{
  "name": "Viridis MCP",
  "description": "Aristotle-verified attribution-enforcement services for AI agents: adversarial injection detection, VulnCanon source scanning, and Maxwell adaptive proof-of-work defense.",
  "url": "https://mcp.viridis-security.com",
  "version": "0.1.0",
  "provider": {
    "organization": "Viridis North LLC",
    "url": "https://github.com/viridis-security"
  },
  "documentationUrl": "https://mcp.viridis-security.com/docs",
  "capabilities": {
    "streaming": false,
    "pushNotifications": false,
    "stateTransitionHistory": false
  },
  "defaultInputModes": ["application/json"],
  "defaultOutputModes": ["application/json"],
  "skills": [
    {
      "id": "injection.detect",
      "name": "Adversarial Injection Detection",
      "description": "Classify untrusted text as clean / suspicious / attack. Returns verdict, probability, bits-at-risk per Adversarial Landauer Inequality, matched VulnCanon entries, and a recommended action (allow / sanitize / reject / escalate). Backed by T-IB-02 + T-IB-06.",
      "tags": ["security", "prompt-injection", "ai-agent", "attribution", "aristotle-verified"],
      "examples": [
        "Classify this user input before passing it to an LLM tool",
        "Return bits-at-risk for an agent prompt before execution",
        "Get a recommended action for a suspicious context insertion"
      ],
      "inputModes": ["application/json"],
      "outputModes": ["application/json"]
    },
    {
      "id": "canon.scan",
      "name": "VulnCanon Source Scan",
      "description": "Match source code against the public VulnCanon catalog of AI-agent vulnerability classes (SSRF in fetch tools, prompt injection patterns, tool-poisoning, cross-agent state pollution, etc.). Returns matched entry IDs, severity, occurrence line, and mitigation references. Backed by T-IB-05 Canon Compression.",
      "tags": ["security", "code-review", "vulncanon", "static-analysis", "aristotle-verified"],
      "examples": [
        "Scan this agent tool implementation for known vulnerability patterns",
        "Check a code snippet for AI-agent-specific security risks before deploy"
      ],
      "inputModes": ["application/json"],
      "outputModes": ["application/json"]
    },
    {
      "id": "maxwell.challenge",
      "name": "Maxwell Adaptive Proof-of-Work",
      "description": "Issue an Argon2id proof-of-work challenge that an upstream attacker must solve. Defender pays log2(1/alpha) times the attacker's energy per bit, making sustained adversarial input energetically irrational. Backed by T-IB-09 Adversarial Dissipation. Tier-gated (Growth+) on the hosted endpoint; Apache-2.0 reference implementation available.",
      "tags": ["security", "rate-limiting", "proof-of-work", "asymmetric-defense", "aristotle-verified"],
      "examples": [
        "Issue a PoW challenge to throttle a suspicious agent caller",
        "Verify a PoW solution and grant downstream access"
      ],
      "inputModes": ["application/json"],
      "outputModes": ["application/json"]
    }
  ],
  "securitySchemes": [
    {
      "name": "bearerAuth",
      "type": "http",
      "scheme": "bearer",
      "description": "API key obtained via POST /v1/signup. Send as Authorization: Bearer vrd_live_*."
    }
  ],
  "openApiUrl": "https://mcp.viridis-security.com/openapi.yaml",
  "compliance": {
    "verifiedBy": "Aristotle (Harmonic)",
    "verifiedTheorems": [
      "T-IB-01: Attribution Conservation",
      "T-IB-02: Adversarial Landauer Inequality",
      "T-IB-03: Envelope Closure",
      "T-IB-04: Composability Attribution",
      "T-IB-05: Canon Compression",
      "T-IB-06: Detection Lower Bound",
      "T-IB-07: Conservation Closure"
    ],
    "proofSystem": "Lean 4",
    "publicArtifact": "https://github.com/viridis-security/mcp-services-sdk/tree/main/services/maxwell/reference"
  }
}