← statichum.studio

May 19, 2026

Continuous-Trust MCP Server Scoring And IDE-Side Tool-Use Gate That Surfaces Live Uptime, Security Scans, And Auth Posture Before An Agent Calls A Tool

dev tool real project •• multiple requests

There are over 16,000 MCP servers in the public registries as of late 2025, and a 2026 audit of 194 packages found 118 distinct security findings, including a CVSS 9.6 RCE in the mcp-remote npm package (~500k downloads) and three vulnerabilities in Anthropic's own reference Git MCP server. The official MCP Registry tells you a server exists. Nothing tells you whether it's been up for the last week, who runs it, what scopes it asks for, or whether its last security scan caught anything. The gap is a continuous-scoring layer with a tiny in-IDE pre-flight check ('about to call X, here's its risk profile, confirm?') that solo and small-team agent builders can trust without standing up an enterprise governance plane.

builder note

The non-obvious moat is the historical data. Building a uptime + scan history graph for 16k MCP servers starting today means in six months you're the only source with longitudinal trust data when something inevitably gets popped. That curve is the defensible asset, not the IDE plugin.

landscape (4 existing solutions)

Enterprise registries (Kong, AgentAudit) and CLI scanners exist, but the solo/small-team dev who installs five MCPs into Claude Code or Cursor has no equivalent of the npm-audit or Wirecutter-style trust signal in their IDE workflow. The gap is the indie-tier continuous trust dashboard with a pre-call gate.

Official MCP Registry Catalog only. No continuous uptime monitoring, no security score, no auth-scope summary. It's a phone book, not a Yelp.
Agensi Runs an 8-point security scan on listed servers but the score is point-in-time. Doesn't show last-30-day uptime, doesn't push warnings into your IDE when the score drops mid-week.
Kong MCP Registry Enterprise gateway product. Wrong audience and wrong price point for the indie dev who runs Claude Code with five community-published MCPs.
mcp-scan / Cisco mcp-scanner CLI scanners that surface YARA-pattern hits. No IDE integration, no continuous mode, no human-readable score for non-security-engineers.

sources (4)

other https://www.mcpdiscoverability.org/ "Without a centralized, enterprise-approved directory, discovery is manual, security is fragmented, and shadow AI proliferates." 2026-04-15
other https://dev.to/ecap0/the-state-of-mcp-server-security-in-202... "118 security findings... across 68 packages." 2026-04-30
other https://appsecsanta.com/research/mcp-server-security-audit-2... "Manual review remains the most reliable way to assess MCP server security." 2026-04-22
other https://aembit.io/blog/the-ultimate-guide-to-mcp-security-vu... "A CVSS 9.6 remote code execution flaw was found in the mcp-remote npm package, which had nearly half a million downloads." 2026-03-12
mcpai-agentssecurityregistryide-plugin