co-browser/attestable-mcp-server

Overview

This tool uses hardware attestation to verify that any MCP server is running the intended and untampered code. It wraps the server startup process and checks integrity before execution.

Best for

Best for
Developers deploying MCP servers in zero-trust or compliance-sensitive environments where code tampering is a risk.

Use cases

• Ensure deployed MCP servers have not been modified or replaced.
• Integrate attestation checks into CI/CD pipelines for MCP server builds.
• Audit remote MCP server instances for code integrity in multi-tenant environments.

Notes

This tool uses hardware attestation to verify that any MCP server is running the intended and untampered code. It wraps the server startup process and checks integrity before execution.

18 stars on GitHub. Last updated 2026-05-20.

Use cases

• Ensure deployed MCP servers have not been modified or replaced.
• Integrate attestation checks into CI/CD pipelines for MCP server builds.
• Audit remote MCP server instances for code integrity in multi-tenant environments.

Pros

• Provides strong, hardware-backed integrity verification.
• Open source with a permissive license (MIT).
• Simple integration via a wrapper for existing MCP servers.

Cons

• Requires hardware that supports attestation (e.g., TPM 2.0 or Intel SGX).
• Low project maturity (18 stars, very early stage).
• Setup and configuration may be complex for non-security experts.

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.