M MCPowered Scan a server
DirectoryRegistrySecurityInstallLearnBuild Scan a server

MCP trust layer

The trust and verification layer for MCP servers.

Federated directory across the Linux Foundation registry, Smithery, Glama, mcp.so, and the major community lists. Per-server trust scoring built on static source review, sandboxed runtime behavior, supply-chain provenance, and incident history. Scan any server before you install it.

Browse the directory Scan a server

Browse by purpose

Find what you need by what you're trying to do.

Directory

Trust-scored servers across every federated source. Best MCP servers, database servers, web search servers, free servers.

Security

The four spec-level attack patterns. Dated incidents. Best practices for builders. Scan any server before you install it.

Install configs

One-click setup for Claude Code, Claude Desktop, Cursor, Windsurf, ChatGPT, Continue, Cline, Zed.

Build a server

The three primitives. The Python SDK. A minimal working example in 30 lines.

Integrations

Bridge MCP to your workflow tools: n8n, Zapier, more on the way.

Enterprise

Org-wide trust scoring, allowlists, scheduled scans, internal verified-publisher tier, SSO.

Learn the protocol

Start from the published specification.

Reference content grounded in the LF AAIF spec, dated incidents, and the actual wire protocol. Read in the order that matches how you'll use it.

Hub · 23K/mo

Model Context Protocol

The full overview. Wire protocol, three primitives, three transports, governance, adoption.

Spoke

What is an MCP server

What a server actually does, mechanically. Lifecycle, primitives, privilege model.

Spoke

MCP architecture

JSON-RPC 2.0 wire mechanics, the initialize handshake, capability negotiation.

Compare

MCP vs API

REST and GraphQL vs MCP's standardized primitives for LLM context.

Compare

MCP vs RAG

Complementary by design. RAG for retrieval; MCP for live data and actions.

Compare

MCP vs A2A

Private tool-access (MCP) vs public agent-to-agent coordination (Google's A2A).

Origin

Anthropic MCP

Nov 2024 launch, Dec 2025 Linux Foundation donation, current governance.

Federation sources

We index every MCP server you can install.

Linux Foundation MCP Registry

Canonical baseline (LF AAIF official)

Smithery

Install + auth layer

Glama

Hosted execution + gateway

mcp.so

Community catalog

awesome-mcp-servers

Community list

Why trust scoring

The MCP threat model is real and dated.

Sept 2025

postmark-mcp

First confirmed malicious MCP server in the wild. Silently BCC'd all outgoing emails to attacker.

Oct 2025

Smithery registry

Path-traversal vulnerability exposed a builder token granting root access to 3,000+ hosted apps.

Apr 2026

STDIO transport RCE

Core design flaw enabling authenticated RCE. Affected 150M+ downloads across Letta AI, LangFlow, Windsurf.

AgentSeal scanned 1,808 MCP servers in 2025. 66% had security findings.

Scan a server Read the threat model