End-to-end integration examples showing cMCP, Agent Manifest, and TRACE working together across deployment scenarios. Each example is self-contained and runnable on a fresh cloud VM. Running them shows how the three projects compose: cMCP enforces policy at the tool call boundary, Agent Manifest carries the identity and capability declaration, and TRACE emits a signed Trust Record for every tool invocation so you can see what the full audit trail looks like in practice.
| Example | What it shows | Platform | Compliance |
|---|---|---|---|
financial-services/ |
Credit risk agent: MiFID II escalation deny above EUR 500k with structured policy advice | SEV-SNP / TDX | EU AI Act Art. 9/12, MiFID II Art. 25, DORA Art. 9 |
healthcare/ |
Clinical decision agent: EU AI Act Art. 14 HITL deny on high-risk treatment plans | SEV-SNP / TDX | EU AI Act Art. 14, HIPAA |
industrial-embodied-ai/ |
Material-movement agent with cMCP authorization, an independent safety-controller boundary and offline-verifiable closed-session evidence | TEE / software-only development mode | OT security and industrial robot safety references |
multi-tenant-saas/ |
Per-tenant Cedar policy bundles and enforcement modes (advisory vs enforcing) | TDX | GDPR Art. 6, customer contract SLA |
startup-tpm/ |
15-minute quickstart on any cloud VM with Trusted Launch | TPM 2.0 | Development / staging |
Each example is fully runnable with no external dependencies: it ships a mock upstream MCP server, an agent script, an attested tool catalog, and a Cedar policy bundle, and ends by printing the signed TRACE Trust Record for the session. The trace-output/ files in each example are captured from real runs.
git clone https://github.com/agentrust-io/examples.git
cd examples/startup-tpm
pip install cmcp-runtime httpx
# Terminal 1: mock upstream MCP server
python server/mock_mcp_server.py
# Terminal 2: the runtime (CMCP_DEV_MODE=1 for machines without a TPM/TEE)
CMCP_DEV_MODE=1 cmcp start --config cmcp-config.yaml
# Terminal 3: one tool call + signed TRACE Trust Record
python agent/echo_agent.pySee startup-tpm/README.md for the full walkthrough.
- Python 3.11+
- An MCP server to protect (existing servers work unchanged)
- For Level 1 attestation: a VM with TPM 2.0, AMD SEV-SNP, or Intel TDX
- For GPU-CC attestation (v0.2): NVIDIA H100/H200 with CC mode enabled
Launching at Confidential Computing Summit, San Francisco, June 23 2026.
Questions, feedback, integration help: Discord.
Apache 2.0