← Index

io.github.g-digital-by-Garrigues/ead-factory

io.github.g-digital-by-Garrigues/ead-factory·v1.1.0·Other

MCP server for EAD Factory: qualified evidence, signature, notifications and chat via AI agents.

In-path gate · all MCP tools

Using io.github.g-digital-by-Garrigues/ead-factory in Claude, Cursor, Gemini CLI, Cline, or Zed?

MCP tool contracts can change remotely with no version bump. The mcpindex gate pins each contract and HOLDs the call when it drifts—before your agent acts. Zero credentials. This is not the package install for this server itself (use Install this server for that).

Install the mcpindex gate (one command)

Rewrites your MCP host config so each server launches behind the gate. Inspect first: curl -fsSL https://mcpindex.ai/install.sh | less

curl -fsSL https://mcpindex.ai/install.sh | sh
Trust verdict · v1 advisory · method
REVIEWstatus: PARTIALfresh until 2026-08-08 04:00 UTC
screened 2026-07-09tier: scannedgranularity: description-levelsource: registry

Semantic screen found no manipulation pattern in the description. Conformance probe not yet run.

mcpindex.integrity.descriptionpassINFO

evidenceNo malicious instructions foundvia static_description

Limits of this verdict
  • - Semantic screen only - the deterministic conformance probe has not run on this server
  • - Confidence is reported but not yet calibrated (v1)
  • - Screen reads the tool description, not the live behavior
  • - advisory
  • - registry description only no input schema
  • - screen model 8b

Semantic screen: an LLM judge reads the tool description for hidden instructions (status PARTIAL). A pass means the description is not lying, not that the tool is safe: a high-capability tool with an honest description still warrants caution. The deterministic conformance probe has not been run on this server yet, so the screen here is semantic-only. Posture: advisory. Confidences are reported but not yet calibrated (calibrated=false at v1). Full verdict history is not shown on this page.

Own this server? Screen its description →

Embed this badge

A live verdict badge for your README or listing. It reflects the current screen, links back here, and updates when the verdict does.

Markdown
[![mcpindex](https://mcpindex.ai/api/v1/badge/io-github-g-digital-by-garrigues-ead-factory)](https://mcpindex.ai/server/io-github-g-digital-by-garrigues-ead-factory)
HTML
<a href="https://mcpindex.ai/server/io-github-g-digital-by-garrigues-ead-factory"><img src="https://mcpindex.ai/api/v1/badge/io-github-g-digital-by-garrigues-ead-factory" alt="mcpindex verdict" height="20" /></a>
Environment variables
MCP_ALLOW_INSECURE_FILE_URL

Set to "true" to allow plain http:// fileUrl downloads in evidence_create (default https-only). Private/internal addresses are rejected regardless (resolution-time check; see the documented DNS TOCTOU limitation in the hosted-deployment runbook).

MCP_ALLOW_UNVERIFIED_BEARER

Escape hatch for MCP_HTTP_PUBLIC=true WITHOUT inbound-token introspection: set to "true" ONLY when an upstream gateway already verifies Bearer tokens. The server logs a prominent warning and forwards tokens upstream unverified.

MCP_ALLOWED_HOSTS

Comma-separated allowed Host headers. Empty = Host validation disabled (default). When set, requests with a Host outside the list are rejected.

MCP_ALLOWED_ORIGINS

Comma-separated allowed browser Origins (DNS-rebinding defense). Empty = reject any request carrying an Origin header; non-browser clients (CLI/SDK) send no Origin and are always allowed. Use '*' to allow all.

MCP_API_BASE_URL

Gateway ROOT URL (e.g. https://api.int.gcloudfactory.com) — each manager's path prefix is appended automatically; do NOT include a manager path here

MCP_API_BASE_URL_CHAT

Full base URL override for the chat manager, used as-is (default: https://api.gcloudfactory.com/chat-bot-manager)

MCP_API_BASE_URL_EVIDENCE

Full base URL override for the evidence manager, used as-is (default: https://api.gcloudfactory.com/digital-trust)

MCP_API_BASE_URL_NOTIFICATION

Full base URL override for the notification manager, used as-is (default: https://api.gcloudfactory.com/notifications)

MCP_API_BASE_URL_SIGNATURE

Full base URL override for the signature manager, used as-is (default: https://api.gcloudfactory.com/signature-manager)

MCP_HTTP_HOST

Interface the HTTP transport binds to. Default 127.0.0.1 (localhost only). Set 0.0.0.0 to expose on all interfaces (containers do this automatically).

MCP_HTTP_MAX_BODY_BYTES

Maximum accepted POST /mcp request-body size in bytes (default 16777216 = 16 MiB — sized so base64 file uploads within the documented tool limits fit). Oversized requests get a 413 JSON-RPC error before/while reading — closes a memory-exhaustion DoS vector in public deployments. Note: base64 file sources are capped by this limit BEFORE MCP_FILE_MAX_BYTES applies.

MCP_HTTP_PUBLIC

Set to "true" for public/multi-tenant deployments. Activates Host validation and refuses to start unless (1) MCP_ALLOWED_ORIGINS or MCP_ALLOWED_HOSTS is set AND (2) inbound Bearer introspection is configured (MCP_SVC_INTROSPECT_URL + MCP_SVC_CLIENT_ID/SECRET) or MCP_ALLOW_UNVERIFIED_BEARER=true is set explicitly (fail-closed).

MCP_SVC_CLIENT_ID
required

OAuth2 client_credentials client ID

MCP_SVC_CLIENT_SECRET
requiredsecret

OAuth2 client_credentials client secret (See https://digitaltrust.gcloudfactory.com for credential acquisition.)

MCP_SVC_INTROSPECT_URL

RFC 7662 token introspection URL for inbound Bearer verification in HTTP mode. Opt-in — reuses the service-account client id/secret above as the resource-server credentials.

MCP_SVC_SCOPE

Optional OAuth2 scope for the service-account token request

MCP_SVC_TOKEN_URL
required

Token endpoint URL for the OAuth2 client_credentials flow

PORT

HTTP port when running in hosted (HTTP) mode; ignored in stdio mode

MCP quality score · maturity, not trust · methodology
freshness
25
completeness
10
installability
25
documentation
15
stability
10
Alternatives in Other