mcp.sigil.tunnelmind.ai
What it offers — 12 tools · Developer Tools
cross_lens_verifyA2 — the cross-lens join. Fuse TunnelMind's two lenses (Scry attacker intelligence + Sigil supply graph) into ONE verdict on a single node key. This i
sigil_verify_supply_pathThe core pre-bid check. Verify the trustworthiness of one programmatic ad supply path and get back a composite trust verdict plus a signed proof token
sigil_verify_ads_txtCheck whether an exchange/SSP is authorized to sell a publisher's inventory, per the publisher's ads.txt file. Fast cached lookup against Sigil's dail
sigil_verify_ip_typeClassify an IPv4 address as datacenter, residential, mobile, or unknown. Detects datacenter traffic posing as real user devices. Stateless — the IP is
sigil_verify_app_bundleVerify that a mobile/CTV app bundle ID actually exists in its app store and, optionally, that the listed developer matches. Detects bundle-ID spoofing
sigil_verify_supply_chainVerify a full OpenRTB SupplyChain (schain) object — every node, end to end. Per node Sigil checks the seller against the exchange sellers.json and the
traverse_supply_chainWalk the supply graph for a publisher domain and get back the ITEMIZED sell paths — distinct from sigil_verify_supply_chain (which verifies a schain y
sigil_score_entityGet the pre-computed trust score for one supply-chain entity (a publisher or an SSP). Scores are recomputed daily from ads.txt health, supply-chain di
sigil_score_batchPre-computed trust scores for up to 200 entities in one call — built for an agent evaluating many supply sources during campaign setup. Use this tool
sigil_atap_register_aitRegister an ATAP v0.1 Agent Identity Token for a media-buying agent. Sigil validates the capabilities + constraints against the `sigil:media_buyer:v1`
sigil_atap_witnessWitness one agent-reported bid or budget event into an AIT's hash-chained attestation log. Sigil validates the payload (rejecting any PII), classifies
sigil_generate_receiptGenerate the ATAP v0.1 compliance Receipt for an AIT — the portable, signed artifact a media buyer hands its principal. The receipt grades every event
- ✓ initialize → protocolVersion 2025-03-26
- ✓ initialize HTTP 200
- ✓ unknown method → -32601
- ✓ tools/list → 12 tools
- ✓ every tool has name + inputSchema
- 12 tools scanned
- no injection markup
- no secret-path refs
- single-probe latency 2364ms (PRELIMINARY — continuous uptime/p95 from proxy telemetry lands in v2)
- 100% of tools have typed inputSchema
- 0/12 declare outputSchema
- no unannotated destructive tools
- HTTPS ✓
- advertises protocol 2025-03-26
Observed behavior
No proxied traffic observed for this host yet. Connect it at /connect and its grade gains a measured Reliability score + per-tool behavioral evidence — the half a static scan can't produce.
Findings
We re-grade mcp.sigil.tunnelmind.ai on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.
Share this report card
A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.
Embed this grade
A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.
[](https://wmcp.sh/mcp/grade/mcp.sigil.tunnelmind.ai)
<a href="https://wmcp.sh/mcp/grade/mcp.sigil.tunnelmind.ai"><img src="https://wmcp.sh/mcp/grade/mcp.sigil.tunnelmind.ai/badge.svg" alt="MCP Trust Grade B+ · wmcp.sh"></a>
Agents: check this before connecting
Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:
https://wmcp.sh/mcp/trust
readOnly vs observed behavior) layer on via the wmcp.sh proxy.