Security Ledger for the Agentic Ecosystem
Know what your
AI agents connect to.
Trust scores, vulnerability scanning, and cryptographic provenance for every MCP server — aggregated across 10+ registries.
24,960 servers indexed
4 registries
30 scans completed
25 active flags
Trust Scores
Every MCP server gets a Sigstore-signed score based on 11 security signals — from permission scope to tool description safety.
Annotation Verification
The MCP spec says tool annotations are "untrusted." We verify them with static analysis so you don't have to.
Transparency Log
Every score and scan result is recorded in Rekor's immutable transparency log. Cryptographic proof, not just promises.
Recently flagged
D
48d ago genkitx-mcp Tool poisoning in 'get_usage_guide': Directive language: 'always' +4 more
D
37d ago @microsoft/agentos-mcp-server Hardcoded API key in agent governance python/agent os/tests/test_security_skills.py +4 more
D
48d ago modelcontextprotocol/python-sdk Hardcoded OAuth client secret in tests/client/test_auth.py +3 more
C
48d ago @ampersend_ai/modelcontextprotocol-sdk High risk OAuth scope: admin +3 more