This work addresses the lack of verifiable execution integrity in existing Model Context Protocol (MCP)-based LLM pipelines within sensitive domains, which are vulnerable to tool invocation tampering or spoofing attacks. To resolve this, we propose a novel framework integrating a cryptographically signed secure tool manifest with an extended MCP architecture. By leveraging structured manifests, digital signatures, transparent audit logs, and isolated execution metadata, our approach decouples internal model execution from user-visible components for the first time, enabling end-to-end verifiability. Experimental results demonstrate that the framework achieves near-linear scalability (R² = 0.998), accepts virtually all legitimate requests, consistently rejects unauthorized operations, and effectively maintains balanced resource utilization across multiple concurrent pipelines.

Large Language Models (LLMs) are increasingly adopted in sensitive domains such as healthcare and financial institutions'data analytics; however, their execution pipelines remain vulnerable to manipulation and unverifiable behavior. Existing control mechanisms, such as the Model Context Protocol (MCP), define compliance policies for tool invocation but lack verifiable enforcement and transparent validation of model actions. To address this gap, we propose a novel Secure Tool Manifest and Digital Signing Framework, a structured and security-aware extension of Model Context Protocols. The framework enforces cryptographically signed manifests, integrates transparent verification logs, and isolates model-internal execution metadata from user-visible components to ensure verifiable execution integrity. Furthermore, the evaluation demonstrates that the framework scales nearly linearly (R-squared = 0.998), achieves near-perfect acceptance of valid executions while consistently rejecting invalid ones, and maintains balanced model utilization across execution pipelines.