CLI reference¶

The manifest command is installed with the cli extra.

pip install "agent-manifest[cli]"

Commands¶

manifest create¶

Create and sign a new agent manifest.

manifest create [OPTIONS]

Options:
  --agent-id TEXT          SPIFFE URI identifying this agent role  [required]
  --issuer TEXT            SPIFFE URI of the signing authority  [required]
  --model TEXT             Model identifier (e.g. gpt-4o-2024-08-06)
  --prompt-file PATH       Path to the system prompt file (hashed, not stored)
  --ttl-hours INTEGER      Manifest validity window in hours  [default: 8]
  --crypto-profile TEXT    standard | post-quantum | hybrid  [default: standard]
  --out PATH               Output path for the signed manifest JSON
  --help                   Show this message and exit.

manifest sign¶

Sign an existing manifest JSON with a key loaded from a file or environment variable.

manifest sign [OPTIONS] MANIFEST_FILE

Options:
  --key-file PATH          Path to Ed25519 private key (base64url, no padding)
  --key-env TEXT           Environment variable holding the private key
  --out PATH               Output path (defaults to overwriting MANIFEST_FILE)
  --help                   Show this message and exit.

manifest verify¶

Verify a manifest against its signature and optional runtime context.

manifest verify [OPTIONS] MANIFEST_FILE

Options:
  --revocation-url TEXT    CRL endpoint to check for revocation
  --public-key PATH        Path to a trusted raw Ed25519 public key hex file
  --enforce-hitl           Fail if no valid HITL approval is present
  --enforce-attestation    Fail if no attestation report is present
  --min-slsa-level INT     Minimum SLSA level required  [default: 0]
  --help                   Show this message and exit.

For local signature verification, pass the public key generated by manifest keygen. Without a trusted public key, signed manifests fail closed as UNVERIFIABLE.

manifest revoke¶

Append a signed revocation record to a local CRL file.

manifest revoke [OPTIONS] MANIFEST_ID

Options:
  --crl-file PATH          Path to the JSON-Lines CRL file  [required]
  --reason TEXT            Revocation reason  [required]
  --revoked-by TEXT        SPIFFE URI or email of the revoking authority  [required]
  --key-file PATH          Path to the signing key  [required]
  --help                   Show this message and exit.

manifest keygen¶

Generate a new Ed25519 key pair and write the private key to a file.

manifest keygen [OPTIONS]

Options:
  --out PATH               Output path for the private key (base64url, no padding)
  --print-pub              Print the public key to stdout after generation
  --help                   Show this message and exit.

manifest attest¶

Run the auto-provider and print the attestation report as JSON.

manifest attest [OPTIONS]

Options:
  --provider TEXT          tpm | sev-snp | tdx | opaque | auto  [default: auto]
  --manifest-file PATH     Manifest to extend into the attestation register
  --help                   Show this message and exit.

Source¶

cli ¶

Agent Manifest CLI — issue #15.

Commands

manifest create Build a draft manifest from a config file manifest sign Sign a draft manifest with Ed25519 (or hybrid) manifest attest Extend manifest hash into hardware + append attestation block manifest verify Call the verification endpoint and print the result manifest revoke Publish a revocation record

All commands write JSON to stdout and accept --output/-o to write to a file.

cli ¶

cli() -> None

Agent Manifest SDK CLI.

manifest ¶

manifest() -> None

Manage Agent Manifests.

create ¶

create(config: str, output: Optional[str]) -> None

Create a draft manifest from a JSON config file.

CONFIG must be a JSON file with at minimum: agent_id, issuer, issued_at, expires_at, and an artifacts block.

Example

manifest create config.json -o draft.json

sign ¶

sign(manifest_file: str, key: str, output: Optional[str]) -> None

Sign a draft manifest with Ed25519.

KEY must be a file containing the 64-hex-character (32-byte) Ed25519 private key seed.

Example

manifest sign draft.json --key private.hex -o signed.json

keygen ¶

keygen(output_dir: str) -> None

Generate a new Ed25519 key pair for manifest signing.

Writes

private.hex — 64-hex private key seed (keep secret, mode 0600) public.hex — 64-hex public key bytes

Example

manifest keygen -d ./keys/

attest ¶

attest(manifest_file: str, provider: str, level: int, output: Optional[str]) -> None

Extend the manifest hash into hardware and append the attestation block.

For TPM: requires tpm2-tools (apt-get install tpm2-tools). For swtpm in CI: set TPM2TOOLS_TCTI=swtpm: before running.

Example

manifest attest signed.json --provider tpm --level 1 -o attested.json

verify ¶

verify(manifest_file: str, enforce_hitl: bool, enforce_attestation: bool, crl_path: Optional[str], public_key: Optional[str], output: Optional[str]) -> None

Verify a manifest against the local verification engine.

Prints the VerificationResult as JSON. Exits with code 0 on VALID, 1 on any other result.

Use --crl-path to load a revocation list and check for revoked manifests.

Example

manifest verify attested.json --crl-path revocations.jsonl

revoke ¶

revoke(manifest_id: str, reason: str, revoked_by: str, output: Optional[str]) -> None

Generate a revocation record for a manifest ID.

The record JSON can be submitted to your revocation registry or passed to a RevocationStore instance in the verification endpoint.

Example

manifest revoke 018f4a3b-... --reason "key compromise" --revoked-by [email protected]