AI agent identity, permissions, trust scores, and tamper-evident audit trails via Vorim AI
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"vorim": {
"env": {
"VORIM_API_KEY": "agid_sk_live_..."
},
"args": [
"@vorim/mcp-server"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
MCP (Model Context Protocol) server for Vorim AI — the identity and trust layer for AI agents. Exposes 13 tools for agent registration, permission checks, audit logging, and trust verification.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@vorim/mcp-server' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @vorim/mcp-server against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security / ai-ml
Persistent memory using a knowledge graph
Dynamic problem-solving through sequential thought chains
An autonomous agent that conducts deep research on any data using any LLM providers
Privacy-first. MCP is the protocol for tool access. We're the virtualization layer for context.
MCP Security Weekly
Get CVE alerts and security updates for io.github.Kzino/vorim-mcp-server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Give every AI agent its own cryptographic identity, scoped permissions, and a tamper-evident audit trail — directly from Claude Desktop, Cursor, or any MCP-compatible client.
Vorim AI is the identity and trust layer for autonomous AI agents. It gives each agent its own Ed25519 keypair, time-bounded scoped permissions, hash-linked audit events, and a publicly verifiable trust score — so when an agent does something, you can prove who acted, what they were allowed to do, and what happened.
The protocol underneath (VAIP) is open, MIT-licensed, and submitted to IETF as draft-nyantakyi-vaip-agent-identity-01.
This package is the MCP (Model Context Protocol) server that exposes 19 Vorim tools to any MCP-compatible AI client.
Works with Claude Desktop, Cursor, VS Code, and any other MCP client.
npm install -g @vorim/mcp-server
Or run directly with npx:
VORIM_API_KEY=agid_sk_live_... npx @vorim/mcp-server
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"vorim": {
"command": "npx",
"args": ["@vorim/mcp-server"],
"env": {
"VORIM_API_KEY": "agid_sk_live_..."
}
}
}
}
Add to .cursor/mcp.json in your project root:
{
"mcpServers": {
"vorim": {
"command": "npx",
"args": ["@vorim/mcp-server"],
"env": {
"VORIM_API_KEY": "agid_sk_live_..."
}
}
}
}
Add to your VS Code MCP settings with the same format.
agents:*, audit:*, trust:* scopes| Tool | Description |
|---|---|
vorim_ping | Check API health and connectivity |
| Tool | Description |
|---|---|
vorim_register_agent | Register a new agent with Ed25519 cryptographic identity |
vorim_register_ephemeral | Register a did:key ephemeral agent with TTL |
vorim_get_agent | Get agent details by ID |
vorim_list_agents | List all agents with pagination and filtering |
vorim_update_agent | Update agent metadata (name, description, status) |
vorim_revoke_agent | Permanently revoke an agent |
| Tool | Description |
|---|---|
vorim_check_permission | Check if agent has a permission scope (sub-5ms) |
vorim_grant_permission | Grant a permission with optional expiry and rate limits |
vorim_list_permissions | List all active permissions for an agent |
vorim_revoke_permission | Revoke a specific permission scope |
| Tool | Description |
|---|---|
vorim_delegate_credential | Delegate OAuth credentials to an agent |
vorim_request_token | Agent requests a short-lived access token |
vorim_list_delegations | List active credential delegations |
| Tool | Description |
|---|---|
vorim_emit_event | Log an audit event for an agent action |
vorim_export_audit | Export signed audit bundle with SHA-256 manifest |
| Tool | Description |
|---|---|
vorim_verify_trust | Verify agent trust score (public, no auth required) |
| Tool | Description |
|---|---|
vorim_onboard_start | Start device-authorization onboarding for a user with no API key; returns a user code and activation URL |
vorim_onboard_check | Check whether the user approved onboarding and retrie |