MCP Content Credentials Server
Enables reading and verifying C2PA Content Credentials from images and videos through both embedded manifests and invisible watermarks. Supports direct filesystem access, URL checking, and provides structured provenance data including creator identity, AI generation info, and content authenticity.
README
MCP Content Credentials Server
MCP (Model Context Protocol) server for reading C2PA Content Credentials from images and videos. Detects credentials from both embedded manifests and invisible watermarks.
Features
- š Embedded C2PA Detection - Read manifests from file metadata
- š TrustMark Watermark Detection - Detect credentials in image pixels (survives social media!)
- š URL Support - Check credentials from web URLs
- š Direct Filesystem Access - Claude can browse your directories
- ā” Smart Detection - Checks embedded first, watermark as fallback
- š¤ Automatic Installation - Zero configuration setup
- š Structured Output - Human-readable parsed data
- š”ļø Production Ready - Full error handling and logging
- š REST API - HTTP endpoints for ChatGPT and web integration
Quick Start
# 1. Clone
git clone https://github.com/noga7/mcp-content-credentials.git
cd mcp-content-credentials
# 2. Install (automatic: installs c2patool + TrustMark)
npm install
# 3. Build
npm run build
# 4. Configure Claude Desktop
# Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"content-credentials": {
"command": "node",
"args": ["/absolute/path/to/mcp-content-credentials/build/index.js"]
}
}
}
# 5. Restart Claude Desktop
# Optional: Start REST API for ChatGPT/web access
npm run start:api
# Server runs on http://localhost:3000
REST API (for ChatGPT & Web Apps)
Want to use this with ChatGPT or your own web app? Start the HTTP REST API:
npm run start:api
The server runs on http://localhost:3000. See REST-API.md for full documentation.
For ChatGPT: Use ngrok to expose your local server, or deploy to Render/Railway. See REST-API.md for instructions.
# Quick test
curl "http://localhost:3000/verify-url?url=https://example.com/image.jpg"
Prerequisites
- Node.js v18+
- Python 3.8.5+ (for TrustMark watermarks)
All other dependencies auto-install during npm install:
- ā c2patool (Homebrew on macOS, binary on Linux)
- ā TrustMark Python package (via pip)
Manual Installation (if auto-install fails)
# c2patool
brew install contentauth/tools/c2patool # macOS
# TrustMark
pip3 install trustmark Pillow
# Or retry auto-install
npm run install-deps
Usage
Check a Specific File
"Check content credentials in ~/Desktop/photo.jpg"
"Is this image AI-generated?"
"Who created /Users/you/Downloads/image.png?"
Browse Directories
"What images are in my Desktop?"
"Check my Downloads for Content Credentials"
"Find AI-generated images in my Pictures"
Check URLs
"Check credentials at https://example.com/image.jpg"
How It Works
Detection Flow
1. Check Embedded C2PA Manifest (fast: ~150ms)
ā
Found? ā Return immediately ā
ā
2. Check TrustMark Watermark (slower: ~600ms)
ā
Found? ā Return watermark data ā
ā
3. Neither found ā "No Content Credentials found" ā
Why This Order?
- Performance: 80% of credentialed images have embedded manifests
- Speed: Skip expensive watermark check when not needed
- Completeness: Still catch stripped metadata via watermarks
TrustMark Watermarks
Invisible watermarks embedded in image pixels that:
- ā Survive JPEG compression
- ā Persist through social media uploads (Instagram, Twitter)
- ā Work after print-scan cycles
- ā Remain when metadata is stripped
Supported Formats
Images: JPEG, PNG, WebP, GIF, TIFF, AVIF, HEIC
Video: MP4, MOV
API Response
{
success: boolean;
hasCredentials: boolean;
// Embedded C2PA data
manifestData?: {
whoThisComesFrom?: {
linkedInIdentity?: { name, profileUrl, verified }
otherIdentities?: [{ name, socialAccounts }]
};
aboutThisContent?: {
actions?: [{ action, softwareAgent, when }]
genAIInfo?: { generative, training, model }
};
aboutTheseCredentials?: { claimSigner, timestamp };
validationInfo?: { certificate, trustInfo };
};
// Watermark data (if no embedded found)
trustMarkData?: {
identifier: string; // Watermark payload
schema: string; // BCH_SUPER, BCH_5, etc.
manifestUrl?: string; // URL to full manifest
};
error?: string;
}
Filesystem Access
Claude can browse these directories automatically:
~/Desktop~/Downloads~/Documents~/Pictures
No need to provide exact paths! Just ask:
- "What images are in my Desktop?"
- "Check recent downloads"
Development
npm run build # Compile TypeScript
npm run dev # Development mode
npm run lint # Check code quality
npm run test # Run tests
npm run precommit # Full quality check
Architecture
mcp-content-credentials/
āāā src/
ā āāā index.ts # MCP server + filesystem access
ā āāā c2pa-service.ts # Detection orchestration
ā āāā trustmark-service.ts # Watermark detection (Python)
ā āāā parsers/ # Data formatters
ā āāā types/ # TypeScript definitions
āāā scripts/
ā āāā install-trustmark.cjs # Auto-installer
ā āāā trustmark-decode.py # Python watermark decoder
āāā build/ # Compiled output
Troubleshooting
"Unable to access that file"
- Restart Claude Desktop (most common fix!)
- Use absolute paths:
/Users/you/...not~/... - Verify MCP is connected: Ask "What tools do you have?"
"c2patool: command not found"
brew install contentauth/tools/c2patool # macOS
# or
npm run install-deps
"Python or TrustMark not found"
pip3 install trustmark Pillow
# or
npm run install-deps
No Content Credentials Found
This is normal! The file either:
- Wasn't created with content authentication
- Had credentials removed
- Is a screenshot/copy without provenance
Performance
- Embedded check: ~150ms (fast path, 80% of cases)
- + Watermark check: ~600ms (fallback, 20% of cases)
- First watermark: ~30s (downloads ONNX model, one-time)
Security
- ā Read-only filesystem access
- ā Limited to user directories (Desktop, Downloads, etc.)
- ā Input validation on all paths and URLs
- ā Temporary files auto-deleted
- ā No access to hidden/system files
Contributing
See CONTRIBUTING.md
Resources
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.