MCP Observatory

Independent safety audit of the MCP server ecosystem · by PulseFeed

Thousands of MCP servers ship with almost no vetting — and a bad one can run arbitrary code on your machine or exfiltrate data. Before you connect your AI agent to an MCP server, check it. We audit maintenance, install-script risk, provenance, abandonment and liveness.

663servers audited
426safe
157caution
75avoid

Verdicts

safe
426
caution
157
avoid
75
unknown
5

npm servers get deep signals; remote servers get liveness + HTTPS only (can't fully verify a black-box remote).

Top safety flags

unpopular
467
install_script
66
no_repo
48
abandoned
29
no_license
15
unreachable
9
no_target
5
heavy_deps
4

install_script = arbitrary code on npm i; abandoned = stale; unreachable = dead remote.

Top trusted MCP servers

ServerTypenpm dl/wkTrust
ainpm15,141,589100
@ai-sdk/mcpnpm1,288,697100
@storybook/mcpnpm1,519,768100
@storybook/addon-mcpnpm1,257,803100
@assistant-ui/reactnpm1,154,251100
@copilotkit/aimocknpm590,679100
fallownpm442,064100
add-mcpnpm180,234100
evenpm229,367100
@modelcontextprotocol/servernpm137,213100
figma-developer-mcpnpm75,862100
n8n-mcpnpm87,920100
@raishin/vanguard-frontier-agenticnpm150,574100
@sap-ux/fiori-docs-embeddingsnpm107,263100
@notionhq/notion-mcp-servernpm125,682100
Check any MCP server: GET /mcp/verify?package=<npm-name> — free. Returns a safety verdict, score and flags (install scripts, abandonment, provenance, license, repo).

Methodology: PulseFeed discovers servers from the official MCP registry, audits each via npm metadata (install scripts, provenance, license, downloads, freshness) and liveness for remotes. Same independent-audit approach as our x402 trust oracle. Machine-readable: /mcp.json. Updated daily.