Agent-first e-signature MCP server with **offline PAdES signing** and hash-chained audit. The same 19 tools / 4 prompts / 12 resources are reachable via stdio (`npx @drbaher/sign-cli mcp serve`) for local agents and over HTTP for remote ones. **Architectural claim:** an LLM agent can drive every step of a contract workflow except the actual signing gesture, which stays gated behind a human via per-signer approval tokens (TTL-bounded, scoped to one email, single-use). Pre-sign safety checks (`--require-hash`, `--require-title`, `--require-signer-email`) throw structured errors *before* any state mutation — so an agent that computed a hash earlier can refuse to sign if the document was swapped mid-flight. **Highlights:** - Fully-offline PAdES signer (real PKCS#7, self-issued X.509) - Hash-chained audit log with append-only DB triggers + RFC 3161 timestamping - Read-only mode (`--read-only true`) returns `FORBIDDEN_READ_ONLY` for mutating tools - Multi-provider routing (local / Dropbox Sign / DocuSign / SignWell) - Pre-sign signature visibility (`existingSignatures` on every fetch) - Tool allow-list + capability scoping for sandboxed agents This Smithery deployment runs in **read-only mode** against an ephemeral SQLite that wipes every 4 hours — safe to explore, not for production signing. For local agent use, install via `npm i -g @drbaher/sign-cli`. MIT-licensed. No telemetry. Source: github.com/DrBaher/sign-cli. Showcase: cli.drbaher.com.
How to connect
https://server.smithery.ai/drbaher/sign-cli/mcpcurl -X POST https://server.smithery.ai/drbaher/sign-cli/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}'