MCP.so
Sign In
S

SWT3 AI Witness

@tenova-labs

About SWT3 AI Witness

Cryptographic AI governance and audit. 18 tools, 28 frameworks. EU AI Act, NIST AI RMF, OWASP Agentic Top 10, CMMC, SR 11-7, ISO 42001. Tool policy gates, trust mesh, inference attestation, audit sessions. Zero-config demo mode.

Basic information

Category

Other

Transports

stdio

Publisher

tenova-labs

Submitted by

alvintondereau-source

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "swt3-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@tenova/swt3-mcp"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is SWT3 AI Witness?

SWT3 AI Witness is an MCP server that provides cryptographic accountability for every AI inference, tool call, and resource access. It hashes prompts and responses locally, records them as Merkle-accumulated anchors, and enables independent verification without exposing any data. It is built for developers and compliance teams who need to prove their AI followed rules—especially under regulations like the EU AI Act.

How to use SWT3 AI Witness?

Install the MCP server via npm (@tenova/swt3-mcp) and add it to your MCP host’s configuration with the command npx @tenova/swt3-mcp. This enables zero-config compliance governance for Claude Code, Cursor, Windsurf, and any MCP-compatible host. Alternatively, use the Python SDK (pip install swt3-ai) to wrap any OpenAI‑compatible client or tool functions and begin witnessing in three lines of code.

Key features of SWT3 AI Witness

  • Witnesses every AI inference, tool call, and resource access
  • Hashes all prompts/responses locally; raw text never leaves your infrastructure
  • Detects instruction drift by hashing system prompts automatically
  • Witnesses RAG context retrieval and relevance (AI‑RAG.1 and AI‑RAG.2)
  • Verifies model weight integrity and adapter stacks
  • Supports TPM platform attestation for hardware root of trust
  • Offline verification of any anchor without network calls
  • Trust Mesh for secure agent‑to‑agent cryptographic verification

Use cases of SWT3 AI Witness

  • Generate audit‑ready evidence for EU AI Act compliance (e.g., Art. 12 logging)
  • Prove that an AI agent only accessed allowed resources within its declared scope
  • Maintain a tamper‑proof chain of custody for model weights and quantization
  • Enable mutual trust between AI agents from different organizations via the Trust Mesh
  • Demonstrate host firmware integrity in sovereign/air‑gapped deployments

FAQ from SWT3 AI Witness

What data does SWT3 AI Witness transmit to the endpoint?

Only cryptographic fingerprints (SHA‑256 hashes) and numeric factors (e.g., model version, latency, token count, guardrail status). The actual prompts, responses, and RAG chunk text never leave your machine.

What are the runtime requirements for the MCP server?

The MCP server runs via Node.js using npx. For the Python SDK, Python 3.8+ is required. Offline verification works without any network calls or vendor dependency.

Can SWT3 AI Witness verify anchors without an internet connection?

Yes. The fingerprint formula is deterministic and identical across all six SDK languages. You can recompute and verify any anchor locally, even air‑gapped, using the verify_anchor function.

Does it work with any AI provider or programming language?

The SDK wraps any OpenAI‑compatible client, and the MCP server works with any MCP‑compatible host. The core SDK is available in Python, TypeScript, Rust, C#, and Ruby.

How does the Trust Mesh secure agent‑to‑agent communication?

Both agents install the SDK and exchange cryptographic credentials. Trust is verified locally before any data is shared. Unsigned agents are capped at TRUST_BASIC; signing keys enable verified trust, and hardware attestation enables sovereign trust.

Comments

More Other MCP servers