JSON Schemas

Machine-readable schemas for MCP server bundles and security verification.

MTF

v0.1

mpak Trust Framework security extensions and verification reports.

mtf-extension.json

https://mpaktrust.org/schemas/mtf/v0.1/mtf-extension.json

MTF security extension schema for mcpb manifests. Validates the _meta.org.mpaktrust namespace including permissions, file hashes, signatures, and provenance fields.

Download View Raw
Schema Preview 
{
  "$id": "https://mpaktrust.org/schemas/mtf/v0.1/mtf-extension.json",
  "required": ["mtf_version"],
  "properties": {
    "mtf_version": { "type": "string", "pattern": "^[0-9]+\\.[0-9]+$" },
    "level": { "type": "integer", "minimum": 1, "maximum": 4 },
    "permissions": { "filesystem", "network", "environment", "subprocess", "native" },
    "credentials": [{ "service", "scopes", "justification", "token_lifetime" }],
    "files": [{ "path", "sha256", "size" }],
    "source": { "commit", "signed" },
    "build": { "builder", "reproducible" },
    "signature": { "type", "bundle_path", "signer_identity" },
    "attestation": { "type", "bundle_path" }
  }
}

report.json

https://mpaktrust.org/schemas/mtf/v0.1/report.json

Verification report format from MTF scanners. Includes compliance level, risk score, per-control results, and detailed findings with remediation.

Download View Raw
Schema Preview 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://mpaktrust.org/schemas/mtf/v0.1/report.json",
  "properties": {
    "schemaVersion": { "const": "0.1.0" },
    "bundle": { ... },
    "compliance": {
      "level": 1-4,
      "level_name": "Basic|Standard|Verified|Attested"
    },
    "risk_score": "NONE|LOW|MEDIUM|HIGH|CRITICAL",
    "domains": { ... },
    "findings": [ ... ]
  }
}

MCPB

v0.4

MCP Bundle manifest format for packaging and distributing MCP servers.

manifest.json

https://mpaktrust.org/schemas/mcpb/v0.4/manifest.json

MCPB manifest schema (v0.4). Validates bundle metadata, server configuration, tools, prompts, user config, and compatibility declarations.

Download View Raw
Schema Preview 
{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "required": ["name", "version", "description", "author", "server"],
  "properties": {
    "manifest_version": { "const": "0.4" },
    "name": { "type": "string" },
    "version": { "type": "string" },
    "description": { "type": "string" },
    "author": { "name", "email", "url" },
    "server": { "type", "entry_point", "mcp_config" },
    "tools": [{ "name", "description" }],
    "prompts": [{ "name", "description", "text" }],
    "user_config": { ... },
    "compatibility": { "platforms", "runtimes" }
  }
}

Usage

MTF extends mcpb manifests. Add the extension under _meta.org.mpaktrust:

{
  "manifest_version": "0.4",
  "name": "@myorg/my-mcp-server",
  "version": "1.0.0",
  ...
  "_meta": {
    "org.mpaktrust": {
      "mtf_version": "0.1",
      "level": 2,
      "permissions": { ... }
    }
  }
}

Two-Step Validation

Validation is two-step: first validate the base manifest against the mcpb schema, then validate the MTF extension:

# Step 1: Validate against mcpb schema (ensures bundle can execute)
npx ajv validate -s https://mpaktrust.org/schemas/mcpb/v0.4/manifest.json -d manifest.json

# Step 2: Validate MTF extension (ensures security metadata is correct)
npx ajv validate -s https://mpaktrust.org/schemas/mtf/v0.1/mtf-extension.json -d manifest.json

Note: VEX statements use the OpenVEX specification. MTF does not define a custom VEX schema.