Behavioral trust scanner for MCP servers and AI agents
Project description
trustpact
Behavioral trust scanner for MCP servers and AI agents.
Install
pip install trustpact
Usage
# Scan a server from the Smithery registry
trustpact scan "slack"
# Scan a local server spec (JSON)
trustpact scan server.json
# JSON output for CI/CD integration
trustpact scan server.json --json
# Show AEGIS scoring methodology
trustpact info
What It Does
TrustPact scans MCP server tool definitions for manipulation patterns and calculates a behavioral trust score using the AEGIS 5-dimensional model:
- Trust Signals (35%) — metadata, documentation, authentication
- Manipulation Risk (25%) — hidden instructions, poisoning patterns
- Protection Level (15%) — auth, scope, licensing
- Vulnerability Index (15%) — critical exposure surface
- Context Modifier (10%) — runtime context signals
Attack Classes Detected
| Class | Description |
|---|---|
| SIREN | Hidden instruction injection |
| PHANTOM | Identity spoofing |
| HYDRA | Coordinated Sybil attacks |
| MIRAGE | Capability misrepresentation |
| LEECH | Data/credential exfiltration |
| CHIMERA | Code injection, safety bypass |
Trust Tiers
| Tier | Score | Meaning |
|---|---|---|
| SOVEREIGN | 95+ | Highest trust |
| SENTINEL | 85+ | Proven track record |
| MASTER | 65+ | Reliable |
| ADEPT | 40+ | Limited history |
| FELLOW | 0+ | New or unverified |
License
Proprietary — ARQON GmbH (i.G.)
Links
- trustpact.ai
- Patent Provisional 63/928,604
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
trustpact-0.1.0.tar.gz
(10.9 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
trustpact-0.1.0-py3-none-any.whl
(12.4 kB
view details)
File details
Details for the file trustpact-0.1.0.tar.gz.
File metadata
- Download URL: trustpact-0.1.0.tar.gz
- Upload date:
- Size: 10.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c24f9fbfe409e55330eac1419651e801990cdf1c15d17b3e94256b4822ed1025
|
|
| MD5 |
2f71f756738bb0aba34310af77c61f0c
|
|
| BLAKE2b-256 |
0b3cba246ca49710f032e67c7912800884ce06dbdb3adae1c9def8b86b416d3f
|
File details
Details for the file trustpact-0.1.0-py3-none-any.whl.
File metadata
- Download URL: trustpact-0.1.0-py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b05729228a32d8f556fc5e34c94b2f6d0669afa71ef35aa3efdd5256b4e161d9
|
|
| MD5 |
600b0fec084780877d2ec2946e512bf5
|
|
| BLAKE2b-256 |
22e89f65851bd194c788d0c7a2a2fcb23947e82c9e2a84657b96e3cdfbae3497
|
