Skip to content

cmcp-runtime 0.2.0

Choose a tag to compare

@imran-siddique imran-siddique released this 12 Jun 17:13
572ba84

First release containing the complete runtime pipeline.

Highlights

  • Bearer-token auth wired into the live server (AUTH-001)
  • Upstream MCP forwarding: AGT pre-call interception, JSON-RPC forward to the attested catalog server, response size guard, injection/credential/PII response scanning
  • Durable SQLite audit store (WAL, synchronous) with TEE-anchored hash chains and orphaned-session detection
  • POST /sessions/{id}/close issues the signed TRACE Trust Record and rotates the session
  • Cedar @annotation metadata returned as structured advice on denies (HITL payloads)
  • cmcp verify: one-command verification of claims and signed audit bundles, tamper-evident
  • Fail-closed hardware verifiers (TPM, SEV-SNP, TDX, Opaque): no evidence, no verification
  • Dev-mode records carry platform software-only, never tpm2 (requires agentrust-trace >= 0.1.1)
  • Silent mode contract: operational logs quiet, audit evidence always recorded

Install: pip install cmcp-runtime