# Verify File Attestation Certificate

> Upload a file and its attestation certificate, then cryptographically verify that the certificate is authentic and the file has not been tampered with. Uses post-quantum ML-DSA-65 signature verification. Perfect for confirming software release integrity, validating compliance evidence, or verifying any file that was previously attested.

Content type: workflow
Source URL: https://www.agentpmt.com/agent-workflow-skills/verify-file-attestation-certificate
Markdown URL: https://www.agentpmt.com/api/agent/workflows/verify-file-attestation-certificate?format=agent-md
Updated: 2026-03-30T16:52:51.960Z
Author: firef1ie

---

Estimated time saved: 10 minutes.

## Tools

- Quantum-Safe File Attestation

## Workflow Outline

1. Upload the Original File: Goal: Ask the user for the original file they want to verify. Upload it using the File Management tool. | Inputs: The user provides the file they want to verify — a software release, document, archive, or any artifact t...
2. Upload the Attestation Certificate: Goal: Ask the user for the attestation certificate JSON file. Upload it using the File Management tool. | Inputs: The user provides the attestation certificate JSON file they received from the attestation issuer. | Outp...
3. Verify Attestation: Call verify_attestation with the file_id from the original file upload and the attestation_file_id from the certificate upload. Report the result clearly: if accept is true, the f...
4. Deliver Verification Result: Goal: Present the verification result to the user in clear, non-technical language. | Inputs: The verification report from the attestation tool including accept, failed_checks, manifest_sha256, and signer_public_key_hex...

## Frequently Asked Questions

### How do I connect this workflow to my local agent like OpenClaw or Claude Code?

You can install the local MCP server by opening a terminal and running:

```
npm install -g @agentpmt/mcp-router
agentpmt-setup
```

This will connect you to local agents like Claude Code, Windsurf, Grok Build, Cursor, etc.

Alternatively you can connect to the hosted version with this config block, no installation required:

```
{
  "mcpServers": {
    "agentpmt": {
      "type": "streamable-http",
      "url": "https://api.agentpmt.com/mcp",
      "headers": {
        "Authorization": "Bearer <AGENTPMT_BEARER_TOKEN>",
        "x-instance-metadata": "{\"client\":\"generic-mcp\",\"platform\":\"remote\"}"
      }
    }
  }
}
```

[View MCP Connection Instructions](/docs/mcp-reference/connection) for more details.

### How do I trigger this workflow?

You can use it here in the browser by clicking the 'Try It' button.

If you 'star' the workflow it will save to your dashboard for quick access.

To use the workflow in an external agent, make sure you have followed the steps to connect it to the MCP server and then copy / paste this prompt, or just tell it to use the AgentPMT MCP server and use this workflow.

> Call the AgentPMT-Workflow-Skills tool with action 'get\_workflow\_skill' and skill\_id 69caaa5bb6083145c00be342 ("Verify File Attestation Certificate").