Skip to content
You are offline. Some features may be unavailable.
About CraftedTrust

AI governance evidence with MCP Trust as one product line.

CraftedTrust is the platform frame. MCP Trust is the public registry, scanning, certification, and buyer-proof line for MCP. Runtime Gateway and Touchstone extend the same evidence model into runtime controls and policy research.

AI Governance MCP Trust Research

What CraftedTrust is

CraftedTrust is an AI governance evidence platform. It helps teams inventory AI systems, evaluate external vendors, publish buyer-readable proof, and add stronger runtime evidence where a lighter pre-approval review is not enough.

MCP Trust stays intentionally narrow inside that platform: public registry coverage, scanning, certification, and buyer proof for MCP servers and publishers. Runtime Gateway is the optional runtime layer. Touchstone supplies research, advisories, and control mappings.

How the platform breaks down

Each surface does a different job, but they share one evidence model.

Platform

AI Governance

The operating frame for inventory, vendor diligence, trust publishing, and review-ready evidence.

Public trust line

MCP Trust

Public registry, scans, certification, buyer proof, and ecosystem reporting for MCP servers and publishers.

Runtime layer

Runtime Gateway

Optional runtime telemetry, policy checks, and live evidence for teams that need more than static review.

Research

Touchstone

Policy research, advisories, and control mappings that explain why evidence matters and how to use it well.

Why it is structured this way

Most AI governance work fails when inventory, evaluation, and proof live in separate silos. CraftedTrust keeps those pieces connected. A team can start with inventory and vendor review, use MCP Trust for public MCP evidence, and then add runtime signals only when the risk profile justifies it.

That is also why MCP remains visible. It is a real product line with real public artifacts, not a placeholder buried inside broader governance language.

Independence

Evidence does not get bought

  • Paid review pays for review work, not a passing result.
  • Certification is earned. It is not guaranteed.
  • Research and public findings can still be published when warranted.
Operating limits

The platform supports judgment

  • Scores and evidence are point-in-time signals tied to available coverage.
  • Runtime telemetry is optional because not every deployment needs it.
  • Buyers still decide what is acceptable in their own environment.

Who builds this

CraftedTrust is built by Jeremy Kenitz, founder and operator of CraftedTrust and Cyber Craft Solutions LLC. The work combines hands-on cybersecurity engineering, application and AI security, disclosure work, and operator-friendly system design.

Contact: [email protected]

AI Governance MCP Trust Platform docs