Secure Tool Manifest and Digital Signing Solution for Verifiable MCP and LLM Pipelines
This addresses security and verifiability issues for LLM pipelines in healthcare and finance, representing an incremental improvement over existing protocols like MCP.
The paper tackles the vulnerability of LLM execution pipelines in sensitive domains by proposing a Secure Tool Manifest and Digital Signing Framework, which enforces cryptographically signed manifests and achieves near-perfect acceptance of valid executions while rejecting invalid ones with linear scalability (R-squared = 0.998).
Large Language Models (LLMs) are increasingly adopted in sensitive domains such as healthcare and financial institutions' data analytics; however, their execution pipelines remain vulnerable to manipulation and unverifiable behavior. Existing control mechanisms, such as the Model Context Protocol (MCP), define compliance policies for tool invocation but lack verifiable enforcement and transparent validation of model actions. To address this gap, we propose a novel Secure Tool Manifest and Digital Signing Framework, a structured and security-aware extension of Model Context Protocols. The framework enforces cryptographically signed manifests, integrates transparent verification logs, and isolates model-internal execution metadata from user-visible components to ensure verifiable execution integrity. Furthermore, the evaluation demonstrates that the framework scales nearly linearly (R-squared = 0.998), achieves near-perfect acceptance of valid executions while consistently rejecting invalid ones, and maintains balanced model utilization across execution pipelines.