark<br/>checks + rules]
P --> OUT[findings (JSON / SARIF)]Use it from any AI stack
hallumark is interoperable with every popular way of using AI:
MCP server โ
hallumark mcp(Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet)OpenAI-compatible / JSON โ pipe
hallumark scan . --format jsoninto any agent or LLMLangChain ยท CrewAI ยท AutoGen ยท LlamaIndex โ wrap the CLI/JSON as a tool in one line
CI / scripts โ exit codes + SARIF for non-AI pipelines
How it compares
Cognis hallumark | explodinggradients | |
Self-hostable, no account | โ | varies |
Single command, zero config | โ | โ ๏ธ |
JSON + SARIF for CI | โ | varies |
MCP-native (AI agents) | โ | โ |
Polyglot ports (JS/Go/Rust) | โ | โ |
Open license | โ COCL | varies |
Built in the spirit of explodinggradients/ragas, re-framed the Cognis way. Missing a credit? Open a PR.
Integrations
Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (hallumark mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.
Install โ every way, every platform
pip install "git+https://github.com/cognis-digital/hallumark.git" # pip (works today)
pipx install "git+https://github.com/cognis-digital/hallumark.git" # isolated CLI
uv tool install "git+https://github.com/cognis-digital/hallumark.git" # uv
pip install cognis-hallumark # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/hallumark:latest --help # Docker
brew install cognis-digital/tap/hallumark # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/hallumark/main/install.sh | shLinux | macOS | Windows | Docker | Cloud |
|
|
|
| DEPLOY.md (AWS/Azure/GCP/k8s) |
Related Cognis tools
aegisโ AI Agent Permission & Access Auditor โ surfaces the lethal trifecta of credentials + injection + reachpromptmirrorโ Prompt-injection & indirect-injection scanner for any LLM context inputledgermindโ Local LLM cost & token forensics proxy with anomaly detectionadversaโ LLM red-team harness โ OWASP LLM Top 10 + MITRE ATLAS attack packsguardpostโ Runtime agent firewall โ PII redaction, rate limits, policy enforcementaicardโ Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards
Explore the suite โ ๐๏ธ all 170+ tools ยท โญ awesome-cognis ยท ๐ cognis-sources ยท ๐ค uncensored-fleet ยท ๐ง engram
Contributing
PRs, new rules, and demo scenarios are welcome under the collaboration-pull model โ see CONTRIBUTING.md and SECURITY.md.
โญ If
hallumarksaved you time, star it โ it genuinely helps others find it.
Interoperability
{} composes with the 300+ tool Cognis suite โ JSON in/out and a shared
OpenAI-compatible /v1 backbone. See INTEROP.md for the
suite map, composition patterns, and reference stacks.
License
Source-available under the Cognis Open Collaboration License (COCL) v1.0 โ free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license (licensing@cognis.digital). See LICENSE.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/cognis-digital/hallumark'
If you have feedback or need assistance with the MCP directory API, please join our Discord server