Pre-flight MCP security. Blocks compromised deps + tool drift. HMAC-signed. Dredd judges.
"Jeevesus saves. Dredd judges." Dredd MCP is a pre-invocation security check for the Model Context Protocol ecosystem. Before your agent calls a tool on any other MCP server, Dredd renders a verdict: , , or . Every verdict is HMAC-signed and cites the IOC or behavioral signal that drove the decision. The MCP ecosystem has had no defender. Three PyPI ML packages were compromised in eight days…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
"Jeevesus saves. Dredd judges." Dredd MCP is a pre-invocation security check for the Model Context Protocol ecosystem. Before your agent calls a tool on any other MCP server, Dredd renders a verdict: , , or . Every verdict is HMAC-signed and cites the IOC or behavioral signal that drove the decision. The MCP ecosystem has had no defender. Three PyPI ML packages were compromised in eight days during late April 2026. Twenty-plus MCP-named GitHub repositories were caught serving SmartLoader…