Canopii Trust Index is a platform that provides security scores for MCP servers by independently scanning and evaluating each server for various risks. The tool addresses concerns such as tool poisoning, prompt injection, supply-chain vulnerabilities, and credential risks within the MCP ecosystem. Each server is assessed on a per-version basis, and a single security score is assigned before agents connect, helping users make informed decisions about which servers to trust. The platform maintains a continuously updated registry of MCP servers, with the evidence noting that over 12,000 servers have been scored. It offers a breakdown of security grades, including the proportion of servers rated from A (strong posture) to F (high risk). Users can browse the registry to view these scores and see the distribution of security postures across the ecosystem. Additionally, the service identifies endpoints that are live-verified and those that are unverifiable. Canopii Trust Index also features an API, allowing users to check the security score of any MCP server from their own tools. This API is key-authenticated and rate-limited, facilitating integration into workflows such as CI gates, procurement reviews, or agent allow-lists. The evidence highlights that the platform is suitable for scenarios where automated or programmatic access to security scores is required. The service is web-based, as indicated by the ability to browse the registry online and request API access. No specific pricing or licensing information is provided in the available evidence. The tool is positioned as a specialized registry and scoring system for MCP servers, focusing on security assessment and risk visibility within this ecosystem.
Latest indexed changes and source events
Show HN: A Trust Index for MCP Servers discovered by the PulseGate indexer
Other apps tracked under the same category.