Yes, Trust Gate is free to use.

How do I install Trust Gate?

Trust Gate supports both local and remote installation. For local use, install it via the provided package manager and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

Is Trust Gate safe to use?

Trust Gate was flagged by MCP Marketplace's security scan, scoring 4.2/10 (high risk). It has 3 high or critical findings to review. Review the security report on this page carefully before installing it.

What AI apps work with Trust Gate?

Trust Gate uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Trust Gate MCP Server

by CWNApps

Developer ToolsUse Caution4.2MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

Post-quantum, tamper-evident receipts for agent actions. Ed25519 + ML-DSA-65, offline verify.

About

Post-quantum, tamper-evident receipts for agent actions. Ed25519 + ML-DSA-65, offline verify.

Remote endpoints: streamable-http: https://trust-gate-mcp.onrender.com/mcp

Security Report

4.2

Use Caution4.2High Risk

Trust Gate MCP is a well-architected cryptographic receipting server with solid security fundamentals. The codebase properly isolates certificate signing to an external, audited OpenAgentOntology primitive, implements defense-in-depth controls (bearer auth, rate limiting, CORS, key rotation checks), and has honest documentation about its limitations. Minor concerns around path traversal in OAO fallback loading and incomplete HTTP server code prevent a higher score, but permissions align well with the server's purpose. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity).

5 files analyzed · 9 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

system_info

Check that this permission is expected for this type of plugin.

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

Trust Gate MCP

Post-quantum, tamper-evident receipts for consequential agent actions, as an MCP server.

Four tools, one shared signing primitive (the open-source OpenAgentOntology mint_receipt: Ed25519 + ML-DSA-65 + SLH-DSA):

Tool	What it does
`mint_receipt_for_record_change`	Mints a post-quantum receipt for a CRM record change. Works with any CRM (open-core Relaticle, hosted CRMs via their own MCP, custom). Old/new values are SHA-256 hashes.
`audit_my_agent_inventory`	Ranks a CALLER-PROVIDED list of MCP tools by worst-regret if they act. Read-only. Cannot auto-discover other servers -- MCP protocol does not allow that.
`mint_action_receipt`	Post-quantum receipt for any consequential agent action.
`verify_receipt`	Verify a receipt from the certificate alone -- offline, no DB. Defaults to PQ-required mode.

Quantum Hardening (pol.must_do.150 reference implementation)

H1 key persistence + bootstrap with FAIL-CLOSED kid-drift check
H2 per-IP token-bucket rate limit (DoS-hardened: FIFO eviction + body cap)
H3 PQ-required verify (defeats signature-stripping downgrade attacks)
H4 128-bit kid on every minted receipt (offline same-notary check)
Optional bearer-auth toggle + narrowed CORS via TRUST_GATE_BEARER_TOKEN + TRUST_GATE_ALLOWED_ORIGINS
33/33 tests including adversarial PQ-strip + IP-rotation attack simulations

See PUBLISH.md for the full hardening status table.

Local dev (stdio)

pip install mcp "openagentontology[pq]"
python server.py

Container deploy (Smithery / any container host)

docker build -t trust-gate-mcp .
docker run -p 8081:8081 -v trust-gate-data:/data/oao trust-gate-mcp

The volume mount on /data/oao is required for production -- without it the signing key rotates per restart and breaks long-running verification chains. The persistent key_metadata.json holds the notary's kid; the bootstrap step refuses to start if it drifts.

License

Apache-2.0. Built on the open-source OpenAgentOntology primitive.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Trust Gate MCP Server

About

Security Report

Findings (9)Action required

Permissions Required

How to Install & Connect

Documentation

Trust Gate MCP

Quantum Hardening (pol.must_do.150 reference implementation)

Local dev (stdio)

Container deploy (Smithery / any container host)

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent