Credential enforcement middleware for MCP servers — verifies scoped tokens on every tool call
Attest credential enforcement middleware for Model Context Protocol servers. Two lines to protect every tool call on an existing MCP server. ships both the core client and the MCP middleware as a single package with two entry points. patches in place and returns the same server object typed as the original. Everything else — , , transports — works unchanged. On every tool call, before the handler…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Attest credential enforcement middleware for Model Context Protocol servers. Two lines to protect every tool call on an existing MCP server. ships both the core client and the MCP middleware as a single package with two entry points. patches in place and returns the same server object typed as the original. Everything else — , , transports — works unchanged. On every tool call, before the handler executes: 1. Extract credential from (MCP auth middleware path), , or 2. Verify RS256 signature +…