Firmware Attestation Mcp

STDIOregistry active

Summary

This connects Claude to host firmware security checks that run below the OS level. You get five tools: scan_firmware reads BIOS, UEFI, TPM, and Secure Boot state; check_ant_signatures looks for NSA-ANT-class persistence preconditions; attest_firmware generates an HMAC-signed report verifiable at proofof.ai; gate_inference blocks or allows AI operations based on trust state; and list_threat_model shows what attack surface you're defending against. The design philosophy is honest indicator reporting rather than binary clean/compromised verdicts. Reach for this when you need hardware trust attestation before allowing inference on a machine, especially in sovereign AI or high-assurance deployments where firmware-level persistence is part of your threat model.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

Put your SEO on autopilot

An agent that runs the SEO playbooks that move rankings and ships PRs you control.

Get founding access →

Vibe Prospecting MCP

Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.

Try For Free →

Registryactive

Packagefirmware-attestation-mcp

TransportSTDIO

UpdatedJun 10, 2026

View on GitHub

Tools

Tool

What

scan_firmware

read-only host evidence (Secure Boot, TPM, SIP, BIOS, HPA)

check_ant_signatures

match to NSA-ANT-class persistence preconditions + defenses

attest_firmware

HMAC-signed attestation, verifiable at proofof.ai/api/verify

gate_inference

ALLOW/BLOCK AI on this host (strict by default)

list_threat_model

the attack surface this defends against

Configuration

Add to your claude_desktop_config.json (Claude Desktop) or your MCP client config:

{ "mcpServers": { "firmware-attestation-mcp": { "command": "uvx", "args": ["firmware-attestation-mcp"] } } }

Or: pip install firmware-attestation-mcp then run the firmware-attestation-mcp command (stdio transport).

Examples

Once configured, ask your assistant, for example:

"Use scan_firmware to …"

"Use check_ant_signatures to …"

"Use attest_firmware to …"

Part of the MEOK constellation

This MCP is one node in a connected ecosystem built by MEOK AI LABS around a single sovereign AI core — governed agents with a hash-chained audit trail, mapped to the CSOAI compliance charter.

Firmware Attestation MCP

Hardware trust layer for sovereign AI. Persistence implants live below the OS (BIOS/UEFI, SMM, network boot ROMs, HDD HPA) and survive OS reinstalls and disk wipes. This MCP attests a host's firmware trust state and gates inference on a verified result.

Tools

Tool	What
`scan_firmware`	read-only host evidence (Secure Boot, TPM, SIP, BIOS, HPA)
`check_ant_signatures`	match to NSA-ANT-class persistence preconditions + defenses
`attest_firmware`	HMAC-signed attestation, verifiable at `proofof.ai/api/verify`
`gate_inference`	ALLOW/BLOCK AI on this host (strict by default)
`list_threat_model`	the attack surface this defends against

Honest by design

Reports indicators (preconditions implants rely on), never "clean". A BLOCK means "lacks confirmed trust anchors," not "hacked." Harden per the listed defenses, then re-gate.

pip install firmware-attestation-mcp

Configuration

Add to your claude_desktop_config.json (Claude Desktop) or your MCP client config:

{
  "mcpServers": {
    "firmware-attestation-mcp": {
      "command": "uvx",
      "args": ["firmware-attestation-mcp"]
    }
  }
}

Or: pip install firmware-attestation-mcp then run the firmware-attestation-mcp command (stdio transport).

Examples

Once configured, ask your assistant, for example:

"Use scan_firmware to …"
"Use check_ant_signatures to …"
"Use attest_firmware to …"

Part of the MEOK constellation

This MCP is one node in a connected ecosystem built by MEOK AI LABS around a single sovereign AI core — governed agents with a hash-chained audit trail, mapped to the CSOAI compliance charter.

🌐 The whole map: https://meok.ai/constellation
🛡️ AI governance & certification: https://councilof.ai · https://csoai.org
✅ Verify any signed report: https://meok.ai/verify