Evidence layer for AI agents, native to Claude and Cursor
Connect any MCP-compatible runtime — Claude Desktop, Claude Code, Cursor, VS Code — directly to CertifiedData. Every tool is typed, every mutating call returns a machine-verifiable proof artifact (signed receipt, rotated token, or attestation challenge) that third parties can verify without trusting our servers.
Current MCP scope
This MCP server currently focuses on commerce, agent identity, dataset licensing, and receipt verification.
Dataset generation and decision logging are first-class capabilities of CertifiedData, but are exposed today via the HTTP API and the TypeScript / Python SDKs rather than through MCP. This keeps the MCP surface narrowly scoped to what agents typically do in-loop: discover products, check policy, transact, verify, and manage access. Tool coverage will expand over time; track changes in the changelog.
Install — sandbox
Add this to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%/Claude/claude_desktop_config.json (Windows).
{
"mcpServers": {
"certifieddata-sandbox": {
"command": "npx",
"args": ["@certifieddata/mcp-server"],
"env": {
"CDAC_API_KEY": "cdp_test_...",
"CDAC_BASE_URL": "https://certifieddata.io",
"CDAC_ENV": "sandbox"
}
}
}
}{
"mcpServers": {
"certifieddata-live": {
"command": "npx",
"args": ["@certifieddata/mcp-server"],
"env": {
"CDAC_API_KEY": "cdp_live_YOUR_KEY_HERE",
"CDAC_BASE_URL": "https://certifieddata.io",
"CDAC_ENV": "live"
}
}
}
}Exposed tools — 10 live
| Tool | Returns |
|---|---|
| browse_marketplace | List of certified datasets with slug, price, rows × columns, algorithm, cert signer |
| check_spend_policy | Active policy: rails, max_per_tx_cents, daily_limit_cents, merchant allow/block lists |
| check_remaining_budget | Today's spend, daily limit, remaining budget |
| authorize_purchase | authorization_id, status, policy_decision |
| execute_purchase | receipt_id, download_url, license_key, dataset_hash, certificate_url, verify_url |
| verify_receipt | valid, signatureValid, hashValid, signingKeyId, receipt_payload |
| get_agent_identity | DID, display_name, status, key set, verified attestations |
| verify_agent_attestation | challenge nonce, attestation_id, expires_at |
| get_license | dataset_slug, SPDX, usage rights, commercial/redistribution flags, status, verify_url |
| rotate_license_token | Fresh download_url valid for 48 hours, expires_at |
Demo prompt
Paste this into Claude Desktop with the MCP server connected. Expected runtime: 15–30 seconds.
You are a data procurement agent for an AI research lab. Your task: 1. Browse the CertifiedData marketplace and find a synthetic dataset suitable for training a customer support classification model. 2. Check your payment policy to confirm the purchase is within your authorized spend limits. 3. Check today's remaining budget. 4. Authorize the purchase for the dataset you selected. 5. Execute the purchase. Report the full delivery bundle: download URL, license key, SHA-256 hash, certificate URL, and verify URL. 6. Verify the receipt cryptographically and confirm: valid=true, signatureValid=true, hashValid=true.
Safety model
• The MCP server is a thin RPC layer — all policy evaluation, signing, and rail execution happens server-side at certifieddata.io.
• Prompt-injected tool arguments cannot bypass spend limits, policy rules, or signature validation — these are enforced server-side against the authenticated API key.
• A sandbox key can be rotated or revoked at any time via /dashboard/api-keys.