io.github.cdrn/sigil

MCPcommunity
v0.0.6io.github.cdrnUnknownUpdated 1mo agonpmGitHub

Local keystore + MCP server. Claude can sign EVM transactions but never sees the private key.

Claude can sign, but never see. is a local signing tool and Claude Code integration that lets agentic coding tools use private keys without ever putting key material in the model's context window. Status: pre-alpha. The MCP server, CLI, unlock flow, ward hooks, and policy engine (static checks) all work end-to-end. Out-of-band confirmation, rolling-window value caps, and EIP-712 domain allowlists…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
1mo agoLast update
Package
Authorio.github.cdrn
LicenseUnknown
Version0.0.6
Sourcemcp-registry
Trust Status
A
95/100Trusted
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · clean+30/30
Static analysis · clean+20/20
npm provenance (Sigstore)+5/5
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance✓ Sigstore-verified · 01737ed
Dependencies5 resolved · none vulnerable
Tool surface4 tools · none privileged
Security scan✓ Cleanv0.0.8 · 20d ago
PROMPTdescriptionImperative addressed to the AI model
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

Claude can sign, but never see. is a local signing tool and Claude Code integration that lets agentic coding tools use private keys without ever putting key material in the model's context window. Status: pre-alpha. The MCP server, CLI, unlock flow, ward hooks, and policy engine (static checks) all work end-to-end. Out-of-band confirmation, rolling-window value caps, and EIP-712 domain allowlists are not yet implemented. Until they land — and until the supply-chain attestations promised for…

Keywords
mcp