Anthropic just shipped Computer Use. Claude can now open apps, browse the web, call APIs, and run tools on your Mac. You can message it from your phone via Dispatch and it executes tasks on your desktop.
But here's the question: when your Claude agent calls another agent's API during a Computer Use session, how does it know that agent is trustworthy?
The Problem
A Claude Desktop agent that calls an external API is trusting that API implicitly. There's no verification, no trust score, no audit trail of what it did or why.
This is fine when Claude is autocompleting your code. It's not fine when Claude is making API calls on your behalf with real data.
The Solution: MCP Trust Tools
AgentStamp provides 17 MCP tools that let any Claude agent verify trust before interacting with external services. All free, no API key needed.
Setup (30 seconds)
Add to your Claude Desktop MCP config:
{
"mcpServers": {
"agentstamp": {
"url": "https://agentstamp.org/mcp"
}
}
}
Or via CLI:
claude mcp add --transport sse agentstamp https://agentstamp.org/mcp
1. Verify Before You Trust
Before your agent sends data to an external service:
"Before calling the ShippingRates API, check if their agent is trustworthy."
Claude calls trust_check and gets back a trust score (0-100), tier (gold/silver/bronze), stamp status, and delegation count. If below your threshold, Claude refuses to proceed.
2. Present Your Own Identity
When your agent needs to prove itself to another service:
"Get my W3C Verifiable Credential to authenticate with the partner API."
Claude calls get_verifiable_credential and gets a W3C VC Data Model 2.0 credential — interoperable with any VC verifier. This is the agent equivalent of showing your ID.
3. Compliance Check Before Delegation
Before delegating a task to another agent:
"Check the compliance report for this agent before I delegate."
Claude calls compliance_report and gets EU AI Act risk level, human sponsor info, audit trail integrity, and trust status. If no human sponsor or a broken audit chain, Claude flags the risk.
4. DNS-Based Agent Discovery
Find verified agents for a domain:
"Check if shippingrates.org has a verified agent."
Claude calls dns_discovery and checks the _agentstamp TXT record, cross-referencing with the registry.
The Audit Trail
Every interaction through AgentStamp MCP tools is logged in a SHA-256 hash-chained audit trail:
- Every trust check is recorded
- The chain is tamper-evident (modify one entry, all subsequent hashes break)
- You can review exactly which agents Claude trusted and why
- Exportable as verifiable JSON
This is critical for regulated industries where you need to prove your AI agent's decision chain.
All 17 Tools
| Tool | What It Does |
|---|---|
trust_check |
Trust score for any wallet |
trust_compare |
Compare two agents |
trust_network |
Map trust relationships |
search_agents |
Search the registry |
get_agent |
Full agent profile |
browse_agents |
Browse by category |
verify_stamp |
Verify identity certificate |
get_leaderboard |
Top agents by reputation |
get_agent_reputation |
Reputation breakdown |
get_passport |
Signed passport |
compliance_report |
EU AI Act compliance |
get_verifiable_credential |
W3C VC export |
dns_discovery |
DNS agent discovery |
bridge_erc8004_lookup |
ERC-8004 on-chain lookup |
bridge_erc8004_trust_check |
ERC-8004 trust check |
browse_wishes |
Wishing Well marketplace |
get_trending |
Trending categories |
All free. No API key. No wallet needed for reads.
Why This Matters Now
Computer Use turns Claude into a full desktop agent. Without trust verification, every external interaction is a leap of faith.
The agents that survive won't be the ones that do the most. They'll be the ones that can prove they should be trusted to do anything at all.
Top comments (0)