■ Open standard

forge extension block

v0.12026-05-27Draft · Open RFCGitHub →

A JSON extension block you add to any MCP server manifest, A2A Agent Card, or SKILL.md frontmatter. Ignored by clients that don't read it. Enables Forge to display verified publisher identity, security scan results, and evaluation attestations on your registry listing.

package.json — MCP serverany manifest format
{
  "name": "my-mcp-server",
  "version": "1.0.0",

  "forge": {
    "version": "0.1",

    "publisher": {
      "verified": true,
      "verification_method": "github-collaborator-api",
      "github_login": "your-handle",
      "verified_at": "2026-05-27T14:00:00Z"
    },

    "security": {
      "scanned": true,
      "vulnerabilities": 0,
      "suspicious_scripts": false,
      "status": "clean"
    }
  }
}
Overview

Structure

The forge block is a single top-level key added to your existing manifest. It has four sub-objects, two of which are implemented in v0.1 and two that are planned.

forge.versionrequiredSpec version — must be "0.1"
forge.publisherlivePublisher identity — set on claim
forge.securityliveSecurity scan results — set by Forge
forge.evalsplannedPerformance attestations
forge.composeplannedRuntime composability hints

forge.versionrequired

The version of this spec the block conforms to. Must be "0.1" for this version.

JSON
"forge": { "version": "0.1" }

forge.publisherlive — v0.1

Publisher identity, populated automatically by Forge when you claim your listing. You can include it manually — Forge compares it against its verification records.

FieldTypeDescription
verifiedbooleantrue if Forge has verified this publisher
verification_methodstring"github-owner" · "github-collaborator-api" · "manual"
github_loginstringGitHub username of the verified publisher
verified_atdatetimeISO 8601 — when verification occurred
JSON
"publisher": { "verified": true, "verification_method": "github-collaborator-api", "github_login": "sam-rivera", "verified_at": "2026-05-27T14:30:00Z" }

forge.securitylive — v0.1

Security scan results written by Forge — not self-reported. Forge queries the OSV vulnerability database for known CVEs against the exact published version, and runs static analysis on npm lifecycle scripts for suspicious patterns.

FieldTypeDescription
scannedbooleanWhether a scan has run
scan_levelstring"base" or "verified"
last_scandatetimeISO 8601 of last scan
scanner_versionstringForge scanner version
vulnerabilitiesintegerTotal CVEs (all severities)
critical / high / moderate / lowintegerCVEs by severity
suspicious_scriptsbooleanFlagged lifecycle script patterns
statusstring"clean" · "warnings" · "critical" · "failed"
JSON
"security": { "scanned": true, "scan_level": "base", "last_scan": "2026-05-27T14:30:00Z", "scanner_version": "0.1.0", "vulnerabilities": 0, "critical": 0, "high": 0, "moderate": 0, "low": 0, "suspicious_scripts": false, "status": "clean" }

forge.evalsplanned — v0.2

Performance evaluation attestations. Structured, versioned test results. Self-reported scores are displayed with a “self-reported” label; Forge-verified scores require running a standard eval suite.

JSON — example
"evals": { "accuracy": 0.94, "latency_p50_ms": 8000, "eval_suite": "forge/standard-v1", "total_runs": 12840, "last_evaluated": "2026-05-20T10:00:00Z", "attestation": "self-reported" }

forge.composeplanned — v0.2

Composability hints that let Forge build a dependency graph and run supply chain security checks across agent pipelines.

JSON — example
"compose": { "depends_on": ["ana/web-researcher", "sara/report-writer"], "can_be_called_by": ["pipeline/market-intel"] }
Usage

Usage by format

MCP server

Add forge as a top-level key in package.json:

package.json
{ "name": "my-mcp-server", "version": "1.0.0", "main": "dist/index.js", "forge": { "version": "0.1", "publisher": { "verified": false } } }

A2A Agent Card

Add forge as an extension key in agent.json:

agent.json
{ "name": "My Agent", "url": "https://example.com/agent", "version": "1.0", "forge": { "version": "0.1", "publisher": { "verified": false } } }

Skill (SKILL.md)

Add a forge key in the YAML frontmatter:

SKILL.md
--- name: code-reviewer version: 1.0.0 forge: version: "0.1" publisher: verified: false --- # Your skill prompt here
Getting verified

Claiming your listing

You don't need to write the forge.publisher block yourself — Forge writes it automatically when you claim your listing.

  1. Find your package in the registry
  2. Click “Claim this listing” on the package profile
  3. Sign in with GitHub — Forge checks repo access automatically
  4. Submit the claim — most are verified instantly via the GitHub collaborator API

After verification, Forge writes the forge.publisher block and displays your GitHub identity on the listing. Security scanning runs automatically on every claimed package.

Versioning

Versioning

This spec follows semantic versioning:

BumpWhen
Patch (0.1.x)Clarifications, no schema changes
Minor (0.x.0)New optional fields — backwards-compatible
Major (x.0.0)Breaking changes to required fields or removed fields

The forge.version field in the block records which version of this spec the block conforms to. Clients should treat unrecognised fields as unknown and ignore them.

Contributing

RFC process

This spec evolves through an open RFC process on GitHub.

  1. Open an issue describing the problem you're solving with concrete JSON examples
  2. Discussion period: 7 days for minor changes, 14 days for significant, 30 days for breaking
  3. Open a PR updating SPEC.md and forge.schema.json, referencing the issue
  4. Merge after discussion period with no unresolved objections
Validation

JSON Schema

A machine-readable JSON Schema is available for validation:

URL
https://forgeregistry.com/spec/v0.1/forge.schema.json

Use it with any JSON Schema validator. Example with ajv:

JavaScript
import Ajv from "ajv"; import schema from "./forge.schema.json" assert { type: "json" }; const ajv = new Ajv(); const validate = ajv.compile(schema); const valid = validate(yourManifest);
forge extension block spec v0.1 — Draft. Open RFC on GitHub. Feedback welcome via issues or PRs.