io.github.Thezenmonster/agentscore

MCPcommunity
v2.2.0io.github.ThezenmonsterUnknownUpdated 2mo agonpmGitHub

MCP security trust layer: scan packages, inspect repos, check exposure, monitor changes.

MCP security trust layer. Scan packages, get trust verdicts, inspect repo-wide MCP dependencies, generate Policy Gate setup, check incident exposure, and query the abuse database. Seven tools for MCP security decisions. No API key, zero config. Scan any MCP package for security issues: agentscores.xyz Your AI can now make security decisions about MCP packages: You: "Is exa-mcp-server safe to…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
2mo agoLast update
Package
Authorio.github.Thezenmonster
LicenseUnknown
Version2.2.0
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · clean+30/30
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
Dependencies60 resolved+ · none vulnerable
Tool surface8 tools · none privileged
Security scan✓ Cleanv2.2.0 · 20d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

MCP security trust layer. Scan packages, get trust verdicts, inspect repo-wide MCP dependencies, generate Policy Gate setup, check incident exposure, and query the abuse database. Seven tools for MCP security decisions. No API key, zero config. Scan any MCP package for security issues: agentscores.xyz Your AI can now make security decisions about MCP packages: You: "Is exa-mcp-server safe to install?" Claude: calls getverdict "Verdict: ALLOW. Score 90/100, LOW risk. No provenance attestations…

Keywords
mcp