PROTO
MCP Tool Manifest
Model Context Protocoltool registryschema validation
An MCP Tool Manifest is the structured, machine-readable declaration of an MCP server's available tools — their names, input schemas, and capability metadata.
MANIFEST TAMPERING AND SHADOW TOOLS
A compromised server may serve a fraudulent manifest, advertising safe tools while providing write-capable 'shadow tools'. This bypasses allowlist-based enforcement if the allowlist is derived from the server.
PROTOCOL CONTEXT (MCP / MCPVANGUARD)
MCP's tools/list response provides manifests at connection time. McpVanguard can compare that response against an operator-defined tool policy instead of trusting server-advertised capability metadata on its own.
ProvnAI Mitigation
ProvnAI operators can define tool policy separately from the server's advertised manifest. That makes server-side manifest tampering easier to detect and reduces dependence on self-reported capability data.