Mnemom — Trust Ratings for AI Agents
Official16 toolsby mnemom
Trust infrastructure for AI agents: read a verifiable Trust Rating, claim an identity, earn a badge.
Trust infrastructure for AI agents: verifiable ratings, identity claims, and badges.
Captured live from the server via tools/list.
claim_agent
Claim a verifiable identity — bind an agent to your organization so its trust and accountability record is provably yours. No human in the loop.
Parameters (3)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- hash_proofstringrequired
Agent possession proof: the full 64-hex SHA-256 digest of `${apiKey}|${agentName}` (or `${apiKey}` for an unnamed singleton agent).
- org_idstring
Optional. The organization to claim the agent into (e.g. `org-...` or `pers-...`). The caller must be a member of this org (role floor: member). If omitted, the agent is claimed into the caller's personal org.
get_agent
Look up an agent's public identity and trust state by ID — the accountable record other agents and humans can rely on.
Parameters (1)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
get_reputation
Look up an AI agent's published Trust Rating — Mnemom's portable reliability signal for autonomous software, computed from the agent's own verified activity record. Returns the rating plus the technical factors behind it. Free, public, read-only: every registered agent's rating is published by standard (the `visibility` field is the reputation-publication axis, distinct from identity-record visibility).
Parameters (1)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
get_reputation_badge
Get an embeddable Trust Rating badge for an agent — returns the badge image URL plus ready-to-paste Markdown and HTML snippets for a README or agent card.
Parameters (1)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
get_started
Zero-auth, no-args orientation: who Mnemom is, the surface map, how to authenticate and what it unlocks, and the value tools to try right now (headlining scan_trust + the reputation reads).
Parameters (1)
- tokenstring
Optional Dojo try-me invite token. When supplied and valid, returns the token-gated dojo briefing manifest (the same content as GET /v1/dojo/try-me/resolve); omit for public orientation.
list_agents
List your agents — List all agents owned by the authenticated user. Supports pagination.
Parameters (2)
- limitinteger
Maximum number of agents to return (max 100)
- offsetinteger
Number of agents to skip for pagination
preview_compose_alignment_by_agent
Preview composed alignment (dry run) — Composes the cascade against a hypothetical body at the agent layer and returns conflicts + the composed view. No DB writes. Used by the dashboard editor for live conflict markers.
Parameters (2)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- bodyobject
Unified alignment card (ADR-008/ADR-039). Authored in YAML or JSON; composed server-side with platform defaults, org template, and active exemptions before storage. This schema matches the runtime validator at src/composition/validate.ts EXACTLY — a card authored strictly to it passes `PUT /v1/agents/{id}/alignment-card` and the preview-compose endpoint. Output-only fields (card_id, issued_at, expires_at, _composition, content_hash, version) are server-assigned and must NOT be sent on a PUT.
preview_compose_protection_by_agent
Preview composed protection (dry run) — Composes the cascade against a hypothetical body at the agent layer and returns conflicts + the composed view. No DB writes. Used by the dashboard editor for live conflict markers.
Parameters (2)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- bodyobject
Unified protection card (ADR-037). Safe House thresholds + trusted-source policy for a single agent. Shape matches src/composition/types.ts::UnifiedProtectionCard (canonical) and what the runtime validator at src/composition/validate.ts accepts. The customer-facing docs at /concepts/protection-card and /specifications/protection-card-schema document this same shape.
put_alignment_by_agent
Publish or replace the alignment manifest — Accepts YAML (`text/yaml`, `application/yaml`) or JSON. Body is the full `UnifiedAlignmentCard`; server-side composition merges it across the platform → org → team → agent cascade and writes the canonical composed card. Requires `Idempotency-Key`. Honor...
Parameters (2)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- bodyobject
Unified alignment card (ADR-008/ADR-039). Authored in YAML or JSON; composed server-side with platform defaults, org template, and active exemptions before storage. This schema matches the runtime validator at src/composition/validate.ts EXACTLY — a card authored strictly to it passes `PUT /v1/agents/{id}/alignment-card` and the preview-compose endpoint. Output-only fields (card_id, issued_at, expires_at, _composition, content_hash, version) are server-assigned and must NOT be sent on a PUT.
put_protection_by_agent
Publish or replace the protection manifest — Accepts YAML (`text/yaml`, `application/yaml`) or JSON. Body is the full `UnifiedProtectionCard`; server-side composition merges it across the platform → org → team → agent cascade and writes the canonical composed card. Requires `Idempotency-Key`. Hon...
Parameters (2)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- bodyobject
Unified protection card (ADR-037). Safe House thresholds + trusted-source policy for a single agent. Shape matches src/composition/types.ts::UnifiedProtectionCard (canonical) and what the runtime validator at src/composition/validate.ts accepts. The customer-facing docs at /concepts/protection-card and /specifications/protection-card-schema document this same shape.
report_recipe_fn_fp
Submit a false-positive / false-negative correction for one of Mnemom's automated detection rules (a 'recipe') — technical feedback that improves detection accuracy, like filing a bug report against a spam filter.
Parameters (6)
- recipeIdstringrequired
The detection_recipes id the report is filed against (the recipe that misfired or failed to fire).
- typestringrequired
'fn' (false negative — recipe should have fired) or 'fp' (false positive — recipe fired on legitimate behaviour).
- summarystringrequired
Customer's description of what happened.
- evidencestring
Optional raw payload / log excerpt the admin reviewer can inspect.
- agent_idstring
Optional. Customer's agent id, when the report concerns a specific agent.
- checkpoint_idstring
Optional. Related integrity_checkpoints id (helps the reviewer correlate).
scan_trust
Scan a website's agent-trust-readiness and return a signed scorecard (Trust, plus an Access axis on newer rubrics). Zero-auth. Results are CACHED for up to 24h — check `cached` and `scannedAt` on the result; pass `fresh: true` to force a re-scan (rate-limited). Proxies to the SSRF-locked isittrustready scanner; the Ed25519 signature + permalink are preserved verbatim. Rubric + docs: https://www.isittrustready.ai/rubric and https://docs.mnemom.ai/.
Parameters (2)
- urlstringrequired
Domain or URL to scan, e.g. "example.com" or "https://example.com".
- freshboolean
Force a fresh re-scan instead of the cached result (results are cached up to 24h; the engine rate-limits re-scans). Equivalent to the scanner's rescan flag.
search_reputation_directory
Resolve an agent name or id-prefix to a real agent_id over the PUBLIC reputation directory (only agents whose reputation visibility is public). Zero-auth. The arriving-agent entry point: discover a concrete agent_id, then call get_reputation / verify_reputation on it.
Parameters (6)
- qstring
Name search (ilike) or agent-id prefix match.
- gradestring
Filter to one grade (e.g. `AAA`, `B`, `NR`).
- confidencestring
Filter to agents at a given reputation-confidence level (driven by how much evidence backs the score).
- sortstring
Result ordering. Default "score" (highest-rated first); other supported keys order by recency or name.
- pageinteger
1-based page number for pagination. Default 1.
- per_pageinteger
Number of results per page. 1–100, default 20.
verify_agent_binding
Verify that an API key is bound to this agent — confirms the holder is the accountable owner (anti-impersonation), hashing the key client-side.
Parameters (2)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
- key_hashstringrequired
First 16 hex chars of SHA256(apiKey) or SHA256(apiKey + '|' + agentName) for named agents.
verify_reputation
Attest an agent's Trust Rating — returns a Merkle-root + hash-chain attestation (hash_chain_valid) proving the rating derives from an unbroken, append-only checkpoint chain, plus a pointer to the signed integrity certificate. This is a chain-integrity attestation, NOT an in-band Ed25519 signature check (that parity is verify_scan, for website scorecards).
Parameters (1)
- agent_idstringrequired
Agent identifier (e.g. smolt-abc123)
verify_scan
Verify a website scan scorecard's Ed25519 signature IN-BAND (verify, don't trust). Pass a `scan` (a scorecard from scan_trust) or a `url` to re-scan; returns {verified, key_id, canonicalization} checked against the public key at mnemom://iitr/jwks. Zero-auth. Spec + rubric: https://www.isittrustready.ai/rubric and https://docs.mnemom.ai/.
Parameters (2)
- scanobject
A scan scorecard previously returned by scan_trust (or iitr's /r/ JSON), passed back verbatim to verify. Same shape as scan_trust's result; the signature is checked against mnemom://iitr/jwks.
- urlstring
Alternatively, a domain/URL to re-scan and then verify.
README not available yet.
Install
Remote endpoint
Streamable HTTPHosted server - connect over the network, no local install.
https://api.mnemom.ai/mcp?profile=directoryclaude_desktop_config.json
{
"mcpServers": {
"mnemom": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://api.mnemom.ai/mcp?profile=directory"
]
}
}
}Desktop config is stdio-only; this bridges via mcp-remote. Native remote: Settings > Connectors.