How do I install Veris?

Veris is a local plugin. Install it using npm package: veris-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Veris need?

Veris requires the following credentials or environment variables: BRAVE_API_KEY, SEC_USER_AGENT. You can find setup instructions on the server detail page.

What AI apps work with Veris?

Veris uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Veris MCP Server

by Jakeyoung1

Developer ToolsUse Caution4.8MCP RegistryLocal

Free

Server data from the Official MCP Registry

Provenance-first web + SEC EDGAR data for AI agents: every fact carries its verifiable source.

About

Provenance-first web + SEC EDGAR data for AI agents: every fact carries its verifiable source.

Security Report

4.8

Use Caution4.8High Risk

veris is a well-structured MCP server for web reading and SEC EDGAR access with thoughtful provenance tracking. Authentication is appropriately scoped (optional API keys for enhanced features, falls back to keyless alternatives). Code quality is solid with proper input validation, no hardcoded secrets, and safe error handling. Permissions align with purpose: network access for web/SEC APIs, file I/O for caching, and environment variable reading for optional credentials. Minor code quality observations and a lack of explicit logging/monitoring are the only low-severity findings. Supply chain analysis found 4 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.

7 files analyzed · 11 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

What You'll Need

Set these up before or after installing:

Optional Brave Search API key; falls back to keyless DuckDuckGo if unset.Required

Environment variable: BRAVE_API_KEY

SEC fair-access User-Agent ('Name email@domain') for EDGAR; a default ships.Optional

Environment variable: SEC_USER_AGENT

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-jakeyoung1-veris": {
      "env": {
        "BRAVE_API_KEY": "your-brave-api-key-here",
        "SEC_USER_AGENT": "your-sec-user-agent-here"
      },
      "args": [
        "-y",
        "veris-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

veris

· npx -y veris-mcp

Provenance-first web access for AI agents. Clean content plus verifiable source metadata, in one call.

Today an AI agent reading the web gets a wall of text. It does not get: when the page was published, whether the content changed since last time, who wrote it, the canonical source, or the license terms. veris attaches all of that to every read.

web_read("https://example.com/article")
  → clean markdown
  + { publishedAt, modifiedAt, author, canonicalUrl, contentHash, license, fetchedAt }

That metadata is not a nice-to-have. It is the foundation the rest of the AI-web economy needs: freshness, change-detection, citation, and — eventually — paying the people who wrote the content.

Why this exists

The web is being scraped by AI with no attribution and no payment. Publishers are responding by blocking bots and locking content. AI gets worse; publishers lose. The fix is a layer between agents and publishers that reads cleanly, tracks provenance, and (later) settles payment.

veris is the agent-side of that layer — the SDK every agent imports to consume the web responsibly. Think "Plaid for the AI web": you don't own the publishers, you own the integration developers reach for.

Roadmap (one codebase, three stages)

Stage	What	Status
1. Clean + provenance	search / read / research with verifiable source metadata	✅
2. Finance vertical	SEC EDGAR filings with authoritative, official provenance	✅
3. Settlement	license-aware access + micropayment + attribution	🔜 seams in `policy.ts` + `cache.ts`

The Stage 3 seams already exist in the code (policy.ts, cache.ts) so growth is additive, not a rewrite.

Tools

Web

Tool	Does
`web_search(query, n?)`	Ranked results as structured JSON. Brave (with key) or keyless DuckDuckGo.
`web_read(url, fresh?)`	URL → clean markdown + provenance block. 24h cache.
`web_research(query, n?)`	Search + read top N + bundle with per-source citations.

Finance — SEC EDGAR (free, official, no API key)

Tool	Does
`finance_filings(query, formType?, limit?)`	Ticker / name / CIK → recent SEC filings: form, official filing & report dates, accession, direct document URL.
`finance_filing_read(url or query, formType?)`	Read a filing by URL, or auto-read the latest matching form for a company. Clean text + provenance.

Why EDGAR first? Filings carry authoritative dates and identifiers straight from the SEC — provenance isn't guessed, it's official. Free, structured, no auth. One call gets an agent the latest 10-K with a verifiable source:
finance_filing_read({ query: "NVDA", formType: "10-K" })
  → NVIDIA CORP — 10-K (filed 2026-02-25)
    clean text + { source, filed date, contentHash, wordCount }

Install

npx -y veris-mcp        # zero-install, always latest

Or from source:

git clone https://github.com/jakeyoung1/veris && cd veris
npm install && npm run build

Optional env:

export BRAVE_API_KEY=your_key                      # better search; https://search.brave.com/app/keys
export SEC_USER_AGENT="Your Name you@email.com"    # SEC fair-access policy (recommended)

Without a Brave key, search falls back to keyless DuckDuckGo automatically. SEC requires a Name email@domain style User-Agent — veris ships a default, but set your own contact.

Use in Claude Code

Add to your MCP config (.mcp.json):

{
  "mcpServers": {
    "veris": {
      "command": "npx",
      "args": ["-y", "veris-mcp"],
      "env": { "BRAVE_API_KEY": "optional", "SEC_USER_AGENT": "Your Name you@email.com" }
    }
  }
}

Restart Claude Code, then ask it to web_research something.

Design notes

Provenance from raw HTML. We fetch the page ourselves and pull dates/author/canonical from <meta>, JSON-LD, and Open Graph before readability strips them.
Content hash. sha256 of extracted text — detects whether a page changed and enables dedupe across agents (the basis for a shared web index).
Provider interface. Swap search backends without touching tool code.
Cache → ledger. The same keyed store that caches reads today records read events for settlement tomorrow.

License

MIT

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Veris MCP Server

About

Security Report

Findings (11)Action required

Permissions Required

What You'll Need

How to Install

Documentation

veris

Why this exists

Roadmap (one codebase, three stages)

Tools

Install

Use in Claude Code

Design notes

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent