👑

MCP QUEEN

MCP server security evidence—not a blanket safety score

Use this evidence before connecting an agent to an unfamiliar MCP server. MCP Queen publishes dated observations about protocol authentication boundaries and security-sensitive capabilities, while keeping them separate from operational grades.

For security, platform, and procurement teams

This surface supports MCP inventory review, allowlist decisions, vendor due diligence, and change monitoring. It does not claim that metadata inspection proves a server safe. Source-code scanning, deployment controls, least privilege, runtime monitoring, and human approval remain necessary for privileged tools.

How to interpret a Trust Receipt

200 recent public security/access observations

ServerObservationStatusEvidenceObserved
io.github.centricai/centric-demo
io.github.centricai/centric-demo
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
LinkedIn Ads MCP Server
io.github.cesteral/linkedin-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Google Ads MCP Server
io.github.cesteral/gads-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
DV360 MCP Server
io.github.cesteral/dv360-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bid Manager MCP Server
io.github.cesteral/dbm-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.cesco345/capital-equipment
io.github.cesco345/capital-equipment
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Campaign Manager 360 MCP Server
io.github.cesteral/cm360-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Amazon DSP MCP Server
io.github.cesteral/amazon-dsp-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.cdkbotmcp/cdk-mcp
io.github.cdkbotmcp/cdk-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Verity Skills
io.github.cchurctrip/verity
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
MochiPDF
io.github.cbolgiano/mochipdf
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.causehacker/quicksign
io.github.causehacker/quicksign
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.ccedacero/nyc-property-intel
io.github.ccedacero/nyc-property-intel
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.cathalos92/papi
io.github.cathalos92/papi
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Inlay
io.github.cartoonitunes/inlay
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.causa-prima-ai/scribo
io.github.causa-prima-ai/scribo
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Catalo.ai
io.github.catalo-ai/catalo
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carsxe/carsxe-mcp
io.github.carsxe/carsxe-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carruda-Global/ecosystem-aec-regulatory
io.github.carruda-Global/ecosystem-aec-regulatory
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
SteadyFetch
io.github.carsonroell-debug/steadyfetch
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carruda-Global/ecosystem-aec-esg
io.github.carruda-Global/ecosystem-aec-esg
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carruda-Global/ecosystem-aec-erp
io.github.carruda-Global/ecosystem-aec-erp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carrasquelalex1/webscrape-mcp
io.github.carrasquelalex1/webscrape-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Hipocampo MCP
io.github.carrasquelalex1/hipocampo
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.carlosofscience/bulk-url-checker
io.github.carlosofscience/bulk-url-checker
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.caraulani/euacc-mcp
io.github.caraulani/euacc-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Oi
io.github.carhaix/oi
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Sato Hub: Onchain Agents
io.github.satohubai/onchain-agents
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: onchain_agent_get_deploy_spec. Classification is description-based and does not prove exploitability.2026-07-16
Sato Hub: Onchain Agents
io.github.satohubai/onchain-agents
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
IRONCLAW BTC Node
io.github.cariohca-ux/btc-node
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Autopilots by Dania.ai
io.github.carlosdania/autopilots
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Cap Rate Signals — US Real Estate Metro Intelligence
io.github.capratesignals-cpu/cap-rate-signals
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
RU Books MCP
io.github.books-service/ru-books
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
CipherHUB Cryptography Toolkit
io.github.bowenerchen/cipherhub
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.capitalthought/customs-dog-mcp
io.github.capitalthought/customs-dog-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.capabilityhostprotocol/chp
io.github.capabilityhostprotocol/chp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.capabilityhostprotocol/capabilities-txt-registry
io.github.capabilityhostprotocol/capabilities-txt-registry
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Canuckeats — Canadian Food Delivery
io.github.canuckeats/canuckeats
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.canonicalmg/sortio
io.github.canonicalmg/sortio
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.cammac-creator/openswissdata
io.github.cammac-creator/openswissdata
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.cammac-creator/ibanforge
io.github.cammac-creator/ibanforge
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Meyhem — MCP Server Discovery & Agent Search
io.github.c5huracan/meyhem
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.burademirung/protectwith-kb
io.github.burademirung/protectwith-kb
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Synapse — GEO Growth Layer
io.github.calvinling2021-star/synapse-geo
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
MCP Finder
io.github.c5huracan/mcp-finder
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Gonka Network Pricing
io.github.bystray/gonka-mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.byimprint/intelligence
io.github.byimprint/intelligence
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.butterbase-ai/mcp
io.github.butterbase-ai/mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
CrossFin
io.github.bubilife1202/crossfin
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Drivara
io.github.bsrishi/drivara
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bilt
io.github.buildingapplications/mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.btouchard/herald
io.github.btouchard/herald
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
BLOCKTRUST TrustScan
io.github.brnbtech770/blocktrust-trustscan
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.raulbr90/changebook
io.github.raulbr90/changebook
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Branch Docs
io.github.branch-docs/ai
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: execute-request. Classification is description-based and does not prove exploitability.2026-07-16
Branch Docs
io.github.branch-docs/ai
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Brivvy MCP
io.github.brivvyHQ/mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Braintrust
io.github.braintrustdata/braintrust
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Brains
io.github.brainsforai/brains-mcp-connector
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.br9704/aethereum
io.github.br9704/aethereum
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bperezpereira/mcp
io.github.bperezpereira/mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
NSFW Image Detector
io.github.bookyo/nsfw-image-detector
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bnovik0v/moltdj
io.github.bnovik0v/moltdj
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
BMLT Meetings
io.github.bmlt-enabled/bmlt-server-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
PodLearn
io.github.blutrich/podlearn
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bobross2020/brickpulse-mcp
io.github.bobross2020/brickpulse-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
noHumansShop
io.github.bluemagma-compliance/nohumansshop
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Apollo Intelligence Network
io.github.bnmbnmai/apollo-intelligence
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
TavernFinder
io.github.bmachado86/tavernfinder
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Blueprint Agentic Staking (Solentic)
io.github.blueprint-infrastructure/solentic
sensitive_capabilities_declaredconcern5 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: stake, generate_wallet, delete_webhook, set_staking_policy, delete_staking_policy. Classification is description-based and does not prove exploitability.2026-07-16
Blueprint Agentic Staking (Solentic)
io.github.blueprint-infrastructure/solentic
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bluestratus/agenticfeed
io.github.bluestratus/agenticfeed
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.blackboxfoundry/livedatalink
io.github.blackboxfoundry/livedatalink
sensitive_capabilities_declaredconcern2 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: npi_lookup, ip_reputation. Classification is description-based and does not prove exploitability.2026-07-16
io.github.blackboxfoundry/livedatalink
io.github.blackboxfoundry/livedatalink
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.blathrop07/voyager-commerce
io.github.blathrop07/voyager-commerce
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bitrix24
io.github.bitrix24/bitrix24
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bitsandtea/postking-mcp
io.github.bitsandtea/postking-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
FLUX
io.github.black-forest-labs/flux-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bitcompare/mcp-server
io.github.bitcompare/mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bitMacrocode/charm
io.github.bitMacrocode/charm
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bitrix MCP
io.github.bitrix24/bitrix-mcp-rest
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Skan Firmy
io.github.bibi-bambi/skanfirmy
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bitrise
io.github.bitrise-io/bitrise-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Context Awesome
io.github.bh-rat/context-awesome
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Social Perks
io.github.benzatkulak-collab/socialperks
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
VINdata
io.github.bhuvanabala/vindata-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bevanding/signaldaemon
io.github.bevanding/signaldaemon
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
GoldenMatch
io.github.benseverndev-oss/goldenmatch
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
TypeUI
io.github.bergside/typeui
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bg4ff8mtdn-dotcom/ownership-provenance-protocol
io.github.bg4ff8mtdn-dotcom/ownership-provenance-protocol
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Opensensemap
io.github.pipeworx-io/opensensemap
sensitive_capabilities_declaredconcern3 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: remember, recall, forget. Classification is description-based and does not prove exploitability.2026-07-16
Opensensemap
io.github.pipeworx-io/opensensemap
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
GoldenFlow
io.github.benseverndev-oss/goldenflow
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
GoldenPipe
io.github.benseverndev-oss/goldenpipe
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
InferMap
io.github.benseverndev-oss/infermap
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
GoldenCheck
io.github.benseverndev-oss/goldencheck
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.benediktgirz/storylenses
io.github.benediktgirz/storylenses
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
ChiefLab
io.github.bdentech/chieflab
sensitive_capabilities_declaredconcern7 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: chieflab_get_publishing_targets, chieflab_create_next_move_action, chieflab_execute_approved_action, chieflab_mark_action_done, chieflab_signup_workspace, chieflab_status, chieflab_continue_launch_loop. Classification is description-based and does not prove exploitability.2026-07-16
ChiefLab
io.github.bdentech/chieflab
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.beneb89/changegamer
io.github.beneb89/changegamer
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.benmilne-com/benmilne
io.github.benmilne-com/benmilne
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bch1212/pubrecords
io.github.bch1212/pubrecords
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Ask262
io.github.bendtherules/ask262
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bch1212/agent-commerce-mcp
io.github.bch1212/agent-commerce-mcp
sensitive_capabilities_declaredconcern2 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: get_free_tier, get_mcp_install. Classification is description-based and does not prove exploitability.2026-07-16
io.github.bch1212/agent-commerce-mcp
io.github.bch1212/agent-commerce-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bch1212/mcp-grantiq
io.github.bch1212/mcp-grantiq
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bch1212/bizintel
io.github.bch1212/bizintel
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bch1212/outdooriq-mcp
io.github.bch1212/outdooriq-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Agent Broker
io.github.basilalshukaili/agent-broker
sensitive_capabilities_declaredconcern3 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: send_message, preview_cost, import_booking_url. Classification is description-based and does not prove exploitability.2026-07-16
Agent Broker
io.github.basilalshukaili/agent-broker
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Forums
io.github.basehub-ai/forums
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.basalt-run/basalt
io.github.basalt-run/basalt
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bamchi/scrapi
io.github.bamchi/scrapi
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
OpenClaw Trust Scorer
io.github.baronsengir007/trust-scorer
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.baronsengir007/openclaw-agent-tools
io.github.baronsengir007/openclaw-agent-tools
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bakyang2/kr-crypto-intelligence
io.github.bakyang2/kr-crypto-intelligence
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.barneywohl/hugging-bay
io.github.barneywohl/hugging-bay
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
aloha.fyi Hawaii
io.github.baphometnxg/aloha-fyi-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Bankstatemently
io.github.bankstatemently/bankstatemently-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-bare. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.bahfahh/noteit-mcp
io.github.bahfahh/noteit-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.avagenesisdev/ava-genesis
io.github.avagenesisdev/ava-genesis
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
aX
io.github.ax-platform/ax-platform
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Axiom Oracle
io.github.axiom-stack-llc/oracle
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.aymandakir-gh/piu-copy-mcp
io.github.aymandakir-gh/piu-copy-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Avo
io.github.avohq/avo
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Luchtmeetnet
io.github.pipeworx-io/luchtmeetnet
sensitive_capabilities_declaredconcern3 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: remember, recall, forget. Classification is description-based and does not prove exploitability.2026-07-16
Luchtmeetnet
io.github.pipeworx-io/luchtmeetnet
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Ipma Pt
io.github.pipeworx-io/ipma-pt
sensitive_capabilities_declaredconcern3 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: remember, recall, forget. Classification is description-based and does not prove exploitability.2026-07-16
Ipma Pt
io.github.pipeworx-io/ipma-pt
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
avots
io.github.avotsai/avots-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.avabuildsdata/mcp-us-business-data
io.github.avabuildsdata/mcp-us-business-data
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
VARRD — Statistically Validated Trading Edges + AI Research Engine
io.github.augiemazza/varrd
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Attest
io.github.attestagents/attest-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.attestifyagent/attestify-os
io.github.attestifyagent/attestify-os
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
FinCore Agentic Commerce
io.github.athenalion/fincore-agentic-commerce
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.atmflow55/datafood-mcp
io.github.atmflow55/datafood-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
aaaa-nexus — Formally Verified AI Safety APIs
io.github.atomadictech/aaaa-nexus
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: intent_classify. Classification is description-based and does not prove exploitability.2026-07-16
aaaa-nexus — Formally Verified AI Safety APIs
io.github.atomadictech/aaaa-nexus
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Atomadic Forge
io.github.atomadictech/atomadic-forge
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.atk1-eng/zoo-mcp
io.github.atk1-eng/zoo-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.atk1-eng/1k-patient-mcp
io.github.atk1-eng/1k-patient-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.astuto-ai/onelens-mcp
io.github.astuto-ai/onelens-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.atakanelik34/neo-x402-mcp
io.github.atakanelik34/neo-x402-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Asynthetic
io.github.asyntheticai/asynthetic
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: check_peer_compatibility. Classification is description-based and does not prove exploitability.2026-07-16
Asynthetic
io.github.asyntheticai/asynthetic
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
HefestoAI
io.github.artvepa80/hefestoai
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.astafford8488/pitchiq-mcp
io.github.astafford8488/pitchiq-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
AgentAegis
io.github.astafford8488/agentaegis
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: scan_mcp_plugin. Classification is description-based and does not prove exploitability.2026-07-16
AgentAegis
io.github.astafford8488/agentaegis
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Fillin
io.github.artchristech/fillin
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.ashokva/kaka-mcp-server
io.github.ashokva/kaka-mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Virlo
io.github.arod90/virlo
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
opchain
io.github.asfbay-bit/opchain-skills
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: route. Classification is description-based and does not prove exploitability.2026-07-16
opchain
io.github.asfbay-bit/opchain-skills
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.ark-forge/mcp-eu-ai-act
io.github.ark-forge/mcp-eu-ai-act
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: combined_compliance_report. Classification is description-based and does not prove exploitability.2026-07-16
io.github.ark-forge/mcp-eu-ai-act
io.github.ark-forge/mcp-eu-ai-act
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.archimedes-market/mcp-archimedes
io.github.archimedes-market/mcp-archimedes
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
arifOS — Constitutional AI Kernel
io.github.ariffazil/arifos
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
arifOS — Constitutional AI Governance
io.github.ariffazil/arifosmcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.ariekogan/ateam-mcp
io.github.ariekogan/ateam-mcp
sensitive_capabilities_declaredconcern10 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: ateam_build_and_run, ateam_test_skill, ateam_create_plugin, ateam_upload_connector, ateam_test_connector, ateam_github_pull, ateam_github_write, ateam_verify_consistency, ateam_github_promote, ateam_redeploy. Classification is description-based and does not prove exploitability.2026-07-16
io.github.ariekogan/ateam-mcp
io.github.ariekogan/ateam-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.architagrawal/prismsplit
io.github.architagrawal/prismsplit
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.arcar-org/arcar-mcp
io.github.arcar-org/arcar-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.arcar-org/n8n-mcp-server
io.github.arcar-org/n8n-mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Arcadia Finance
io.github.arcadia-finance/mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
ArcAgent MCP
io.github.araujota/arcagent-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
CoreModels
io.github.aramai-schematica/coremodels
sensitive_capabilities_declaredconcern2 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: remove_mixin_value, run_code. Classification is description-based and does not prove exploitability.2026-07-16
CoreModels
io.github.aramai-schematica/coremodels
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
JarvisClaw AI Gateway
io.github.api-jarvisclaw/jarvisclaw
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: aip_execute_with_budget. Classification is description-based and does not prove exploitability.2026-07-16
JarvisClaw AI Gateway
io.github.api-jarvisclaw/jarvisclaw
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.appwrite/mcp
io.github.appwrite/mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
GraphOS MCP Tools
io.github.apollographql/graphos-mcp-tools
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Hyades
io.github.apology-is-policy/hyades
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.apasztetnik/el-buen-agente-mcp
io.github.apasztetnik/el-buen-agente-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Apiiro Guardian Agent
io.github.apiiro/guardian-agent
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.apihubio/mcp-server
io.github.apihubio/mcp-server
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: apihub_topup. Classification is description-based and does not prove exploitability.2026-07-16
io.github.apihubio/mcp-server
io.github.apihubio/mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Untap
io.github.aneduaim/untap-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Courier
io.github.antonioac1/courier
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Ground Truth - First Call Activation
io.github.anish632/ground-truth
sensitive_capabilities_declaredconcern2 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: check_pricing, delete_monitor. Classification is description-based and does not prove exploitability.2026-07-16
Ground Truth - First Call Activation
io.github.anish632/ground-truth
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Apaleo
io.github.apaleo/mcp-server
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.antoinedelorme/kweenkl-mcp
io.github.antoinedelorme/kweenkl-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.anousss007/blatui
io.github.anousss007/blatui
sensitive_capabilities_declaredconcern2 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: get_component, install_command. Classification is description-based and does not prove exploitability.2026-07-16
io.github.anousss007/blatui
io.github.anousss007/blatui
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.anousss007/ng-blatui
io.github.anousss007/ng-blatui
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Youfiliate Smart Links
io.github.andrewmpierce/youfiliate-mcp
sensitive_capabilities_declaredconcern3 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: youfiliate_update_smart_link, youfiliate_delete_smart_link, youfiliate_update_preferences. Classification is description-based and does not prove exploitability.2026-07-16
Youfiliate Smart Links
io.github.andrewmpierce/youfiliate-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Talent-Augmenting Layer
io.github.angelo-leone/talent-augmenting-layer
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.animicaorg/animica
io.github.animicaorg/animica
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.aniebyl/ololand-dd
io.github.aniebyl/ololand-dd
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Agentic Platform
io.github.andysalvo/agentic-platform
authentication_boundaryobservedLive protocol probe observed auth_state=unreachable. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.andrew-sondgeroth/zipexplore-mcp
io.github.andrew-sondgeroth/zipexplore-mcp
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: get_transit_profile. Classification is description-based and does not prove exploitability.2026-07-16
io.github.andrew-sondgeroth/zipexplore-mcp
io.github.andrew-sondgeroth/zipexplore-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
toolweave
io.github.andreysparish/toolweave
authentication_boundaryobservedLive protocol probe observed auth_state=auth-wellbehaved. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.andrew-ji-cupix/cupix-compass
io.github.andrew-ji-cupix/cupix-compass
sensitive_capabilities_declaredconcern1 discovered tool(s) advertise potentially state-changing or privileged capabilities. Tool names: set-focus-project. Classification is description-based and does not prove exploitability.2026-07-16
io.github.andrew-ji-cupix/cupix-compass
io.github.andrew-ji-cupix/cupix-compass
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
io.github.aminpiano/nara-tour
io.github.aminpiano/nara-tour
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
JuriBase
io.github.andersongadelhaadv-cmyk/juri-verify
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16
Luxembourg MCP
io.github.amirdaraee/luxembourg-mcp
authentication_boundaryobservedLive protocol probe observed auth_state=open. This describes discovery/access behavior; it is not by itself a vulnerability finding.2026-07-16

Query this evidence

Agents can call search_trust_evidence or get_trust_receipt at https://mcpqueen.com/mcp. Humans and procurement workflows can use /api/trust/{name}.json.