electronic-trusted-certificate
Electronic Trusted Certificate
Use this skill to work with the SHMTU electronic trusted certificate MCP service over HTTP.
What To Collect
endpoint: default to the user-provided MCP HTTP endpoint.token: use a bearer token from the user or from an environment variable.goal: what certificate or proof the user wants to query, generate, download, or verify.output_path: only needed when the server returns a downloadable file and the user wants it saved locally.
Secret Handling
- Never write real tokens into tracked files.
- Prefer environment variables for local execution:
export SHMTU_CERT_MCP_ENDPOINT='https://jwxt.shmtu.edu.cn/info/mcp'
export SHMTU_CERT_MCP_TOKEN='replace-with-real-token'
- If the user already provided a token in the conversation, use it only for the current terminal session.
Default Workflow
- Probe the endpoint before assuming the path is correct:
node electronic-trusted-certificate/scripts/http_mcp.mjs probe
- Discover available tools and inspect the returned schema:
node electronic-trusted-certificate/scripts/http_mcp.mjs list-tools
-
Pick the tool that best matches the user request. Prefer exact matches such as certificate lookup, download, verification, transcript proof, or study-status proof.
-
Call the tool with the minimum valid argument set:
node electronic-trusted-certificate/scripts/http_mcp.mjs call-tool \
--tool TOOL_NAME \
--arguments-json '{"example":"value"}'
-
If the result contains a file URL, save it with
curl -L. If it contains base64 data, decode it into the requested output file. If it returns plain JSON, summarize the important fields and keep the raw JSON if the user needs auditing. -
In the final response, report:
- which endpoint was used
- which tool was called
- which arguments were sent, with secrets redacted
- where any downloaded file was saved
- any unresolved server-side or schema-side errors
Command Reference
Probe the endpoint
node electronic-trusted-certificate/scripts/http_mcp.mjs probe \
--endpoint "$SHMTU_CERT_MCP_ENDPOINT" \
--token "$SHMTU_CERT_MCP_TOKEN"
If Node cannot validate the remote certificate chain but curl works, retry with --insecure for a one-off probe or provide --ca-file <pem-bundle>.
Initialize only
node electronic-trusted-certificate/scripts/http_mcp.mjs initialize \
--endpoint "$SHMTU_CERT_MCP_ENDPOINT" \
--token "$SHMTU_CERT_MCP_TOKEN"
List tools
node electronic-trusted-certificate/scripts/http_mcp.mjs list-tools \
--endpoint "$SHMTU_CERT_MCP_ENDPOINT" \
--token "$SHMTU_CERT_MCP_TOKEN"
Call a tool
node electronic-trusted-certificate/scripts/http_mcp.mjs call-tool \
--endpoint "$SHMTU_CERT_MCP_ENDPOINT" \
--token "$SHMTU_CERT_MCP_TOKEN" \
--tool TOOL_NAME \
--arguments-json '{"student_id":"20240001"}'
Decision Rules
- Always run
list-toolsbefore the first real tool call in a session unless the tool schema is already known from the immediately preceding step. - Do not invent argument names. Copy them from the tool schema.
- If the endpoint returns
404, treat the supplied URL as unresolved and tell the user the current path does not exist from this environment. - If the endpoint returns
401or403, treat the token as missing, expired, or unauthorized. - If the server returns validation errors, reduce the payload to the required fields and try again once.
- If the user asks for a document but the MCP tool only returns metadata or a verification URL, report that explicitly instead of pretending the file was downloaded.
Output Handling
- For JSON responses, keep the raw structure intact and summarize only the key fields the user asked about.
- For arrays of mixed content blocks, preserve order and type. Save text blocks as UTF-8 text. Save binary payloads only after confirming their encoding.
- For returned URLs, prefer
curl -L -o <absolute-path> '<url>'. - For base64 payloads, decode with a local command and keep the file extension consistent with the returned MIME type or filename.
Troubleshooting
404 Not Found: the endpoint path is wrong or not exposed from the current network path.405 Method Not Allowed: the server exists but expects a different HTTP method.401or403: token problem.- JSON-RPC parse error: request body shape or content type is wrong.
- MCP schema mismatch: rerun
list-tools, then compare the tool input schema against the arguments being sent. - TLS verification failure in Node: retry with
--insecurefor local debugging or provide--ca-filewith the correct issuer bundle.
Notes
- The helper script uses only built-in Node.js modules.
- It automatically sends
initialize,notifications/initialized, and the follow-up request forlist-toolsandcall-tool. - If the server responds with
text/event-stream, the helper script extractsdata:frames and prints them as parsed JSON when possible.
More from inforix/skills
notion-to-weixin
Fetch a Notion page by title, export to Markdown, convert Markdown to HTML with a user-provided CSS file, and create a Weixin draft via node-wxcli. Use when asked to publish Notion content into Weixin draftbox, or when moving Notion pages into Weixin draft as HTML.
26obsidian-to-weixin
Find an Obsidian note by title/path with obsidian-cli, keep note content as Markdown, upload note images to Weixin, and create a Weixin draft via node-wxcli from Markdown stdin. Use when publishing Obsidian notes into Weixin draftbox.
14shmtu-word-formatter
把文章按“上海海事大学党政公文格式”刷成 Word(.docx),或对已有 .docx 进行统一排版后保存。凡是用户提到“刷格式”“按公文格式排版”“生成 Word”“把这篇文章整理成正式公文格式”“这个 docx 帮我统一格式”时都应触发本技能。
4imagegen
Generate images with Azure OpenAI GPT-image models, especially gpt-image-2 on Azure AI Foundry. Use this skill when the user asks to generate, create, render, or save an image from a text prompt using imagegen, GPT-image, gpt-image-2, Azure OpenAI image generation, or the configured Azure AI Foundry endpoint.
1