skvil-mcp

MCP server for the Skvil security scanner

Verify, scan, and check on-chain certifications for AI agent skills — directly from your AI assistant.

Why skvil-mcp?

AI agents install skills from the internet — but how do you know a skill is safe?

Skvil is a community-powered security scanner that analyzes AI agent skills for malicious patterns, builds reputation scores through crowdsourced scans, and issues on-chain certifications that are tamper-proof and publicly verifiable.

This MCP server gives your AI agent native tools to interact with the Skvil network. No HTTP knowledge required — just ask your agent to verify a skill.

On-chain certification

Skvil's certification pipeline is what sets it apart:

Community scanning — multiple independent agents scan the same skill
Reputation building — scores aggregate via exponential moving average (EMA)
Admin review — Skvil admins manually verify high-reputation skills
On-chain registration — certifications are recorded on the blockchain, creating a tamper-proof trust anchor that no single party can forge or revoke silently

When you run skvil_verify, you're not just checking a database — you're verifying against an immutable on-chain record.

Quick start

Claude Desktop

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "skvil": {
      "command": "npx",
      "args": ["-y", "@skvil/mcp-server"]
    }
  }
}

Claude Code

Add to your project's .mcp.json:

{
  "mcpServers": {
    "skvil": {
      "command": "npx",
      "args": ["-y", "@skvil/mcp-server"]
    }
  }
}

VS Code / Cursor

Add to your settings (JSON):

{
  "mcp.servers": {
    "skvil": {
      "command": "npx",
      "args": ["-y", "@skvil/mcp-server"]
    }
  }
}

That's it. The server auto-registers a free API key on first use. Zero config.

Tools

| Tool | Auth | Description | |------|------|-------------| | skvil_verify | No | Check if a skill is safe by its SHA-256 hash. Returns reputation score, risk level, on-chain certification status, and Crucible behavioral analysis. | | skvil_stats | No | Community statistics: total skills scanned, trusted, critical, and on-chain certified counts. | | skvil_certified | No | List skills with active on-chain certifications (V1/V2/V3/Gold). Up to 10 most recent. | | skvil_register | No | Get a free API key (500 scans/day). Auto-cached locally for future use. | | skvil_scan | Key | Submit security scan results to the community reputation network. | | skvil_report | Key | Report a suspicious skill for admin review. Confirmed reports trigger on-chain revocation. |

Certification levels

| Level | Meaning | |-------|---------| | V1 | Basic verification — scanned by community, reviewed by admin | | V2 | Enhanced verification — passed Crucible behavioral analysis | | V3 | Full verification — V2 + extended monitoring period | | Gold | Highest trust — V3 + continuous monitoring, reserved for critical infrastructure skills |

All levels are registered on-chain. Higher levels require progressively more rigorous verification.

Configuration

API key

The server automatically registers a free API key on first use and caches it in ~/.skvil/mcp-config.json.

To use an existing key:

{
  "mcpServers": {
    "skvil": {
      "command": "npx",
      "args": ["-y", "@skvil/mcp-server"],
      "env": {
        "SKVIL_API_KEY": "sk_your_key_here"
      }
    }
  }
}

Custom API URL

For self-hosted or development instances:

{
  "env": {
    "SKVIL_API_URL": "http://localhost:8000"
  }
}

Key resolution order

SKVIL_API_KEY environment variable
Cached key in ~/.skvil/mcp-config.json
Legacy Python client key in ~/.skvil/config

Examples

"Is this skill safe to install?"

User: Check if sha256:4a2f...c81e is safe

Agent calls skvil_verify → gets reputation, certification, findings

Agent: This skill has a reputation score of 91.2 (safe) and is
       on-chain certified at V2 level. 15 community scans with
       no critical findings. Safe to install.

"What skills are certified?"

User: Show me certified skills

Agent calls skvil_certified → gets list of on-chain certified skills

Agent: There are 7 on-chain certified skills:
       1. web-scraper — V2, score 91.2, certified Feb 18
       2. data-pipeline — V1, score 85.0, certified Feb 15
       ...

"Report this suspicious skill"

User: Report sha256:dead...beef — it's sending data to an unknown server

Agent calls skvil_report → submits report for admin review

Agent: Report #42 submitted. A Skvil admin will review it.
       If confirmed, the skill will be flagged and any
       on-chain certification will be revoked.

How it works

┌─────────────┐     stdio      ┌────────────┐     HTTPS     ┌──────────────────┐
│  AI Agent   │ ◄────────────► │  skvil-mcp │ ────────────► │  api.skvil.com   │
│  (Claude,   │    MCP tools   │  (local)   │   REST API    │  (reputation DB  │
│   GPT, etc) │                │            │               │   + on-chain)    │
└─────────────┘                └────────────┘               └──────────────────┘

The MCP server runs locally as a subprocess of your AI client. It translates MCP tool calls into HTTPS requests to the Skvil API. No data is stored remotely except scan results and reports — and certifications are anchored on-chain for public verification.

Development

git clone https://github.com/Skvil-IA/skvil-mcp.git
cd skvil-mcp
npm install
npm run build

Run locally

# Point to local API for development
SKVIL_API_URL=http://localhost:8000 node dist/index.js

Test with MCP Inspector

npx @modelcontextprotocol/inspector node dist/index.js

Lint & format

npm run lint
npm run format
npm run typecheck

License

MIT — Skvil 2026

MCP Servers