SchemaPin 🧷
@ThirdKeyAI
About SchemaPin 🧷
The SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.
Basic information
Config
No standard config provided
This server doesn't expose a parseable MCP config block in its README. See the repository for install instructions.
RepositoryTools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is SchemaPin?
SchemaPin is a cryptographic tool for schema verification designed for AI agents and MCP servers. It uses ECDSA P-256 signatures, DNS-anchored trust, and Trust-On-First-Use (TOFU) key pinning to prevent "MCP Rug Pull" attacks. It is intended for tool developers who want to sign their schemas and skill folders, and for AI agents that need to verify schemas have not been tampered with.
How to use SchemaPin?
Install the library in your preferred language: pip install schemapin (Python), npm install schemapin (JavaScript), go install github.com/ThirdKeyAi/schemapin/go/cmd/...@latest (Go), or add schemapin = "1.3.0" to your Cargo.toml (Rust). Then generate a keypair, sign a schema using SchemaSigningWorkflow, and verify it with SchemaVerificationWorkflow.
Key features of SchemaPin
- ECDSA P-256 + SHA-256 cryptographic signatures
.well-knowndiscovery for public keys (RFC 8615)- TOFU key pinning to prevent key substitution attacks
- Key revocation with standalone signed revocation documents
- Trust bundles for offline and air-gapped verification
- Pluggable resolvers (
.well-known, local file, trust bundle, chain) - Skill folder signing for AgentSkills (SKILL.md + file manifests)
- Cross-language implementations (Python, JavaScript, Go, Rust)
Use cases of SchemaPin
- Tool developers sign their schemas to attest authenticity.
- AI agents verify that downloaded schemas have not been tampered with.
- Prevent "MCP Rug Pull" attacks where a malicious provider substitutes a dangerous schema.
- Offline verification of schemas using pre-validated trust bundles.
- Signing and verifying AgentSkills skill folders for secure skill distribution.
FAQ from SchemaPin
What cryptographic algorithm does SchemaPin use?
SchemaPin uses ECDSA P-256 with SHA-256 for signing and verification.
How are public keys discovered?
Public keys are discoverable via .well-known/schemapin.json on the provider's domain, following RFC 8615.
Does SchemaPin support offline verification?
Yes, via trust bundles that allow verification without network access.
What is TOFU key pinning?
TOFU (Trust On First Use) pinning records the public key seen on first interaction and warns or blocks if a different key is presented later, preventing key substitution attacks.
Are there any alpha features in the current release?
v1.4.0-alpha.2 adds three optional features: signature expiration (expires_at) with degraded-not-failed verification, DNS TXT cross-verification at _schemapin.{domain}, and schema version binding (schema_version + previous_hash) for opt-in lineage chain enforcement.
More Other MCP servers
Awesome Mlops
visengerA curated list of references for MLOps
Activepieces
activepiecesAI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
Blender
ahujasidOpen-source MCP to use Blender with any LLM
ICSS
chokcoco不止于 CSS
IDA Pro MCP
mrexodiaAI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Comments