Model Context Protocol (MCP) Server for QWED Verification
QWED-MCP brings deterministic verification to Claude Desktop, VS Code, and any MCP-compatible AI assistant. Instead of trusting LLMs to compute correctly, QWED-MCP provides a sandboxed Python execution environment with access to all QWED SDK verification libraries.
Use QWED-MCP when you need MCP security, tool call verification, skill supply chain protection, and deterministic enforcement around Model Context Protocol actions.
Why QWED-MCP?
The problem
LLMs are powerful but unreliable for:
- Mathematical calculations - They approximate, don’t compute
- Logical reasoning - They guess patterns, don’t prove
- Code security - They miss edge cases, don’t analyze
- SQL queries - They don’t validate, just generate
The solution
QWED-MCP gives AI assistants access to deterministic verification through a single execute_python_code tool. The LLM writes a Python script that imports the appropriate QWED SDK, and the MCP server runs it in a sandboxed subprocess.
| Without QWED-MCP | With QWED-MCP |
|---|
| Claude calculates → 95% correct | Executes Python script calling qwed_new math engine → 100% correct |
| Claude writes SQL → might inject | Script uses qwed_new SQL analyzer → injection detected |
| Claude reasons → might be wrong | Z3 solver executed via SDK → formally proven |
| Claude codes → might be unsafe | AST check script executed → security checked |
How it works
┌─────────────────────────────────────────────────────────────┐
│ Your AI Application │
│ ┌─────────────────┐ ┌─────────────────────────────┐ │
│ │ Claude Desktop │ │ VS Code + Copilot │ │
│ │ or any MCP │ │ or any MCP Client │ │
│ │ compatible │ │ │ │
│ └────────┬────────┘ └──────────────┬──────────────┘ │
└───────────┼─────────────────────────────────┼───────────────┘
│ │
│ MCP Protocol │
│ (JSON-RPC over stdio) │
▼ ▼
┌──────────────────────────────────────────────────────────────┐
│ QWED-MCP Server (v0.2.0) │
├──────────────────────────────────────────────────────────────┤
│ │
│ ┌────────────────────────────────────────────────────────┐ │
│ │ execute_python_code │ │
│ │ ├─► Synchronous Execution (30s timeout) │ │
│ │ └─► Background Execution (background=true) │ │
│ │ └─► Async Job Queue (up to 5 concurrent) │ │
│ │ └─► Native QWED library execution │ │
│ │ ├── qwed_new (math, logic, code, SQL) │ │
│ │ ├── qwed_legal (deadlines, citations,..) │ │
│ │ ├── qwed_finance (banking, ISO 20022) │ │
│ │ └── qwed_ucp (commerce verification) │ │
│ ├────────────────────────────────────────────────────────┤ │
│ │ verification_status │ │
│ │ └─► Poll background job results by job_id │ │
│ └────────────────────────────────────────────────────────┘ │
│ │
└──────────────────────────────────────────────────────────────┘
| Tool | Description | Use case |
|---|
execute_python_code | Subprocess execution | The primary entry point for all QWED capabilities. Executes dynamically generated Python code with access to all QWED SDK libraries. Supports optional background=true for async execution. |
verification_status | Job status polling | Check the status and results of background verification jobs dispatched via execute_python_code with background=true. |
In v0.1.x, QWED-MCP exposed individual tools like verify_math, verify_logic, verify_code, and verify_sql. These were consolidated into execute_python_code in v0.2.0 to solve context bloat (RFC-9728 compatibility). See migration guide.
Installation
From PyPI (recommended)
From source
git clone https://github.com/QWED-AI/qwed-mcp.git
cd qwed-mcp
pip install -e .
Verify installation
qwed-mcp --version
# qwed-mcp 0.2.0
Quick start
Claude Desktop setup
- Find your config file:
- Windows:
%APPDATA%\Claude\claude_desktop_config.json
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json
- Linux:
~/.config/Claude/claude_desktop_config.json
- Add QWED-MCP server:
{
"mcpServers": {
"qwed-verification": {
"command": "qwed-mcp",
"env": {
"QWED_MCP_TRUSTED_CODE_EXECUTION": "true"
}
}
}
}
- Restart Claude Desktop
- Test it! Ask Claude:
“Write a Python script that verifies a $10,000 investment at 7.5% for 5 years using the compound interest formula, and run it using execute_python_code.”
VS Code setup
- Install MCP extension (if not already)
- Add to settings.json:
{
"mcp.servers": {
"qwed-verification": {
"command": "qwed-mcp",
"env": {
"QWED_MCP_TRUSTED_CODE_EXECUTION": "true"
}
}
}
}
- Restart VS Code
Python client
You can also use QWED-MCP programmatically:
import asyncio
from mcp import ClientSession, StdioServerParameters
from mcp.client.stdio import stdio_client
async def main():
server_params = StdioServerParameters(
command="qwed-mcp",
env={"QWED_MCP_TRUSTED_CODE_EXECUTION": "true"}
)
async with stdio_client(server_params) as (read, write):
async with ClientSession(read, write) as session:
await session.initialize()
# List available tools
tools = await session.list_tools()
print(f"Available tools: {[t.name for t in tools.tools]}")
# Output: Available tools: ['execute_python_code', 'verification_status']
# Run a verification script
result = await session.call_tool(
"execute_python_code",
arguments={
"code": (
"from sympy import symbols, diff\n"
"x = symbols('x')\n"
"print(f'd/dx(x^3) = {diff(x**3, x)}')"
)
}
)
print(result)
asyncio.run(main())
Configuration
Environment variables
| Variable | Description | Default |
|---|
QWED_MCP_TRUSTED_CODE_EXECUTION | Enable execute_python_code tool (true/false) | false |
QWED_LOG_LEVEL | Logging level (DEBUG, INFO, WARNING, ERROR) | INFO |
QWED_TIMEOUT | Tool execution timeout in seconds | 30 |
QWED_SKILL_MANIFEST | Path to a skill manifest JSON file. When set, the server validates the manifest at startup using SkillProvenanceGuard and refuses to start if verification fails | Not set |
QWED_MCP_TRUSTED_CODE_EXECUTION must be set to true to enable code execution. The executed code runs with server privileges — ensure inputs are from trusted sources.
Example with environment variables
Windows (PowerShell):
$env:QWED_MCP_TRUSTED_CODE_EXECUTION = "true"
$env:QWED_LOG_LEVEL = "DEBUG"
qwed-mcp
QWED_MCP_TRUSTED_CODE_EXECUTION=true QWED_LOG_LEVEL=DEBUG qwed-mcp
Use cases
1. Financial calculations
Verify that AI-generated financial calculations are correct:
User: Calculate compound interest for $10,000 at 5% for 3 years
Claude: Let me verify this calculation.
[Calls execute_python_code with a script using Decimal math]
STDOUT: Future value = $11576.25
✅ Verified using deterministic decimal arithmetic.
2. Research validation
Ensure scientific claims are logically valid:
User: If all mammals are warm-blooded, and dolphins are mammals,
are dolphins warm-blooded?
Claude: [Calls execute_python_code with a Z3 solver script]
STDOUT: The conclusion logically follows from the premises.
✅ Verified via Z3 SMT solver.
3. Secure coding
Check AI-generated code for security issues:
User: Write a function to execute user commands
Claude: def run_command(cmd):
os.system(cmd)
[Calls execute_python_code with a CodeGuard script]
STDOUT: Verified: False
- Dangerous pattern: os.system
⚠️ Security issue detected. Here's a safer alternative...
4. SQL security
Prevent SQL injection in generated queries:
User: Generate a query to find user "admin' OR '1'='1"
Claude: [Calls execute_python_code with a SQLGuard script]
STDOUT: Verified: False
- SQL injection pattern detected
❌ Injection detected. Use parameterized queries instead.
Links
