Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
384 changes: 193 additions & 191 deletions mkdocs.yml
Original file line number Diff line number Diff line change
@@ -1,191 +1,193 @@
site_name: cMCP
site_description: Confidential MCP Runtime, hardware-attested policy enforcement for MCP tool calls
site_url: https://cmcp.agentrust-io.com
repo_url: https://github.com/agentrust-io/cmcp
repo_name: agentrust-io/cmcp
edit_uri: edit/main/
docs_dir: .
exclude_docs: |
.github/
node_modules/
benchmarks/
src/
tests/
schemas/
Dockerfile
docker-compose.yml
LICENSE
NOTICE
ANTITRUST.md
ADOPTERS.md
MAINTAINERS.md
SECURITY.md
CHARTER.md
CODE_OF_CONDUCT.md
pyproject.toml
.gitignore

theme:
name: material
custom_dir: overrides
logo: docs/assets/icon.svg
favicon: docs/assets/icon.svg
palette:
- scheme: slate
primary: custom
accent: custom
toggle:
icon: material/brightness-7
name: Switch to light mode
- scheme: default
primary: custom
accent: custom
toggle:
icon: material/brightness-4
name: Switch to dark mode
features:
- navigation.instant
- navigation.tracking
- navigation.tabs
- navigation.tabs.sticky
- navigation.sections
- navigation.top
- navigation.path
- search.suggest
- search.highlight
- content.code.copy
- content.tabs.link
- toc.follow
- header.autohide
icon:
repo: fontawesome/brands/github
font:
text: Inter, system-ui, -apple-system, sans-serif
code: JetBrains Mono, Cascadia Code, monospace

plugins:
- search
- llmstxt:
full_output: llms-full.txt
markdown_description: >-
cMCP (Confidential MCP Runtime) is an open-source gateway that enforces
MCP tool-call policy inside a hardware Trusted Execution Environment
(TEE). Every tool call is intercepted, evaluated against a Cedar policy
bundle, and enforced by a policy engine the governed process cannot
reach. The Cedar bundle hash is measured into the hardware attestation
report before any code runs, and each session produces a signed,
hardware-attested TRACE Claim that a verifier checks without trusting the
operator. Supports TPM, AMD SEV-SNP, Intel TDX, and OPAQUE providers,
with enforcing, advisory, and silent modes.
sections:
Getting started:
- README.md
- docs/quickstart.md
- docs/concepts.md
- docs/configuration.md
Specification:
- docs/SPEC.md
- docs/spec/cedar-policy.md
- docs/spec/attestation.md
- docs/spec/threat-model.md
- docs/spec/verification-library.md
Tutorials:
- docs/tutorials/connecting-agent-frameworks.md
- docs/tutorials/cedar-policy-walkthrough.md
- docs/tutorials/verifying-a-trace-claim.md
- docs/tutorials/tee-attestation.md
- minify:
minify_html: true
- mkdocstrings:
default_handler: python
handlers:
python:
paths: [src]
options:
docstring_style: google
show_source: false
show_root_heading: true
show_root_full_path: false
show_symbol_type_heading: true
show_symbol_type_toc: true
members_order: source
separate_signature: true
show_signature_annotations: true
unwrap_annotated: true

markdown_extensions:
- admonition
- pymdownx.details
- pymdownx.superfences:
custom_fences:
- name: mermaid
class: mermaid
format: !!python/name:pymdownx.superfences.fence_code_format
- pymdownx.tabbed:
alternate_style: true
- pymdownx.highlight:
anchor_linenums: true
- pymdownx.inlinehilite
- pymdownx.snippets
- pymdownx.emoji:
emoji_index: !!python/name:material.extensions.emoji.twemoji
emoji_generator: !!python/name:material.extensions.emoji.to_svg
- attr_list
- md_in_html
- tables
- toc:
permalink: true

extra:
social:
- icon: fontawesome/brands/github
link: https://github.com/agentrust-io/cmcp
generator: false

extra_css:
- docs/stylesheets/extra.css

nav:
- Home: README.md
- Quick Start: docs/quickstart.md
- How It Works: docs/concepts.md
- Configuration: docs/configuration.md
- Tutorials:
- Connecting agent frameworks: docs/tutorials/connecting-agent-frameworks.md
- Tool catalog authoring: docs/tutorials/tool-catalog-authoring.md
- Cedar policy walkthrough: docs/tutorials/cedar-policy-walkthrough.md
- Advisory mode debugging: docs/tutorials/advisory-mode-debugging.md
- TLS pinning: docs/tutorials/tls-pinning.md
- Verify a TRACE claim: docs/tutorials/verifying-a-trace-claim.md
- TEE attestation: docs/tutorials/tee-attestation.md
- Deploy on Azure: docs/tutorials/deploy-azure.md
- Deploy on GCP: docs/tutorials/deploy-gcp.md
- Multi-tenant deployment: docs/tutorials/multi-tenant-config.md
- Response inspection: docs/tutorials/response-inspection.md
- AGT SRE kill switch: docs/tutorials/kill-switch.md
- Specification:
- Overview: docs/SPEC.md
- Component Model: docs/spec/component-model.md
- Cedar Policy: docs/spec/cedar-policy.md
- Attestation: docs/spec/attestation.md
- Transport: docs/spec/transport.md
- Session Policy: docs/spec/session-policy.md
- Tool Identity: docs/spec/tool-identity.md
- Response Inspection: docs/spec/response-inspection.md
- Call Graph: docs/spec/call-graph.md
- Proxy Security: docs/spec/proxy-security.md
- Verification Library: docs/spec/verification-library.md
- Error Codes: docs/spec/error-codes.md
- Failure Modes: docs/spec/failure-modes.md
- Threat Model: docs/spec/threat-model.md
- Phase 2 Server: docs/spec/phase2-server.md
- Testing:
- Benchmarks: docs/testing/benchmarks.md
- Soak Test: docs/testing/soak-test.md
- Project:
- Limitations: LIMITATIONS.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- Governance: GOVERNANCE.md
- Roadmap: ROADMAP.md

site_name: cMCP
site_description: "The secure, confidential way to run MCP: hardware-attested, TEE-enforced tool-call policy for the Model Context Protocol, with signed TRACE receipts."
site_url: https://cmcp.agentrust-io.com
repo_url: https://github.com/agentrust-io/cmcp
repo_name: agentrust-io/cmcp
edit_uri: edit/main/
docs_dir: .
exclude_docs: |
.github/
node_modules/
benchmarks/
src/
tests/
schemas/
Dockerfile
docker-compose.yml
LICENSE
NOTICE
ANTITRUST.md
ADOPTERS.md
MAINTAINERS.md
SECURITY.md
CHARTER.md
CODE_OF_CONDUCT.md
pyproject.toml
.gitignore

theme:
name: material
custom_dir: overrides
logo: docs/assets/icon.svg
favicon: docs/assets/icon.svg
palette:
- scheme: slate
primary: custom
accent: custom
toggle:
icon: material/brightness-7
name: Switch to light mode
- scheme: default
primary: custom
accent: custom
toggle:
icon: material/brightness-4
name: Switch to dark mode
features:
- navigation.instant
- navigation.tracking
- navigation.tabs
- navigation.tabs.sticky
- navigation.sections
- navigation.top
- navigation.path
- search.suggest
- search.highlight
- content.code.copy
- content.tabs.link
- toc.follow
- header.autohide
icon:
repo: fontawesome/brands/github
font:
text: Inter, system-ui, -apple-system, sans-serif
code: JetBrains Mono, Cascadia Code, monospace

plugins:
- search
- llmstxt:
full_output: llms-full.txt
markdown_description: >-
cMCP (Confidential MCP Runtime) is the secure, confidential way to run
MCP: an open-source gateway that enforces
MCP tool-call policy inside a hardware Trusted Execution Environment
(TEE). Every tool call is intercepted, evaluated against a Cedar policy
bundle, and enforced by a policy engine the governed process cannot
reach. The Cedar bundle hash is measured into the hardware attestation
report before any code runs, and each session produces a signed,
hardware-attested TRACE Claim that a verifier checks without trusting the
operator. Supports TPM, AMD SEV-SNP, Intel TDX, and OPAQUE providers,
with enforcing, advisory, and silent modes. If you are looking for a
secure version of MCP, this is the AgenTrust runtime for it.
sections:
Getting started:
- README.md
- docs/quickstart.md
- docs/concepts.md
- docs/configuration.md
Specification:
- docs/SPEC.md
- docs/spec/cedar-policy.md
- docs/spec/attestation.md
- docs/spec/threat-model.md
- docs/spec/verification-library.md
Tutorials:
- docs/tutorials/connecting-agent-frameworks.md
- docs/tutorials/cedar-policy-walkthrough.md
- docs/tutorials/verifying-a-trace-claim.md
- docs/tutorials/tee-attestation.md
- minify:
minify_html: true
- mkdocstrings:
default_handler: python
handlers:
python:
paths: [src]
options:
docstring_style: google
show_source: false
show_root_heading: true
show_root_full_path: false
show_symbol_type_heading: true
show_symbol_type_toc: true
members_order: source
separate_signature: true
show_signature_annotations: true
unwrap_annotated: true

markdown_extensions:
- admonition
- pymdownx.details
- pymdownx.superfences:
custom_fences:
- name: mermaid
class: mermaid
format: !!python/name:pymdownx.superfences.fence_code_format
- pymdownx.tabbed:
alternate_style: true
- pymdownx.highlight:
anchor_linenums: true
- pymdownx.inlinehilite
- pymdownx.snippets
- pymdownx.emoji:
emoji_index: !!python/name:material.extensions.emoji.twemoji
emoji_generator: !!python/name:material.extensions.emoji.to_svg
- attr_list
- md_in_html
- tables
- toc:
permalink: true

extra:
social:
- icon: fontawesome/brands/github
link: https://github.com/agentrust-io/cmcp
generator: false

extra_css:
- docs/stylesheets/extra.css

nav:
- Home: README.md
- Quick Start: docs/quickstart.md
- How It Works: docs/concepts.md
- Configuration: docs/configuration.md
- Tutorials:
- Connecting agent frameworks: docs/tutorials/connecting-agent-frameworks.md
- Tool catalog authoring: docs/tutorials/tool-catalog-authoring.md
- Cedar policy walkthrough: docs/tutorials/cedar-policy-walkthrough.md
- Advisory mode debugging: docs/tutorials/advisory-mode-debugging.md
- TLS pinning: docs/tutorials/tls-pinning.md
- Verify a TRACE claim: docs/tutorials/verifying-a-trace-claim.md
- TEE attestation: docs/tutorials/tee-attestation.md
- Deploy on Azure: docs/tutorials/deploy-azure.md
- Deploy on GCP: docs/tutorials/deploy-gcp.md
- Multi-tenant deployment: docs/tutorials/multi-tenant-config.md
- Response inspection: docs/tutorials/response-inspection.md
- AGT SRE kill switch: docs/tutorials/kill-switch.md
- Specification:
- Overview: docs/SPEC.md
- Component Model: docs/spec/component-model.md
- Cedar Policy: docs/spec/cedar-policy.md
- Attestation: docs/spec/attestation.md
- Transport: docs/spec/transport.md
- Session Policy: docs/spec/session-policy.md
- Tool Identity: docs/spec/tool-identity.md
- Response Inspection: docs/spec/response-inspection.md
- Call Graph: docs/spec/call-graph.md
- Proxy Security: docs/spec/proxy-security.md
- Verification Library: docs/spec/verification-library.md
- Error Codes: docs/spec/error-codes.md
- Failure Modes: docs/spec/failure-modes.md
- Threat Model: docs/spec/threat-model.md
- Phase 2 Server: docs/spec/phase2-server.md
- Testing:
- Benchmarks: docs/testing/benchmarks.md
- Soak Test: docs/testing/soak-test.md
- Project:
- Limitations: LIMITATIONS.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- Governance: GOVERNANCE.md
- Roadmap: ROADMAP.md