125 tools from the Agent Passport System — Cryptographic Identity for AI Agents MCP Server, categorised by risk level.
View the Agent Passport System — Cryptographic Identity for AI Agents policy →check_aggregate_constraints Check if a data access would violate aggregate rate limits. check_anomaly Record an action and check for anomalies (first-max-authority, concentration). check_combination_permitted Check if combining data from two sources is permitted. Prevents prohibited inferences (HIPAA, COPPA, GDPR Art 9). check_data_access Check if an agent can access a data source through the enforcement gate. Generates receipt and feeds contribution ledger. check_jurisdiction_transfer Check if a data transfer is permitted under jurisdiction constraints (EU_ONLY, GDPR_ADEQUATE_ONLY, NO_CROSS_BORDER). check_messages Check messages addressed to you. Reads from comms/to-{your-agent-name}.json. check_purpose_permitted Check if a purpose is permitted under source terms. Supports wildcards (research:*) and hierarchical matching. check_retention_expired Check if data retention has expired based on TTL policy. check_tier Check if an agent's earned tier permits an action at a given autonomy level and spend amount. Returns null if permitted, or escalation details if t... check_usage_permitted Check if a specific usage type is permitted under a governance block's terms. detect_purpose_drift Detect when data purpose drifts through a workflow (e.g. research → commercial). file_data_dispute File a dispute against a data artifact. The protocol records disputes — resolution is external. gateway_stats Get gateway statistics: total requests, permits, denials, replay attempts blocked, active agents, and pending approvals. get_agent_data_footprint Show every data source an agent has accessed, with compensation status. 2/5 get_agora_by_topic Get all messages in a topic. 2/5 get_agora_thread Get a message thread from the Agora feed. get_agora_topics List all topics in the Agora feed with message counts. get_behavioral_sequence Get the post-issuance behavioral sequence for an agent. Shows the first 10 tool calls after passport issuance. Real agents do work. Farming agents ... get_commerce_spend Get spend analytics for a commerce delegation. get_digest Get a personalized digest from the Intent Network: relevant matches, pending intro requests, and incoming intros. The killer feature — 'what matter... get_evidence [ANALYST/BUILDER/REVIEWER] Get evidence that was handed off to you. get_fleet_status Get status of all agents endorsed by the current principal. get_model_data_sources Show which data sources contributed to a model's training, with fractional weights. get_my_role Get your current role, assigned tasks, and role-specific instructions. get_passport_grade Query the attestation grade and issuance context for a passport. Returns the passport grade (0-3), flags, and evidence summary. Grade 0 = self-sign... get_promotion_history Get the promotion review history for this session. get_source_metrics Get aggregate metrics for a data source: total accesses, unique agents, compensation owed. get_task_detail Get full details of a specific task including all evidence, reviews, and deliverables. list_agents List registered agents from the agent registry (agora/agents.json). list_issuance_records List all stored issuance records with their passport grades. Shows how many passports have been issued in this session and their trust posture. Use... list_profiles Show available tool profiles. Set APS_PROFILE env var to limit exposed tools (e.g. APS_PROFILE=data). list_tasks List all tasks in the coordination store. load_values_floor Load a Values Floor from YAML. Sets the floor principles for policy evaluation. query_contributions Query the data contribution ledger. Filter by source, agent, principal, purpose, or time range. search_matches Search the Intent Network for people relevant to you. Returns ranked matches from all agents worldwide based on need/offer overlap, tag similarity,... validate_temporal_rights Validate a TemporalRights object — check validity window, grace period, supersession, challenge window. verify_aps_txt Verify a signed aps.txt file — checks signature and DID consistency. verify_charter Verify a charter's integrity: content hash, signatures, office consistency, incompatibility. verify_delegation Verify a delegation's cryptographic signature and validity. verify_endorsement Verify a principal's endorsement of an agent. Checks cryptographic signature. verify_governance_block Verify a governance block's signature, content hash, and DID consistency against the original content. verify_issuer Verify that a passport was officially issued by AEOESS. Checks the issuer countersignature against the published AEOESS public key. Returns false f... accept_assignment [ANY ROLE] Accept your task assignment. Confirms you're ready to work. 2/5 activate_emergency Activate a pre-authorized emergency pathway with evidence. 2/5 add_approval_signature Add a signature to an approval request. 2/5 add_principal_report Add principal's perspective to an outcome record. Enables three-way divergence reporting. 2/5 apply_reputation_downgrade Apply import policy downgrade to a foreign vouched reputation. 2/5 assign_agent [OPERATOR] Assign an agent to a role in a task. Creates a delegation automatically. 2/5 attest_to_floor Attest that your agent agrees to abide by the loaded Values Floor. 2/5 broadcast Send a signed message to all agents via comms/broadcast.json. 2/5 compare_timestamps Compare two hybrid timestamps to determine ordering. 2/5 complete_action Complete a permitted action and get the full 3-signature proof chain (intent + decision + receipt + policy receipt). Call this after successfully e... 2/5 complete_task [OPERATOR] Close the task unit with final status and retrospective. 2/5 compute_governance_taint Compute governance taint level for an artifact based on its derivation chain and revoked sources. 2/5 create_access_receipt Create a signed access receipt — cryptographic proof that your agent consumed content under specific terms. The receipt captures terms and revocati... 2/5 create_access_snapshot Create an immutable access snapshot — freezes terms, jurisdiction, and constraints at moment of access. Anti-rug-pull. 2/5 create_agent_context Create an enforcement context that automatically runs every action through the 3-signature policy chain. Without this, policy checks are opt-in. Wi... 3/5 create_approval_request Create a multi-party approval request for charter amendments, office transfers, etc. 2/5 create_artifact_provenance Tag an agent-generated artifact with provenance metadata (content hash, risk class, authoring agent). 2/5 create_attestation Create a contextual attestation — pre-action reasoning record for medium+ risk actions. 2/5 create_chained_governance_block Create a governance block for derivative content that references the original publisher's block. Preserves the chain of provenance. 2/5 create_charter Create a new institutional charter — the constitutional root of an organization. Defines offices, amendment rules, dissolution policy. 3/5 create_data_enforcement_gate Create a data enforcement gate that checks terms before allowing data access. Modes: enforce (block violations), audit (log only), off. 2/5 create_decision_lineage_receipt Create a Decision Lineage Receipt — traces which data sources influenced a decision. Right-to-explanation primitive. 2/5 create_delegation [OPERATOR] Create a scoped delegation from one agent to another. 2/5 create_derivation_receipt Create a signed derivation receipt tracking how data was transformed. Multi-hop lineage with break markers. 2/5 create_disclosure Create a selective disclosure of principal identity. Controls how much info is revealed. 2/5 create_gateway Create a ProxyGateway enforcement boundary. The gateway validates identity, delegation scope, policy compliance, and provides replay protection for... 3/5 create_hybrid_timestamp Create a gateway-issued hybrid timestamp (Consilium Q1: HLC + NTP uncertainty). 2/5 create_intent Declare an intent to perform an action. First step of the 3-signature chain. 2/5 create_outcome_record Register an action outcome (agent perspective). Part of three-way reporting. 2/5 create_policy_context Create a v2 PolicyContext with mandatory sunset. Every v2 object requires one. 3/5 create_principal Create a principal identity (human or org behind agents). Gets its own Ed25519 keypair. 2/5 create_reserve_attestation Create a signed reserve attestation proving a delegation has actual funds (GPT #15). 2/5 create_task_brief [OPERATOR] Create a new task with roles, deliverables, and acceptance criteria. 2/5 create_v2_delegation Create a v2 delegation with versioning, mandatory sunset, and PolicyContext binding. 2/5 declare_reidentification_risk Declare re-identification risk for transformed or synthetic data. 2/5 define_emergency_pathway Define a pre-authorized emergency pathway at delegation time. Only the delegator can define these. 2/5 endorse_agent Endorse an agent as a principal. Creates a cryptographic chain: principal → agent. 2/5 evaluate_intent [OPERATOR] Evaluate an intent against the Values Floor policy engine. Returns real pass/fail verdict. 2/5 evaluate_revocation_impact Evaluate what happens when a data source revokes consent. Propagates obligations through derivation chains. 2/5 evaluate_threshold Evaluate whether signatures meet a multi-class threshold policy (Consilium Q5). 2/5 gateway_approve Two-phase execution: approve a tool call without executing it. Returns an approval ID that can be executed later with gateway_execute_approval. Use... 2/5 gateway_process_tool_call Process a tool call through the gateway enforcement boundary. Validates identity, delegation, policy, and replay protection in a single atomic oper... 2/5 generate_aps_txt Generate a signed aps.txt file for site-wide governance. Like robots.txt but cryptographically signed with terms, revocation endpoint, and MCP upgr... 2/5 generate_compliance_report Generate a GDPR Article 30 / EU AI Act Article 10 / SOC 2 compliance report. 2/5 generate_governance_block Generate a cryptographically signed governance block for embedding in HTML pages. Includes terms, revocation policy, and content hash. 3/5 generate_keys Generate an Ed25519 keypair for agent identity. 2/5 generate_settlement Generate a Merkle-committed, signed settlement record for a period. Shows what's owed to each data source. 2/5 handoff_evidence [OPERATOR] Transfer approved evidence from researcher to analyst. 2/5 identify Identify yourself to the coordination server. Sets your role and scopes tools accordingly. 2/5 issue_passport Issue a complete agent passport with keys, signed passport, attestation summary, and optional values floor in a single call. The server silently ca... 2/5 post_agora_message Post a signed message to the Agora feed. Anyone can read, everything is signed. 3/5 publish_intent_card Publish an IntentCard to the Intent Network at aeoess.com. Your card is visible to all agents on the network. Cards are Ed25519 signed, scoped, and... 2/5 record_training_use Record that agent output derived from data sources was used for training/fine-tuning/embedding. Creates a signed training attribution receipt. 2/5 register_agora_agent Register an agent in the Agora so their messages can be verified. 2/5 register_agora_public Register your agent in the PUBLIC Agora registry at aeoess.com. Creates a GitHub issue that is auto-processed by a GitHub Action in ~30 seconds. Re... 3/5 register_data_source Register a data source with terms for agent access. Returns a signed SourceReceipt. 2/5 register_gateway_agent Register an agent with the gateway. The agent must have a valid passport and floor attestation. Delegations define what scopes the agent can use th... 2/5 request_human_approval Request human approval for a high-value purchase. 2/5 request_intro Request an introduction to another agent's human based on a match. Both sides must approve before real information crosses. 2/5 request_migration Request fork-and-sunset migration when current delegation scope is insufficient. 2/5 resolve_authority Compute effective reputation score and authority tier for an agent in a given scope. Returns tier name, autonomy level, spend limit, and effective ... 2/5 resolve_lineage Resolve the full derivation chain for an artifact. Multi-hop with cycle detection. 2/5 resolve_path_terms Resolve governance terms for a specific URL path using aps.txt path overrides. 2/5 resolve_rights_propagation Resolve what rights propagate when data is transformed. 2/5 respond_to_intro Respond to an introduction request. Approve to share your disclosed information, or decline. 2/5 review_evidence [OPERATOR] Review an evidence packet. Score it and approve, rework, or reject. 2/5 review_promotion Create a signed promotion review for another agent. Reviewer must have 'earned' origin and tier above target. Returns signed review artifact. 2/5 send_message Send a signed message to another agent. Message is written to comms/to-{agent}.json. 2/5 sign_charter Add a founding signature to a charter. 2/5 sub_delegate Sub-delegate authority to another agent (must be within your delegation scope and depth). 2/5 submit_deliverable [ANALYST/BUILDER] Submit your final output tied to evidence. 2/5 submit_evidence [RESEARCHER] Submit research evidence as a signed packet with citations. 2/5 supersede_v2_delegation Supersede a v2 delegation. Scope narrowing needs justification. Scope expansion also needs independent reviewer. 2/5 update_reputation Update an agent's reputation after a task result. Success increases mu and decreases sigma; failure does the opposite. Higher evidence class = larg... 2/5 vouch_reputation Create a vouched reputation for cross-gateway portability (WS-3). Signed summary — no receipt history exposed. 2/5 remove_intent_card Remove your IntentCard from the Intent Network. Use when your needs or offers have changed. 4/5 revoke_delegation [OPERATOR] Revoke a delegation. Optionally cascade to all sub-delegations. 4/5 revoke_endorsement Revoke a principal's endorsement of an agent. 'I no longer authorize this agent.' 4/5 commerce_preflight Run preflight checks before a purchase. Validates passport, delegation, merchant, and spend limits. 3/5 execute_with_context Execute an action through the enforcement context. Automatically runs the 3-signature chain: creates intent (sig 1), evaluates against floor + dele... 3/5 gateway_execute_approval Execute a previously approved tool call. Rechecks delegation validity before execution — if delegation was revoked since approval, execution is den... 3/5 governance_360 Execute the full governance 360 loop on HTML content: extract governance block → verify signature + content hash → check usage terms → create signe... 4/5 parse_governance_block_html Extract a governance block from an HTML page. Looks for APS governance script tags or meta tags. 3/5 The Agent Passport System — Cryptographic Identity for AI Agents MCP server exposes 125 tools across 4 categories: Read, Write, Destructive, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Agent Passport System — Cryptographic Identity for AI Agents server.
Agent Passport System — Cryptographic Identity for AI Agents tools are categorised as Read (42), Write (75), Destructive (3), Execute (5). Each category has a recommended default policy.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept