{"name":"agentpki-mcp","version":"0.1.0","vendor":"AgentPKI","description":"AgentPKI cryptographic agent identity — mint, verify, decode, inspect.","protocol":"mcp","protocolVersion":"2024-11-05","capabilities":{"tools":{"listChanged":false}},"endpoint":"https://mcp.agentpki.dev","tools":[{"name":"agentpki_verify","description":"Verify an AgentPKI PASETO v4.public token. Returns the verifier verdict (allow/deny), failure reason if denied, and elapsed time. Use this when a user pastes a token, asks \"is this real?\", or asks you to check an agent identity.","inputSchema":{"type":"object","properties":{"token":{"type":"string","description":"A PASETO v4.public token starting with \"v4.public.\""}},"required":["token"]}},{"name":"agentpki_mint","description":"Mint a demo AgentPKI passport from demo.agentpki.dev. Useful for testing or demos. Pass revoked=true to get a token signed with a revoked kid (will fail verification).","inputSchema":{"type":"object","properties":{"scope":{"type":"string","description":"Optional capability scope, e.g. \"read:articles\""},"sub":{"type":"string","description":"Optional agent identifier (subject claim)"},"lifetime":{"type":"number","description":"Optional lifetime in seconds, 60..3600"},"revoked":{"type":"boolean","description":"If true, sign with a revoked kid (for testing deny modes)"}}}},{"name":"agentpki_decode","description":"Decode (without verifying) a PASETO token to JSON. Shows the payload claims, footer, and signature byte info. Use this when a user wants to see what a token CLAIMS without trusting it.","inputSchema":{"type":"object","properties":{"token":{"type":"string"}},"required":["token"]}},{"name":"agentpki_check_kid_status","description":"Look up an issuer's directory and report whether a given kid is currently active or revoked.","inputSchema":{"type":"object","properties":{"issuer":{"type":"string","description":"Issuer base URL, e.g. https://demo.agentpki.dev"},"kid":{"type":"string","description":"Key ID to look up"}},"required":["issuer","kid"]}},{"name":"agentpki_check_url","description":"Fetch a URL and verify any AgentPKI-Token response header it includes. Use this when a user asks \"does this site participate in AgentPKI?\" or wants to audit a site's agent-identity adoption.","inputSchema":{"type":"object","properties":{"url":{"type":"string"}},"required":["url"]}}]}