How do I install Agentlair?

Agentlair supports both local and remote installation. For local use, install it via npm (npx) and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

What credentials does Agentlair need?

Agentlair requires the following credentials or environment variables: AGENTLAIR_API_KEY. You can find setup instructions on the server detail page.

What AI apps work with Agentlair?

Agentlair uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Agentlair MCP Server

by Piiiico

Developer ToolsLow Risk10.0MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

AI agent email, vault, and calendar. Tamper-evident audit trail for EU AI Act compliance.

About

AI agent email, vault, and calendar. Tamper-evident audit trail for EU AI Act compliance.

Remote endpoints: streamable-http: https://agentlair-mcp-server.amdal-dev.workers.dev/mcp

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (2 strong, 4 medium validity signals). No known CVEs in dependencies. ⚠️ Package registry links to a different repository than scanned source. Imported from the Official MCP Registry. Trust signals: trusted author (3/3 approved). 1 finding(s) downgraded by scanner intelligence.

15 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

network_websocket

Check that this permission is expected for this type of plugin.

What You'll Need

Set these up before or after installing:

AgentLair API key. Get one free at https://agentlair.devRequired

Environment variable: AGENTLAIR_API_KEY

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

AgentLair

Give your AI agent an email address, encrypted vault, and a behavioral trust score — one API, no OAuth required.

Capability	Description
Email	Send and receive at `@agentlair.dev`. No OAuth, no human approval required.
Vault	Encrypted credential storage. Client-side AES-GCM — the server stores ciphertext only.
Audit Trail	Every action logged with Ed25519 signatures. Tamper-evident, independently verifiable. Security findings get a permanent public URL — see a verified finding →
Trust Scoring	Behavioral score (0–100) derived from observed actions — consistency, restraint, transparency.
MCP Server	All capabilities available as MCP tools in Claude Code, Cursor, or any MCP client.
Pods	Namespace isolation for multi-agent or multi-tenant deployments.

Try it in 30 seconds

No signup. See what a live trust score response looks like:

# Healthy agent — high trust (score 84, principal level)
curl https://agentlair.dev/v1/demo

{
  "agentId": "acc_demo_healthy_XXXXXXXXXX",
  "score": 84,
  "confidence": 0.91,
  "atfLevel": "principal",
  "trend": "stable",
  "dimensions": {
    "consistency":   { "score": 0.82 },
    "restraint":     { "score": 0.87 },
    "transparency":  { "score": 0.80 }
  },
  "observationCount": 1847
}

# Suspicious agent — score 31, declining trend
curl 'https://agentlair.dev/v1/demo?scenario=suspicious'

# New agent — only 11 observations, wide confidence interval
curl 'https://agentlair.dev/v1/demo?scenario=new'

Rate limited to 10 requests/minute per IP. Response shape matches the live /v1/trust/:agentId endpoint.

Full interactive demo — register a real agent, submit observations, get a live trust score (curl + jq, ~60 seconds):

curl -sL https://raw.githubusercontent.com/piiiico/agentlair/main/examples/quickstart.sh | bash

Register an agent

curl -X POST https://agentlair.dev/v1/auth/agent-register \
  -H "Content-Type: application/json" \
  -d '{"name": "my-research-agent"}'

{
  "api_key": "al_live_...",
  "account_id": "acc_...",
  "email_address": "my-research-agent@agentlair.dev",
  "tier": "free",
  "limits": { "emails_per_day": 10, "requests_per_day": 100 },
  "warning": "Save your API key — it will not be shown again."
}

From here, the agent authenticates with api_key to send email, store credentials, and emit signed audit events.

Quickstart: Add AgentLair to your agent

1. Install

pip install agentlair            # Python
npm install @agentlair/sdk       # TypeScript / Node

2. Set env vars

export AGENTLAIR_API_KEY=al_live_...
export AGENTLAIR_EMAIL=my-agent@agentlair.dev

3. Wire lifecycle hooks

# Python — three integration points
import os, agentlair
lair = agentlair.AgentLair(os.environ["AGENTLAIR_API_KEY"])
addr = os.environ["AGENTLAIR_EMAIL"]

async def on_session_start(ctx):
    result = await lair.email.inbox(addr)
    if result["messages"]:
        ctx.prepend(f"Inbox: {len(result['messages'])} unread")

async def send_message(to, subject, text):  # expose as LLM tool
    await lair.email.send(from_address=addr, to=to, subject=subject, text=text)

async def on_session_end(ctx):  # advance cursor so messages aren't re-delivered
    if ctx.last_message_id:
        await lair.vault.store("inbox_cursor", ctx.last_message_id)

// TypeScript
import { AgentLair } from '@agentlair/sdk';
const lair = new AgentLair(process.env.AGENTLAIR_API_KEY!);
const addr = process.env.AGENTLAIR_EMAIL!;

// Session start — drain inbox before planning
const { messages } = await lair.email.inbox(addr);
if (messages.length) context.prepend(`Inbox: ${messages.length} pending`);

// Expose as tool — let the LLM send replies
const sendMessage = (to: string, subject: string, text: string) =>
  lair.email.send({ from: addr, to, subject, text });

Messages accumulate while offline and drain at next session start. For a complete plugin example (peek+ack, crash-safe delivery): hermes-agentlair.

MCP server

npx @agentlair/mcp@latest

Adds 9 tools to your MCP client: agent registration, email send/receive, vault store/get, audit event emission, and trust score queries.

Agent memory needs a trust layer

Agent memory is real infrastructure. 4-tier memory hierarchies, multi-agent leases, 51+ MCP tools for storing and retrieving across agent sessions. When multiple agents share a memory pool, the category works.

The gap: any agent can write anything to shared memory. No verification of who wrote what, no way to audit contested state, no trust gating on destructive writes. A shared memory pool without identity is a notepad anyone can scribble on.

Every write should be attributable. AgentLair's Agent Attestation Token (AAT) is a short-lived EdDSA JWT carrying the agent's did:web identity and behavioral trust score. Present it as the Authorization header in a memory write — the write is now cryptographically signed and auditable:

import { AgentLair } from '@agentlair/sdk';

const lair = new AgentLair(process.env.AGENTLAIR_API_KEY!);

// Issue a short-lived AAT (5 min) scoped to the memory server
const { token } = await lair.tokens.issue({
  audience: 'memory.internal',
  ttl: 300,
  scopes: ['memory:write'],
});

// Write to shared memory — this write is now attributed and trust-gated
await fetch('https://memory.internal/mcp/memory/write', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${token}`,  // signed agent identity
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    key: 'research/competitor-analysis',
    value: { /* ... */ },
  }),
});

The memory server verifies the AAT via standard JWKS — no AgentLair SDK required on the receiving side. The al_trust claim lets it gate writes by behavioral trust level (e.g., reject writes from agents below junior).

Without AATs: shared memory = shared notepad. Any agent writes anything, contested state has no provenance.
With AATs: shared memory = trust graph. Every write is signed, attributed, and auditable.

SDK

npm install @agentlair/sdk

TypeScript client for the AgentLair API. See agentlair.dev/getting-started.

Free tier

10 emails/day
100 API requests/day
10 email addresses

Pro: $5/stack/month for higher limits.

Architecture

API: Cloudflare Workers — edge-deployed, low latency
State: Cloudflare KV
Vault encryption: Client-side AES-GCM via @agentlair/vault-crypto. The server stores ciphertext only — no plaintext credentials at rest.
Audit trail: Ed25519-signed event chains. Each event is independently verifiable without trusting the server.

We've been running our own agent infrastructure on AgentLair in production. Notes on what broke and what we learned building behavioral trust scoring: agentlair.dev/blog/from-0-to-41-building-behavioral-trust-in-production

Documentation

agentlair.dev/getting-started

AAT × APS boundary (cross-protocol reference)

AgentLair AAT is session identity inside the issuer. AEOESS APS is delegation chains and bilateral receipts after handoff. Three claims bridge the two layers: jti (session anchor on the APS receipt), al_nid (one Ed25519 key signs AATs and APS receipts), and al_trust (issuer-attested behavioral snapshot at iat, available for downgrade-on-import on the APS verifier side).

Jointly maintained reference:

agentlair.dev/docs/aps-boundary (this side)
agent-passport.org/aat-aps-boundary.html (AEOESS side, canonical)

Repository structure

packages/
  worker/          — Core API worker (Cloudflare Workers)
  sdk/             — @agentlair/sdk client library
  mcp-server/      — @agentlair/mcp MCP server
  vault-crypto/    — @agentlair/vault-crypto end-to-end encryption
  verify/          — @agentlair/verify AAT token verification
  email-worker/    — Email processing worker

apps/
  dashboard/       — Agent dashboard UI
  email-channel/   — Email MCP channel

Development

bun install        # install all dependencies
bun run typecheck  # type-check all packages

License

MIT

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Agentlair MCP Server

About

Security Report

Findings (1)

Permissions Required

What You'll Need

How to Install & Connect

Documentation

AgentLair

Try it in 30 seconds

Register an agent

Quickstart: Add AgentLair to your agent

MCP server

Agent memory needs a trust layer

SDK

Free tier

Architecture

Documentation

AAT × APS boundary (cross-protocol reference)

Repository structure

Development

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript