MCP trust layer

The trust and verification layer for MCP servers.

Federated directory across the Linux Foundation registry, Smithery, Glama, mcp.so, and the major community lists. Per-server trust scoring built on static source review, sandboxed runtime behavior, supply-chain provenance, and incident history. Scan any server before you install it.

Federation sources

10,970 MCP servers catalogued. 708 scanned. 48 scanned clean.

Federated across the Linux Foundation registry, the awesome-mcp-servers community list, Anthropic's reference set, MCPowered-curated entries, and user-submitted scans. Browse the scanned catalog or read the scoring methodology.

Why trust scoring

The MCP threat model is real and dated.

Sept 2025

postmark-mcp

First confirmed malicious MCP server in the wild. Silently BCC'd all outgoing emails to attacker.

Oct 2025

Smithery registry

Path-traversal vulnerability exposed a builder token granting root access to 3,000+ hosted apps.

Apr 2026

STDIO transport RCE

Core design flaw enabling authenticated RCE. Affected 150M+ downloads across Letta AI, LangFlow, Windsurf.

AgentSeal scanned 1,808 MCP servers in 2025. 66% had security findings.