Securely access signed build conformance reports and SPDX SBOM supply chain data.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "@bounded-systems/bounded-tools-mcp" yet — see the docs or source repo.
Use the bounded-tools MCP to fetch the Web-Build Conformance report for a build artifact, confirm whether signature verification passes, and summarize the main compliance findings.
A verified report summary showing signature validation status and the results of key compliance checks.
Use the bounded-tools MCP to retrieve the project's SPDX SBOM and summarize the main dependencies, versions, and any components that may require attention.
A structured SBOM summary including core dependencies, version details, and notable risk signals.
Use the bounded-tools MCP to perform byte-for-byte verification between static API content and the Sigstore-signed manifest, and report any mismatches.
An integrity verification result indicating whether everything matches exactly and listing any anomalous files.
Securely read site content and metadata through a Sigstore-verified static API.
Map natural language to typed IDs and retrieve catalog and verification details.
Scan code and infrastructure files for security vulnerabilities through MCP.
Local MCP tools for AI agents to parse, verify, and hash credentials.
Validate AI-generated code with browser tests, evidence capture, and smart diagnostics.
Analyze browser extension security with vulnerability checks, signature validation, and code review.