Skip to content

linus131313/mcp-governance-kit

BranchesTags

Repository files navigation

mcp-governance-kit

Runtime capability-state attestation for Model Context Protocol agents. Companion implementation to The MCP Governance Gap (Teklenburg, 2026).

CI PyPI Python License: Apache 2.0

Why this exists

Every enterprise governance framework in use today — ISO/IEC 42001:2023, NIST AI RMF (AI 600-1), EU AI Act — was drafted before the Model Context Protocol existed. None of them names dynamic tool binding as a governance object. The companion paper quantifies the resulting gap across 97,980 MCP-server repositories, ten publicly disclosed incidents, and six control breakpoints, and argues that closing the gap requires a new primitive that no published framework yet defines:

Runtime capability-state attestation — a reproducible, signable snapshot of what tools an agent can reach, with what action-level privilege, through what trust path, that an auditor can test against.

This repository is a reference implementation of that primitive.

What you get

  • mcp-gov score — compute the Tool Graph Capability Score (TCS) for any MCP configuration. Reproduces Table 3 of the paper exactly.
  • mcp-gov attest — collect, classify, and sign a capability-state attestation from your live MCP configs (Claude Desktop, Claude Code, Cursor).
  • mcp-gov check — evaluate an attestation against the six control breakpoints (B1–B6) from the paper and policy YAML.
  • mcp-gov verify — verify sigstore signatures and diff two attestations to surface change-management events.
  • Framework mappings — each check links to the specific ISO 42001 Annex A, NIST AI 600-1, and EU AI Act clauses it addresses, so an auditor can cite the evidence.
  • Integrations — GitHub Action, pre-commit hook, and Claude Code PreToolUse hook.

Quickstart

pip install mcp-governance-kit

# reproduce Table 3 of the paper
mcp-gov score examples/c3-developer.mcp.json
# → TCS = 13.5

# attest your actual Claude Code configuration
mcp-gov attest ~/.claude/settings.json --sign --out attestation.json

# run the six breakpoint checks
mcp-gov check attestation.json --policy policies/default.yaml

Specification

The attestation format is versioned and documented as a public spec: see SPEC.mdCapability-State Attestation v0.

Paper

The companion paper lives in paper/governance-speed-gap.pdf. Cite via paper/CITATION.cff.

License

Status

Alpha. The TCS scorer and attestation collector are stable; signing, the full breakpoint suite, and the framework mappings are in progress toward a v0.1.0 release. See CHANGELOG.md.

About

Runtime capability-state attestation for MCP agents. Companion implementation to the paper 'The MCP Governance Gap' (Teklenburg, 2026).

Topics

security mcp attestation sigstore ai-governance agentic-ai eu-ai-act model-context-protocol iso42001 nist-ai-rmf

Resources

Readme

License

Apache-2.0, Unknown licenses found

Licenses found

Apache-2.0
LICENSE
Unknown
LICENSE-docs

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages