Skip to content
EcoCitizenZ
Python Tools · PyPI

ECZ-ID Python Tools

Local inspection tools for agents, MCP, APIs, SBOM, DORA, AI provenance, robotics, humanoid readiness and digital counterparty evidence.

Use ECZ-ID Python tools to inspect local project, agent, API, MCP, SBOM, DORA, robotics, humanoid-readiness and AI-provenance signals before routing to operator setup or public Resolver proof.

The tools run locally. They inspect, explain and route. They do not issue an ECZ-ID, write canonical truth, create public proof, upload source code, make safety, compliance or insurance decisions, or replace Resolver proof.

Quick install guidance

Every tool is on PyPI, runs locally, uploads no source code and uses no hidden telemetry. Install with pip, or run a single command with pipx or uvx.

Install with pip

$ python -m pip install ecz-id$ python -m pip install ecz-id-mcp$ python -m pip install ecz-id-api$ python -m pip install ecz-id-sbom

Run once with pipx or uvx

$ pipx run ecz-id-sbom --help$ uvx ecz-id-sbom --help

Where the distribution name and CLI command differ, install the distribution and call its command:

$ python -m pip install ecz-id-digital-counterparty$ ecz-id-counterparty --help $ python -m pip install ecz-id-humanoid-insurability-readiness$ ecz-id-humanoid --help

Structured JSON output is available on the inspection commands (for example --json) for CI-ready use. A completed inspection is a neutral observation: re-check before reliance.

Which tool should I use?

You have an API or OpenAPI projectecz-id-api
You have an MCP server manifestecz-id-mcp
You have an AI agent manifest or framework objectecz-id-agents
You have a model or dataset provenance declarationecz-id-ai-provenance
You have a CycloneDX or SPDX SBOMecz-id-sbom
You have a DORA resilience-evidence registerecz-id-dora
You have a website, portal or counterparty descriptorecz-id-digital-counterparty
You have a robot deployment descriptor or ROS workspaceecz-id-robotics
You are preparing a humanoid readiness profileecz-id-humanoid-insurability-readiness
You are building on the shared coreecz-id

The ten packages

Each tool inspects one surface locally, explains what it observes, and routes you to operator setup or public proof. None of them issue an ECZ-ID, determine an ECZ-ID BOUND state, or create public proof.

ecz-id

Foundation

Shared ECZ-ID local inspection and machine-readable integration foundation for the whole Python family.

Install once as the shared core: the result contract, reason codes, safe file enumeration and machine-readable manifest used by every specialist tool.

$ python -m pip install ecz-id$ ecz-id --help
View on PyPI ↗Add a specialist package below for your surface, then route to operator setup or public Resolver proof.

ecz-id-api

APIs & software

Inspect API and OpenAPI configuration posture, then route API evidence setup.

Point it at an API project or descriptor to read the declared ECZ-ID posture and co-located OpenAPI metadata locally, before any operator setup.

$ python -m pip install ecz-id-api$ ecz-id-api --help
View on PyPI ↗Route API evidence setup to TrustOps, or check public proof in Resolver.

ecz-id-digital-counterparty

Business & counterparty

Inspect website, portal or digital-counterparty descriptors before operator setup.

Validate and scaffold a /.well-known/ecz-site.json and see what a machine consumer or the Resolver would read from your site — locally and offline.

$ python -m pip install ecz-id-digital-counterparty$ ecz-id-counterparty --help
View on PyPI ↗Route operator setup to TrustOps, or check public proof in Resolver.

ecz-id-agents

Agents & AI

Inspect agent and Know-Your-Agent declaration posture, then route agent accountability setup.

Statically read agent manifests and declared tool, API, MCP and operator relationships. It never imports or runs agent code and never reads prompts into results.

$ python -m pip install ecz-id-agents$ ecz-id-agents --help
View on PyPI ↗Route agent accountability setup to TrustOps, or check public proof in Resolver.

ecz-id-mcp

Agents & AI

Inspect MCP server configuration posture, then route MCP evidence setup.

Statically read an MCP server manifest for declared transport, tools and identity. It never starts a server, connects a transport or executes a configured command.

$ python -m pip install ecz-id-mcp$ ecz-id-mcp --help
View on PyPI ↗Route MCP evidence setup to TrustOps, or check public proof in Resolver.

ecz-id-sbom

APIs & software

Inspect SBOM evidence posture, then route software supply-chain evidence setup.

Read a CycloneDX or SPDX bill of materials for an ECZ-ID reference and neutral inventory signals. XML DTDs and entities are rejected, never expanded.

$ python -m pip install ecz-id-sbom$ ecz-id-sbom --help
View on PyPI ↗Route supply-chain evidence setup to TrustOps, or check public proof in Resolver.

ecz-id-dora

Resilience & vendor

Inspect DORA-oriented vendor resilience evidence posture.

Read a resilience-evidence register and see what is declared, present or absent on disk, with a deterministic evidence-readiness table. It is not a DORA compliance verdict.

$ python -m pip install ecz-id-dora$ ecz-id-dora --help
View on PyPI ↗Route resilience evidence setup to TrustOps, or check public proof in Resolver.

ecz-id-robotics

Robotics & physical

Inspect robot deployment descriptors for ECZ-ID robot-passport configuration posture.

Map a robot or fleet descriptor and ROS workspace to the parent Robot Passport by operating environment. It never connects to or commands a robot and never starts ROS.

$ python -m pip install ecz-id-robotics$ ecz-id-robotics --help
View on PyPI ↗Route robot-passport setup to TrustOps, or check public proof in Resolver.

ecz-id-humanoid-insurability-readiness

Robotics & physical

Explain HUMANOID profile readiness under the correct Industrial, Public-Space or Domestic Robot Passport route.

Organise a humanoid profile so an assessor could review it more easily. HUMANOID is a profile and readiness route, not a separate Passport. The operating environment determines the correct Robot Passport route, and HUMANOID requires the Assured tier.

$ python -m pip install ecz-id-humanoid-insurability-readiness$ ecz-id-humanoid --help
View on PyPI ↗Route the Assured tier to TrustOps, or check public proof in Resolver. ECZ-ID is not an insurer and makes no insurance decision or premium guarantee.

ecz-id-ai-provenance

Agents & AI

Inspect AI artefact provenance declaration posture, then route provenance evidence setup.

Read provenance declarations and model or dataset cards for declared lineage. It does not fetch model weights or datasets and does not evaluate a model.

$ python -m pip install ecz-id-ai-provenance$ ecz-id-ai-provenance --help
View on PyPI ↗Route provenance evidence setup to TrustOps, or check public proof in Resolver.

Continue with ECZ-ID

Explore the whole family on PyPI: ECZ-ID Python tools on PyPI ↗

Public role boundaries (locked)

  • · Backend / Core — writes canonical truth.
  • · TrustOps — setup, acquisition, payment, lifecycle and repair.
  • · Resolver — read-only public proof of current state.
  • · Developer Gateway — explains, documents and routes.
  • · Python tools — inspect, explain and route only.
  • · VS Code / Open VSX extensions — discover, inspect, educate and route only.

What this page and these tools do not claim

  • · No tool issues an ECZ-ID, determines BOUND, activates proof or creates Resolver truth.
  • · Local inspection does not create public proof, and does not price, cart or sell.
  • · No result is a safety, certification, approval, compliance, insurance or premium decision.
  • · Missing public proof is neutral — it does not mean unsafe. Local policy decides; re-check before reliance.
  • · PyPI, Microsoft, Open VSX and GitHub do not endorse ECZ-ID; marketplace links are for discovery only.

Machine-readable integration

Each installation includes structured machine-readable metadata for automation, CI and supported integrations, and every JSON report embeds a compact machine-readable object carrying the canonical roots and the safe, read-only actions. A machine-readable index of these ten tools is published alongside this page.

VS Code and Open VSX extensions

The ECZ-ID editor extensions discover, inspect, educate and route only — the same role boundary as the Python tools. Browse the full publisher and namespace:

Resolver and TrustOps routes

More developer guidance: Agent Trust, MCP, Bindings and the DORA + SBOM suite.