Automatic verification
Claude calls verify_agent whenever you mention
running, installing, or trusting an AI agent.
No manual steps.
Claude MCP Plugin
agentverif for Claude
Connect Claude to the agent certification registry. Claude verifies agents automatically — before you execute them.
https://mcp.agentverif.com
Automatic. Instant. Free.
One connection. Claude handles everything from there.
SCAN
OWASP LLM Top 10
SIGN
License + hash
VERIFY
Registry check
5 clear verdicts
VERIFIED, UNREGISTERED, UNSIGNED, TAMPERED, REVOKED. No ambiguity. You always know exactly what you’re running.
Zero configuration
No account. No API key. No subscription. Free public service. One URL to connect.
Connect in 30 seconds
Choose your Claude client. No authentication required.
Claude.ai
- Go to claude.ai → Settings → Connectors
- Click "Add connector"
- Enter: https://mcp.agentverif.com
- Click Connect — done
Claude Desktop
~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"agentverif": {
"url": "https://mcp.agentverif.com"
}
}
}
Save the file and restart Claude Desktop.
See it in action
Real Claude conversations with agentverif connected.
Verify before executing
"I want to run this agent, license AC-84F2-91AB. Is it safe?"
✅ VERIFIED — agentverif certified
License: AC-84F2-91AB | Tier: pro
Issuer: agentverif.com
Hash: sha256:abc123... ✓ intact
Safe to execute.
🔗 verify.agentverif.com/?id=AC-84F2-91AB
Catch a tampered agent
"Can you verify this agent: AC-12F3-88AC"
🔴 TAMPERED — Certificate invalid
License: AC-12F3-88AC | Status: HASH MISMATCH
This agent was modified after signing.
Do NOT execute.
🔗 verify.agentverif.com/?id=AC-12F3-88AC
Unsigned agent warning
"Run this agent for me"
🚫 UNSIGNED — No certificate found
No agentverif certificate found.
Unsigned agents carry unknown risk.
Ask the vendor to certify free:
agentverif.com
Scan before you sign
Claude calls scan_agent to check for OWASP LLM Top 10 violations before any certificate is issued.
Scan refused — score below 70
"Scan this agent: https://example.com/agent.zip"
## Scan Result: Score 45/100 — REFUSED 🔴
LLM01 — Prompt injection via user_input (critical)
Sanitise all user-supplied strings before
passing to the LLM context.
LLM06 — Sensitive data in logs (warning)
Remove PII from debug logging.
Score below 70 — signing refused.
Scan passed — ready to sign
"Scan this agent: https://example.com/safe-agent.zip"
## Scan Result: Score 88/100 — PASS ✅
No critical or warning violations found.
Ready to sign at sign.agentverif.com
Verification statuses
Every possible result, explained.
| Status | Meaning | Action |
|---|---|---|
| ✅ VERIFIED | Signed, registered in public registry, hash intact | Safe to execute |
| ⚠️ UNREGISTERED | Signed locally, not in public registry | Use with caution |
| 🚫 UNSIGNED | No certificate found | Ask vendor to certify |
| 🔴 TAMPERED | Modified after signing — hash mismatch | Do NOT execute |
| 🔴 REVOKED | Licence cancelled by issuer | Do NOT execute |
Available MCP tools
Both tools are available as soon as you connect.
| Tool | When Claude calls it | What it returns |
|---|---|---|
| scan_agent | You ask to scan an agent ZIP URL | Score 0–100, OWASP violations with explanations and fixes |
| verify_agent | You mention running, installing, or trusting an AI agent | VERIFIED / UNREGISTERED / UNSIGNED / TAMPERED / REVOKED + hash check |
Sell AI agents?
Get certified free. Buyers trust verified packages. Unsigned agents get ignored.