Ed25519-signed MCP tool manifests + spawn attestation. Layer-2 supply-chain hardening.
Part of the StudioMeyer MCP Stack — Built in Mallorca 🌴 · ⭐ if you use it Layer-2 supply-chain hardening for Model Context Protocol servers. Ed25519-signed tool manifests, runtime spawn-attestation, default-deny argument sanitizer. OX Security marketplace-poisoning, April 2026 — 9 of 11 MCP registries accepted malicious servers. Anthropic's published position: "expected behavior". CVE-2025-69256…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Part of the StudioMeyer MCP Stack — Built in Mallorca 🌴 · ⭐ if you use it Layer-2 supply-chain hardening for Model Context Protocol servers. Ed25519-signed tool manifests, runtime spawn-attestation, default-deny argument sanitizer. OX Security marketplace-poisoning, April 2026 — 9 of 11 MCP registries accepted malicious servers. Anthropic's published position: "expected behavior". CVE-2025-69256 — Serverless Framework MCP RCE via command injection. CVE-2025-61591 — Cursor MCP RCE through…