Schemapin
The SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.
What is Schemapin?
Schemapin is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to schemapin protocol for cryptographically signing and verifying ai agent tool schemas to prevent supply-chain attacks.
The SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- The SchemaPin protocol for cryptographically signing and ver
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx schemapinConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Schemapin
SchemaPin is a cryptographic protocol for signing and verifying AI agent tool schemas, protecting against supply-chain attacks where a malicious actor could replace a legitimate MCP tool definition with a tampered one. It uses ECDSA P-256 + SHA-256 signatures, a Trust-On-First-Use (TOFU) key pinning model, and public key discovery via `.well-known/schemapin.json` endpoints. Available as a Python package, JavaScript/npm package, Go binary, and Rust crate, SchemaPin lets tool developers sign their schemas so that AI agents can verify schema authenticity before execution.
Prerequisites
- Python 3.8+ (for the Python implementation) or Node.js 16+ (for JavaScript)
- pip or npm for installing the SchemaPin library
- A domain where you can host a .well-known/schemapin.json file (for key discovery)
- Basic understanding of public-key cryptography concepts
- An MCP client or agent framework that integrates SchemaPin verification
Install the SchemaPin library
Install SchemaPin using your preferred language's package manager. The Python package is the most fully featured for MCP tool signing workflows.
# Python
pip install schemapin
# JavaScript/Node.js
npm install schemapinGenerate a key pair for signing
Generate an ECDSA P-256 key pair. Keep the private key secret — you will use it to sign your tool schemas. The public key goes on your domain's .well-known endpoint.
from schemapin.crypto import KeyManager
private_key, public_key = KeyManager.generate_keypair()
private_pem = KeyManager.export_private_key_pem(private_key)
public_pem = KeyManager.export_public_key_pem(public_key)
print(public_pem) # Host this at your .well-known endpointPublish your public key at a .well-known endpoint
Create a JSON file at https://yourdomain.com/.well-known/schemapin.json containing your public key. This allows agents to automatically discover and pin your key using TOFU.
{
"public_key": "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"
}Sign a tool schema
Use SchemaSigningWorkflow to sign your MCP tool schema. The resulting signature should be distributed alongside the schema (e.g., in the tool manifest or registry entry).
from schemapin.utils import SchemaSigningWorkflow
signer = SchemaSigningWorkflow(private_pem)
schema = {"name": "my_tool", "parameters": {"type": "object", "properties": {}}}
signature = signer.sign_schema(schema)
print(signature)Verify a tool schema before execution
In your agent or MCP client, use SchemaVerificationWorkflow to verify the schema's signature against the developer's published public key before calling the tool.
from schemapin.utils import SchemaVerificationWorkflow
verifier = SchemaVerificationWorkflow()
result = verifier.verify_schema(schema, signature, "example.com/my_tool", "example.com")
if result.valid:
print("Schema verified — safe to use")
else:
print("Schema verification FAILED — possible tampering detected")Schemapin Examples
Client configuration
SchemaPin is a library/protocol layer rather than a standalone MCP server. Integrate it into your MCP tool server to add schema signing verification.
{
"mcpServers": {
"schemapin-protected-tool": {
"command": "python",
"args": ["-m", "your_mcp_server"],
"env": {
"SCHEMAPIN_VERIFY": "true",
"SCHEMAPIN_DOMAIN": "yourdomain.com"
}
}
}
}Prompts to try
Example prompts for working with SchemaPin in AI-assisted development workflows.
- "Generate a SchemaPin key pair and show me how to publish the public key to my domain's .well-known endpoint."
- "Sign this MCP tool schema using SchemaPin and output the signature for distribution."
- "Verify the signature on this tool schema against the developer's published SchemaPin key and tell me if it's valid."
- "Explain how Trust-On-First-Use key pinning works in SchemaPin and how to handle key rotation."Troubleshooting Schemapin
Verification fails even though the schema was signed with the correct key
Schema canonicalization is order-sensitive — ensure the schema object passed to verify_schema is identical (same key order and values) to the one that was signed. Any whitespace or key reordering will produce a different hash and cause verification failure.
Public key discovery fails (key not found at .well-known endpoint)
Confirm that https://yourdomain.com/.well-known/schemapin.json is publicly accessible and returns a valid JSON object with the 'public_key' field. Check for HTTPS certificate issues and ensure the file is served with Content-Type: application/json.
TOFU pinning rejects a new key after key rotation
SchemaPin requires a signed key revocation document before a new key can replace a pinned one. Use KeyManager to generate a revocation document signed with the old private key, publish it, and then agents can accept the new key.
Frequently Asked Questions about Schemapin
What is Schemapin?
Schemapin is a Model Context Protocol (MCP) server that schemapin protocol for cryptographically signing and verifying ai agent tool schemas to prevent supply-chain attacks. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Schemapin?
Follow the installation instructions on the Schemapin GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Schemapin?
Schemapin works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Schemapin free to use?
Yes, Schemapin is open source and available under the MIT license. You can use it freely in both personal and commercial projects.
Schemapin Alternatives — Similar Security Servers
Looking for alternatives to Schemapin? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Schemapin in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Schemapin?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.