# secure-boot-verify

`station__security__secure-boot-verify` · external (needs EXECUTION_BACKEND_URL configured) · domain `security` · pv-relevance `non-pv`

Verify a boot stage measurement — measure data, optionally compare against expected.

> **Note:** This tool routes through an external execution backend. If `EXECUTION_BACKEND_URL` is unset on the server, calls return JSON-RPC error `-32603 "Tool execution backend not configured"`. Tools with `backend: native` execute in-process and are always callable.

## Agent metadata

- `idempotent`: unknown
- `read_only`: unknown
- `expected_latency_ms`: unknown (not yet contract-tested)
- `cost_tokens_estimate`: unknown

## Input schema

- `data` *string* (required) — Data to measure
- `expected_hex` *string*
- `policy` *string* (required)
- `stage` *string* (required) — Boot stage

## Example call

```json
POST /api/mcp
Content-Type: application/json

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "station__security__secure-boot-verify",
    "arguments": {
      "data": "",
      "policy": "",
      "stage": ""
    }
  }
}
```

## Related

- [/tools](/tools) — all 3062 tools
- [/tools/security__secure-boot-verify](/tools/security__secure-boot-verify) — HTML page
- [/tools/security__secure-boot-verify/json](/tools/security__secure-boot-verify/json) — JSON form (agent-friendly)
- [/api/mcp](/api/mcp) — endpoint
- [/AGENTS.md](/AGENTS.md) — agent guide