{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"npm_npm-treeshipmcp","slug":"npm-treeshipmcp","name":"@treeship/mcp","type":"mcp","url":"https://www.npmjs.com/package/@treeship/mcp","page_url":"https://unfragile.ai/npm-treeshipmcp","categories":["mcp-servers"],"tags":["treeship","mcp","attestation","agents","tool-calls"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"npm_npm-treeshipmcp__cap_0","uri":"capability://tool.use.integration.mcp.tool.call.attestation.and.verification","name":"mcp tool call attestation and verification","description":"Intercepts and cryptographically attests MCP (Model Context Protocol) tool invocations by wrapping the tool-calling interface, capturing execution metadata (tool name, arguments, timestamp, caller identity), and generating verifiable attestation proofs that can be validated downstream. Uses a middleware pattern to inject attestation logic into the MCP tool registry without modifying underlying tool implementations.","intents":["I need to prove that an AI agent actually called a specific tool with specific arguments at a specific time","I want to create an auditable trail of tool invocations for compliance or debugging purposes","I need to prevent tool call spoofing or tampering in multi-agent or untrusted environments","I want to attach cryptographic proof to tool calls so downstream systems can verify their authenticity"],"best_for":["teams building AI agents with compliance requirements (finance, healthcare, legal)","developers implementing multi-agent systems with untrusted participants","builders needing audit trails for tool execution in production LLM applications","organizations requiring non-repudiation of AI-driven decisions"],"limitations":["Attestation adds latency to each tool call (exact overhead unknown from package metadata)","Requires MCP-compatible tool registry — cannot attest non-MCP tool calls","No built-in persistence layer — attestation proofs must be stored externally","Verification logic must be implemented by consumer — package provides attestation generation only","No standardized attestation format specified in public documentation — implementation details opaque"],"requires":["Node.js 16+ (typical for npm packages)","MCP-compatible framework or runtime (Claude SDK, LangChain MCP integration, or custom MCP server)","Cryptographic library support (Node.js crypto module or compatible alternative)"],"input_types":["MCP tool schema definitions","tool invocation parameters (any JSON-serializable type)","caller/agent identity context"],"output_types":["attestation proof object (structure unknown)","metadata envelope wrapping tool call results","verifiable signature or token"],"categories":["tool-use-integration","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-treeshipmcp__cap_1","uri":"capability://tool.use.integration.mcp.tool.registry.wrapping.with.attestation.injection","name":"mcp tool registry wrapping with attestation injection","description":"Wraps the MCP tool registry (the central registry where tools are registered and discovered) to transparently inject attestation logic into tool definitions and execution paths. When a tool is registered or invoked through the wrapped registry, the wrapper automatically captures metadata, generates attestation proofs, and returns wrapped results with attestation attached, without requiring modifications to tool implementations or caller code.","intents":["I want to add attestation to all tools in my MCP server without modifying each tool individually","I need a transparent way to intercept tool calls at the registry level for auditing","I want to ensure every tool invocation is attested before it executes or after it completes"],"best_for":["MCP server operators deploying multiple tools and needing uniform attestation","developers building MCP-based agent frameworks with built-in compliance","teams standardizing on attestation across heterogeneous tool ecosystems"],"limitations":["Registry wrapping may introduce performance overhead proportional to tool count","Incompatible with tools that bypass the registry or use direct function references","Attestation metadata captured at registry level may not include tool-internal state or side effects","No support for dynamic tool registration after wrapper initialization (likely)"],"requires":["MCP-compatible tool registry interface","Access to tool registry initialization code","Node.js environment with ES6 Proxy or equivalent metaprogramming support"],"input_types":["MCP tool definitions (schema + handler functions)","tool invocation requests with parameters"],"output_types":["wrapped tool definitions with attestation hooks","tool results with attestation metadata attached"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-treeshipmcp__cap_2","uri":"capability://safety.moderation.cryptographic.proof.generation.for.tool.invocations","name":"cryptographic proof generation for tool invocations","description":"Generates cryptographic proofs (signatures, tokens, or hashes) that bind tool invocation metadata (tool name, arguments, timestamp, caller identity, execution result) into a verifiable artifact. The proof generation likely uses HMAC, digital signatures, or similar schemes to create tamper-evident records that can be validated by external systems without access to the original tool execution context.","intents":["I need to create a tamper-proof record that proves a tool was called with specific arguments","I want to generate a signature that can be verified by a third party without re-executing the tool","I need to bind tool call metadata into a single verifiable artifact for audit purposes"],"best_for":["compliance-heavy environments requiring non-repudiation of tool calls","multi-party systems where tool calls must be verified by untrusted parties","audit scenarios requiring cryptographic proof of execution"],"limitations":["Proof generation adds computational overhead (signature/HMAC cost per call)","Proof format and algorithm not documented in public package metadata","No key rotation or management strategy specified","Verification requires access to the same cryptographic key or public key infrastructure"],"requires":["Node.js crypto module or compatible cryptographic library","Shared secret or key pair for proof generation and verification","Deterministic serialization of tool metadata (JSON or similar)"],"input_types":["tool name (string)","tool arguments (JSON-serializable object)","execution timestamp (ISO 8601 or Unix timestamp)","caller/agent identity (string or object)","execution result (any JSON-serializable type)"],"output_types":["cryptographic signature (hex or base64 string)","HMAC token (hex or base64 string)","proof object with signature + metadata"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-treeshipmcp__cap_3","uri":"capability://data.processing.analysis.tool.invocation.metadata.capture.and.serialization","name":"tool invocation metadata capture and serialization","description":"Automatically captures structured metadata about each tool invocation (tool name, arguments, caller identity, timestamp, execution duration, result status) and serializes it into a canonical format suitable for attestation and audit logging. Uses introspection of the MCP tool call context to extract metadata without requiring explicit instrumentation of tool code.","intents":["I want to automatically capture all relevant context about a tool call without modifying the tool","I need structured metadata about tool invocations for audit logging and compliance reporting","I want to serialize tool call context in a canonical format for downstream processing"],"best_for":["audit and compliance teams needing structured tool call records","developers building observability/monitoring on top of MCP","organizations standardizing on tool call metadata formats"],"limitations":["Metadata capture may miss tool-internal state or side effects not visible at MCP boundary","Serialization format not documented — may not be compatible with external audit systems","Caller identity capture depends on MCP context availability — may be incomplete in some scenarios","No filtering or redaction of sensitive arguments — all metadata is captured as-is"],"requires":["MCP tool invocation context with accessible metadata fields","Timestamp source (system clock or provided)","Caller identity context (from MCP request or agent framework)"],"input_types":["MCP tool invocation context object","tool execution result"],"output_types":["structured metadata object (JSON)","serialized metadata string (JSON or similar)","metadata envelope with timestamp, caller, tool name, args, result"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-treeshipmcp__cap_4","uri":"capability://safety.moderation.attestation.proof.validation.and.verification","name":"attestation proof validation and verification","description":"Provides mechanisms to validate and verify cryptographic attestation proofs generated by tool invocations, checking that proofs are well-formed, signatures are valid, and metadata has not been tampered with. Verification logic likely uses the same cryptographic keys/algorithms used for proof generation to reconstruct and validate the proof against captured metadata.","intents":["I need to verify that a tool call attestation proof is valid and has not been tampered with","I want to validate that a tool invocation actually occurred with the claimed metadata","I need to check attestation proofs in a downstream system without access to the original tool execution"],"best_for":["audit systems validating tool call proofs","compliance checkers verifying attestation chains","downstream systems receiving tool call attestations and needing to verify them"],"limitations":["Verification requires access to the same cryptographic key used for proof generation","No built-in key distribution or management — keys must be managed externally","Verification logic may not be exposed as a public API (unknown from package metadata)","No support for proof expiration or time-based validation (likely)"],"requires":["Cryptographic key (shared secret or public key) matching the proof generation key","Attestation proof object or serialized proof string","Original tool metadata for comparison (or reconstructed from proof)"],"input_types":["attestation proof object or string","tool metadata for comparison","cryptographic key for verification"],"output_types":["boolean validation result (true/false)","validation result object with details (valid, reason, metadata)","error or exception on invalid proof"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-treeshipmcp__cap_5","uri":"capability://tool.use.integration.agent.identity.and.caller.context.tracking","name":"agent identity and caller context tracking","description":"Captures and tracks the identity of the agent, user, or system that initiated a tool call, associating this caller context with each attestation. Integrates with MCP request context to extract caller information and binds it into the attestation proof, enabling traceability of which agent/user triggered which tool invocation.","intents":["I need to know which agent or user triggered a specific tool call for accountability","I want to bind caller identity to attestation proofs for non-repudiation","I need to track tool invocations by agent/user for audit and compliance reporting"],"best_for":["multi-agent systems needing accountability for tool calls","compliance scenarios requiring user/agent attribution","audit trails that must identify who initiated each tool call"],"limitations":["Caller identity capture depends on MCP context — may be unavailable or incomplete in some scenarios","No built-in identity verification — assumes caller context is trustworthy","Identity format not standardized — may vary across different MCP implementations","No support for delegated or impersonated calls (likely)"],"requires":["MCP request context with caller identity information","Agent or user identity source (from MCP headers, JWT, or similar)"],"input_types":["MCP request context object","caller identity string or object"],"output_types":["caller identity string or object","caller context bound into attestation metadata"],"categories":["tool-use-integration","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":28,"verified":false,"data_access_risk":"high","permissions":["Node.js 16+ (typical for npm packages)","MCP-compatible framework or runtime (Claude SDK, LangChain MCP integration, or custom MCP server)","Cryptographic library support (Node.js crypto module or compatible alternative)","MCP-compatible tool registry interface","Access to tool registry initialization code","Node.js environment with ES6 Proxy or equivalent metaprogramming support","Node.js crypto module or compatible cryptographic library","Shared secret or key pair for proof generation and verification","Deterministic serialization of tool metadata (JSON or similar)","MCP tool invocation context with accessible metadata fields"],"failure_modes":["Attestation adds latency to each tool call (exact overhead unknown from package metadata)","Requires MCP-compatible tool registry — cannot attest non-MCP tool calls","No built-in persistence layer — attestation proofs must be stored externally","Verification logic must be implemented by consumer — package provides attestation generation only","No standardized attestation format specified in public documentation — implementation details opaque","Registry wrapping may introduce performance overhead proportional to tool count","Incompatible with tools that bypass the registry or use direct function references","Attestation metadata captured at registry level may not include tool-internal state or side effects","No support for dynamic tool registration after wrapper initialization (likely)","Proof generation adds computational overhead (signature/HMAC cost per call)","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.22,"ecosystem":0.45,"match_graph":0.25,"freshness":0.75,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:24.483Z","last_scraped_at":"2026-05-03T14:23:56.757Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=npm-treeshipmcp","compare_url":"https://unfragile.ai/compare?artifact=npm-treeshipmcp"}},"signature":"CyHdEz4LfIaVYhPmVbtfSa0rOaI7A2ZBCv3pe2hbWMdkkwwSo+xZddKx0n6qP4t9SH098kLjeyVpNB8xr5abCA==","signedAt":"2026-06-22T19:04:00.317Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/npm-treeshipmcp","artifact":"https://unfragile.ai/npm-treeshipmcp","verify":"https://unfragile.ai/api/v1/verify?slug=npm-treeshipmcp","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}