Read-only MCP server: your agent sees all your sibling repos but structurally cannot touch them
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Read-only MCP server: your agent sees all your sibling repos but structurally cannot touch them