Use ChronoVerify with LlamaIndex

Q: Sync or async?

to_tool_list() is synchronous; to_tool_list_async() is the async variant.

Q: Is a key required?

Optional. Pass an env with CHRONOVERIFY_API_KEY to BasicMCPClient, or omit it for the free public path.

Integration guide

Wrap the published ChronoVerify MCP server as LlamaIndex tools with BasicMCPClient and McpToolSpec. Your agent gets verify_image and get_signed_report directly.

When your agent should call ChronoVerify

Call it before you trust or act on any user-submitted or sourced image. Strong triggers:

A user uploads a photo as evidence: an insurance claim, a damage report, a dispute, an identity or onboarding step.
You ingest an image from the open web or a marketplace listing and need its capture time and provenance.
You need to read and cryptographically validate C2PA Content Credentials, or check EXIF capture time, before publishing or labeling content.
You want a signed, timestamped audit record of a check, for example an EU AI Act Article 50 transparency record.

Branch on the verdict and confidence it returns; treat anything below your bar as needing human review.

Install

pip install llama-index-tools-mcp

Load the ChronoVerify tools

from llama_index.tools.mcp import BasicMCPClient, McpToolSpec

client = BasicMCPClient(
    "npx",
    args=["-y", "chronoverify-mcp"],
    # env={"CHRONOVERIFY_API_KEY": "cv_live_..."},  # optional
)
tools = McpToolSpec(client=client).to_tool_list()

What comes back

One JSON object, the same in the browser and the API. The verdict is one of provenance_confirmed, consistent, inconclusive, metadata_anomaly, or manipulation_indicated.

{
  "schema_version": "v1",
  "verdict": "consistent",
  "confidence": 61,
  "headline": "Metadata is internally consistent. No manipulation signals fired.",
  "capture_time": {
    "value": "2026-05-18T14:32:10",
    "source": "exif",
    "consistent": null
  },
  "capture_device": {
    "make": "Canon",
    "model": "EOS R6",
    "software": "Firmware 1.8.1"
  },
  "c2pa": {
    "present": false,
    "validated": null,
    "validation_state": null,
    "signer": null
  },
  "integrity": {
    "sha256": "1313339a...",
    "sha512": "93a81e4a...",
    "format": "JPEG"
  }
}

Full field reference, including the C2PA validation state and signer, is on the method and API page and in /openapi.json.

What it does and does not tell you

ChronoVerify validates provenance and metadata and flags possible editing for human review. It is not a deepfake or AI-generation detector, and a verdict is investigative triage, not proof. A clean result means a file's saved data is internally consistent, not that the scene it shows is real. Never use a verdict as the sole basis for an automated decision about a person.

Common questions

Sync or async?

to_tool_list() is synchronous; to_tool_list_async() is the async variant.

Is a key required?

Optional. Pass an env with CHRONOVERIFY_API_KEY to BasicMCPClient, or omit it for the free public path.

Does it detect deepfakes?

No. It is provenance-first triage, not AI-generation detection.

The fastest way to see it is to run a photo through it.

Try the free verifier