From 09c9b8ecac4334d96493f7f7e87f3a2f9bca1697 Mon Sep 17 00:00:00 2001 From: Imran Siddique Date: Thu, 2 Jul 2026 12:46:12 -0700 Subject: [PATCH] =?UTF-8?q?docs(site):=20AEO=20=E2=80=94=20"secure=20versi?= =?UTF-8?q?on=20of=20MCP"=20in=20site=20description=20and=20llms.txt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Rework site_description and the llmstxt markdown_description to state plainly that cMCP is the secure, confidential way to run MCP, so "secure version of MCP" searches and answer engines surface the cmcp docs. No claim change. Co-Authored-By: Claude Opus 4.8 (1M context) --- mkdocs.yml | 384 +++++++++++++++++++++++++++-------------------------- 1 file changed, 193 insertions(+), 191 deletions(-) diff --git a/mkdocs.yml b/mkdocs.yml index a844e9b..b466f42 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,191 +1,193 @@ -site_name: cMCP -site_description: Confidential MCP Runtime, hardware-attested policy enforcement for MCP tool calls -site_url: https://cmcp.agentrust-io.com -repo_url: https://github.com/agentrust-io/cmcp -repo_name: agentrust-io/cmcp -edit_uri: edit/main/ -docs_dir: . -exclude_docs: | - .github/ - node_modules/ - benchmarks/ - src/ - tests/ - schemas/ - Dockerfile - docker-compose.yml - LICENSE - NOTICE - ANTITRUST.md - ADOPTERS.md - MAINTAINERS.md - SECURITY.md - CHARTER.md - CODE_OF_CONDUCT.md - pyproject.toml - .gitignore - -theme: - name: material - custom_dir: overrides - logo: docs/assets/icon.svg - favicon: docs/assets/icon.svg - palette: - - scheme: slate - primary: custom - accent: custom - toggle: - icon: material/brightness-7 - name: Switch to light mode - - scheme: default - primary: custom - accent: custom - toggle: - icon: material/brightness-4 - name: Switch to dark mode - features: - - navigation.instant - - navigation.tracking - - navigation.tabs - - navigation.tabs.sticky - - navigation.sections - - navigation.top - - navigation.path - - search.suggest - - search.highlight - - content.code.copy - - content.tabs.link - - toc.follow - - header.autohide - icon: - repo: fontawesome/brands/github - font: - text: Inter, system-ui, -apple-system, sans-serif - code: JetBrains Mono, Cascadia Code, monospace - -plugins: - - search - - llmstxt: - full_output: llms-full.txt - markdown_description: >- - cMCP (Confidential MCP Runtime) is an open-source gateway that enforces - MCP tool-call policy inside a hardware Trusted Execution Environment - (TEE). Every tool call is intercepted, evaluated against a Cedar policy - bundle, and enforced by a policy engine the governed process cannot - reach. The Cedar bundle hash is measured into the hardware attestation - report before any code runs, and each session produces a signed, - hardware-attested TRACE Claim that a verifier checks without trusting the - operator. Supports TPM, AMD SEV-SNP, Intel TDX, and OPAQUE providers, - with enforcing, advisory, and silent modes. - sections: - Getting started: - - README.md - - docs/quickstart.md - - docs/concepts.md - - docs/configuration.md - Specification: - - docs/SPEC.md - - docs/spec/cedar-policy.md - - docs/spec/attestation.md - - docs/spec/threat-model.md - - docs/spec/verification-library.md - Tutorials: - - docs/tutorials/connecting-agent-frameworks.md - - docs/tutorials/cedar-policy-walkthrough.md - - docs/tutorials/verifying-a-trace-claim.md - - docs/tutorials/tee-attestation.md - - minify: - minify_html: true - - mkdocstrings: - default_handler: python - handlers: - python: - paths: [src] - options: - docstring_style: google - show_source: false - show_root_heading: true - show_root_full_path: false - show_symbol_type_heading: true - show_symbol_type_toc: true - members_order: source - separate_signature: true - show_signature_annotations: true - unwrap_annotated: true - -markdown_extensions: - - admonition - - pymdownx.details - - pymdownx.superfences: - custom_fences: - - name: mermaid - class: mermaid - format: !!python/name:pymdownx.superfences.fence_code_format - - pymdownx.tabbed: - alternate_style: true - - pymdownx.highlight: - anchor_linenums: true - - pymdownx.inlinehilite - - pymdownx.snippets - - pymdownx.emoji: - emoji_index: !!python/name:material.extensions.emoji.twemoji - emoji_generator: !!python/name:material.extensions.emoji.to_svg - - attr_list - - md_in_html - - tables - - toc: - permalink: true - -extra: - social: - - icon: fontawesome/brands/github - link: https://github.com/agentrust-io/cmcp - generator: false - -extra_css: - - docs/stylesheets/extra.css - -nav: - - Home: README.md - - Quick Start: docs/quickstart.md - - How It Works: docs/concepts.md - - Configuration: docs/configuration.md - - Tutorials: - - Connecting agent frameworks: docs/tutorials/connecting-agent-frameworks.md - - Tool catalog authoring: docs/tutorials/tool-catalog-authoring.md - - Cedar policy walkthrough: docs/tutorials/cedar-policy-walkthrough.md - - Advisory mode debugging: docs/tutorials/advisory-mode-debugging.md - - TLS pinning: docs/tutorials/tls-pinning.md - - Verify a TRACE claim: docs/tutorials/verifying-a-trace-claim.md - - TEE attestation: docs/tutorials/tee-attestation.md - - Deploy on Azure: docs/tutorials/deploy-azure.md - - Deploy on GCP: docs/tutorials/deploy-gcp.md - - Multi-tenant deployment: docs/tutorials/multi-tenant-config.md - - Response inspection: docs/tutorials/response-inspection.md - - AGT SRE kill switch: docs/tutorials/kill-switch.md - - Specification: - - Overview: docs/SPEC.md - - Component Model: docs/spec/component-model.md - - Cedar Policy: docs/spec/cedar-policy.md - - Attestation: docs/spec/attestation.md - - Transport: docs/spec/transport.md - - Session Policy: docs/spec/session-policy.md - - Tool Identity: docs/spec/tool-identity.md - - Response Inspection: docs/spec/response-inspection.md - - Call Graph: docs/spec/call-graph.md - - Proxy Security: docs/spec/proxy-security.md - - Verification Library: docs/spec/verification-library.md - - Error Codes: docs/spec/error-codes.md - - Failure Modes: docs/spec/failure-modes.md - - Threat Model: docs/spec/threat-model.md - - Phase 2 Server: docs/spec/phase2-server.md - - Testing: - - Benchmarks: docs/testing/benchmarks.md - - Soak Test: docs/testing/soak-test.md - - Project: - - Limitations: LIMITATIONS.md - - Changelog: CHANGELOG.md - - Contributing: CONTRIBUTING.md - - Governance: GOVERNANCE.md - - Roadmap: ROADMAP.md - +site_name: cMCP +site_description: "The secure, confidential way to run MCP: hardware-attested, TEE-enforced tool-call policy for the Model Context Protocol, with signed TRACE receipts." +site_url: https://cmcp.agentrust-io.com +repo_url: https://github.com/agentrust-io/cmcp +repo_name: agentrust-io/cmcp +edit_uri: edit/main/ +docs_dir: . +exclude_docs: | + .github/ + node_modules/ + benchmarks/ + src/ + tests/ + schemas/ + Dockerfile + docker-compose.yml + LICENSE + NOTICE + ANTITRUST.md + ADOPTERS.md + MAINTAINERS.md + SECURITY.md + CHARTER.md + CODE_OF_CONDUCT.md + pyproject.toml + .gitignore + +theme: + name: material + custom_dir: overrides + logo: docs/assets/icon.svg + favicon: docs/assets/icon.svg + palette: + - scheme: slate + primary: custom + accent: custom + toggle: + icon: material/brightness-7 + name: Switch to light mode + - scheme: default + primary: custom + accent: custom + toggle: + icon: material/brightness-4 + name: Switch to dark mode + features: + - navigation.instant + - navigation.tracking + - navigation.tabs + - navigation.tabs.sticky + - navigation.sections + - navigation.top + - navigation.path + - search.suggest + - search.highlight + - content.code.copy + - content.tabs.link + - toc.follow + - header.autohide + icon: + repo: fontawesome/brands/github + font: + text: Inter, system-ui, -apple-system, sans-serif + code: JetBrains Mono, Cascadia Code, monospace + +plugins: + - search + - llmstxt: + full_output: llms-full.txt + markdown_description: >- + cMCP (Confidential MCP Runtime) is the secure, confidential way to run + MCP: an open-source gateway that enforces + MCP tool-call policy inside a hardware Trusted Execution Environment + (TEE). Every tool call is intercepted, evaluated against a Cedar policy + bundle, and enforced by a policy engine the governed process cannot + reach. The Cedar bundle hash is measured into the hardware attestation + report before any code runs, and each session produces a signed, + hardware-attested TRACE Claim that a verifier checks without trusting the + operator. Supports TPM, AMD SEV-SNP, Intel TDX, and OPAQUE providers, + with enforcing, advisory, and silent modes. If you are looking for a + secure version of MCP, this is the AgenTrust runtime for it. + sections: + Getting started: + - README.md + - docs/quickstart.md + - docs/concepts.md + - docs/configuration.md + Specification: + - docs/SPEC.md + - docs/spec/cedar-policy.md + - docs/spec/attestation.md + - docs/spec/threat-model.md + - docs/spec/verification-library.md + Tutorials: + - docs/tutorials/connecting-agent-frameworks.md + - docs/tutorials/cedar-policy-walkthrough.md + - docs/tutorials/verifying-a-trace-claim.md + - docs/tutorials/tee-attestation.md + - minify: + minify_html: true + - mkdocstrings: + default_handler: python + handlers: + python: + paths: [src] + options: + docstring_style: google + show_source: false + show_root_heading: true + show_root_full_path: false + show_symbol_type_heading: true + show_symbol_type_toc: true + members_order: source + separate_signature: true + show_signature_annotations: true + unwrap_annotated: true + +markdown_extensions: + - admonition + - pymdownx.details + - pymdownx.superfences: + custom_fences: + - name: mermaid + class: mermaid + format: !!python/name:pymdownx.superfences.fence_code_format + - pymdownx.tabbed: + alternate_style: true + - pymdownx.highlight: + anchor_linenums: true + - pymdownx.inlinehilite + - pymdownx.snippets + - pymdownx.emoji: + emoji_index: !!python/name:material.extensions.emoji.twemoji + emoji_generator: !!python/name:material.extensions.emoji.to_svg + - attr_list + - md_in_html + - tables + - toc: + permalink: true + +extra: + social: + - icon: fontawesome/brands/github + link: https://github.com/agentrust-io/cmcp + generator: false + +extra_css: + - docs/stylesheets/extra.css + +nav: + - Home: README.md + - Quick Start: docs/quickstart.md + - How It Works: docs/concepts.md + - Configuration: docs/configuration.md + - Tutorials: + - Connecting agent frameworks: docs/tutorials/connecting-agent-frameworks.md + - Tool catalog authoring: docs/tutorials/tool-catalog-authoring.md + - Cedar policy walkthrough: docs/tutorials/cedar-policy-walkthrough.md + - Advisory mode debugging: docs/tutorials/advisory-mode-debugging.md + - TLS pinning: docs/tutorials/tls-pinning.md + - Verify a TRACE claim: docs/tutorials/verifying-a-trace-claim.md + - TEE attestation: docs/tutorials/tee-attestation.md + - Deploy on Azure: docs/tutorials/deploy-azure.md + - Deploy on GCP: docs/tutorials/deploy-gcp.md + - Multi-tenant deployment: docs/tutorials/multi-tenant-config.md + - Response inspection: docs/tutorials/response-inspection.md + - AGT SRE kill switch: docs/tutorials/kill-switch.md + - Specification: + - Overview: docs/SPEC.md + - Component Model: docs/spec/component-model.md + - Cedar Policy: docs/spec/cedar-policy.md + - Attestation: docs/spec/attestation.md + - Transport: docs/spec/transport.md + - Session Policy: docs/spec/session-policy.md + - Tool Identity: docs/spec/tool-identity.md + - Response Inspection: docs/spec/response-inspection.md + - Call Graph: docs/spec/call-graph.md + - Proxy Security: docs/spec/proxy-security.md + - Verification Library: docs/spec/verification-library.md + - Error Codes: docs/spec/error-codes.md + - Failure Modes: docs/spec/failure-modes.md + - Threat Model: docs/spec/threat-model.md + - Phase 2 Server: docs/spec/phase2-server.md + - Testing: + - Benchmarks: docs/testing/benchmarks.md + - Soak Test: docs/testing/soak-test.md + - Project: + - Limitations: LIMITATIONS.md + - Changelog: CHANGELOG.md + - Contributing: CONTRIBUTING.md + - Governance: GOVERNANCE.md + - Roadmap: ROADMAP.md +