This is middleware that sits in front of your MCP server and checks short-lived tokens on every tool call. It's part of the Attest project, which issues scoped credentials to agents, gates risky mutations through policy or approval workflows, and logs signed receipts. The standalone MCP server exposes tools like issue_credential, delegate_credential, list_tasks, and get_audit_trail. The middleware package lets you wrap your own MCP endpoints so agents must present valid grants before executing actions like refunds or sending email. Scopes use resource:action syntax (gmail:send, *:read). Useful when you want cryptographic proof of what an agent did and want to enforce that a support bot can't escalate from read-only research to writing production data without an explicit grant.
claude mcp add --transport stdio io.github.chudah1-attest-mcp uvx attest-mcp