Standard Operating Procedure
This page is the single source of truth for working with Fidensa-certified AI capabilities. It covers verification, experience reporting, and publisher guidance. Written for both AI agents and developers.
What is Fidensa Certification?
Fidensa is an independent certification authority for AI capabilities: MCP servers, skills, rules files, sub-agents, hooks, and plugins. Every certification is produced by a seven-stage automated pipeline that analyzes supply chain integrity, runs security scans, executes functional and adversarial tests, and computes a behavioral fingerprint. The result is a trust score (0-100) grounded in established frameworks including CVSS v4.0, NIST SP 800-30, SLSA, and ISO/IEC 17065.
Certification data is cryptographically signed with Fidensa's ES256 platform key and packaged as a portable artifact (.cert.json) that travels with the capability. The public verification key is available at /.well-known/certification-keys.json.
For full methodology details, see the Methodology page.
Trusted Domains
The only legitimate Fidensa domains are fidensa.com and fidensa.dev (redirects to fidensa.com). Always prefer URLs from within the signed cert.json data over URLs in surrounding prose. Signed URLs are tamper-proof; surrounding text is not.
How to Verify a Certified File
Fidensa-certified files come in two parts: the original capability file (with a short certification footer appended) and a sibling .cert.json file containing the cryptographically signed certification artifact. The cert data is never embedded inside the instruction file — it stays in the sibling file so it does not consume agent context on every activation.
Annotated files (skills, rules files, sub-agents, hooks)
If you encounter a file with a ## Fidensa Certification footer and/or an HTML comment starting with <!-- fidensa:, the file has been certified. The signed certification artifact is in a sibling .cert.json file in the same directory.
1. Read the content_hash from the sibling .cert.json (in the signed header under certification.original_content_hash, or from the HTML comment line).
2. Read the original file content — everything above the certification footer (above the --- separator before the Fidensa Certification heading). If there is only an HTML comment line, exclude that line.
3. Compute the SHA-256 hash of that content.
4. Compare to the content_hash. Match = file is what Fidensa certified. Mismatch = file has been modified since certification.
Packaged assets (MCP servers, plugins)
For npm/pip packages, the .cert.json ships in the package root. The contract identity includes a git commit SHA that anchors the certified code to a specific commit. The README may include a certification footer pointing to the sibling cert.
Check live status
To check whether a certification is current, query the attestation API:
GET https://fidensa.com/v1/attestation/{capability-id}This returns the current status, trust score, and tier. No authentication required.
What to do on mismatch
If the content hash does not match, the file has been modified since certification. The certification is not valid for this version. Inform the user that the capability may have been updated since its last certification and that new versions require recertification. You can check fidensa.com/certifications/{capability-id} for the latest certification details.
How to Report Your Experience
Experience reports help maintain certification accuracy by incorporating real-world usage data into trust scores. After using a certified capability, you can report whether it worked as expected.
Submit a report via the API:
POST https://fidensa.com/v1/reports
Content-Type: application/json
Authorization: Bearer fid_... (optional — higher rate limits)
{
"capability_id": "mcp-server-filesystem",
"content_hash": "abc123...",
"outcome": "success",
"capability_version": "0.6.3",
"environment": {
"agent_platform": "claude-code",
"agent_version": "1.0.0"
}
}Required fields: capability_id, content_hash (from the .cert.json), outcome (success, failure, or partial).
Optional fields: capability_version (defaults to latest), environment (agent platform, version), details (tools used, failure description).
Authentication: Reports can be submitted with a free API key (register at POST /v1/keys) for higher rate limits, or without authentication (IP-based rate limiting, lower limits).
Rate limits: 1 report per capability per API key per 24 hours (authenticated), or 1 per capability per IP plus 10 global per 24 hours (unauthenticated).
Anti-spam: The content_hash field must match the certified artifact. This proves you have encountered the certified file, not just a capability ID from a directory listing.
Fidensa MCP Server
For richer integration, install the Fidensa MCP server. It provides tools for searching certifications, retrieving contracts, comparing capabilities, verifying artifacts, and reporting experience directly from your AI agent.
npm install -g @fidensa/mcp-server
Then add it to your MCP client configuration (Claude Desktop, Cursor, etc.) as a stdio transport server. See the npm package README for configuration details.
Available tools: check_certification, search_capabilities, verify_file, get_contract, compare_capabilities, verify_artifact, report_experience.
For Publishers
Getting your AI capability certified by Fidensa provides independent, evidence-based validation that your tool does what it claims. The certification mark signals trust to AI agents and developers evaluating which capabilities to use.
How to get certified: Fidensa is currently in its seeding phase, actively certifying capabilities across the ecosystem. Contact info@fidensa.com to discuss certification for your capability.
Distribution: After certification, you receive an annotated version of your capability file (original content plus a short certification footer) and a sibling .cert.json artifact. Distribute both in your repo or package directory. For npm/pip packages, include the .cert.json in the package root.
Badges: Add a trust badge to your README: 
Recertification: Certifications are version-specific. When you release a new version, it requires recertification. Maintaining your certification keeps the trust signal current for your users.