Private betaTool Trust API

API reference

Surface M8ven Tool Trust verdicts in your MCP directory, IDE extension, or developer tool. This reference is visible so partners with access can integrate; new keys are issued after review to match the private-beta phase we're in.

Access is gated during private beta

We're reviewing each request to make sure the use case is a fit. Most reviews finish within a business day.

Request access →

Quick reference

  • GET /api/mcp/score?url=... — single MCP score lookup
  • GET /api/mcp/registry — paginated list with filters
  • GET /api/mcp/badge?repo=... — README badge SVG
  • GET /api/mcp/verify?url=...&signature=... — verify a stored score
  • GET /api/mcp/list — bulk export for indexers

Authentication

All endpoints listed here are free, public, and unauthenticated for read access. We track usage by IP and reserve the right to rate-limit abusive callers, but you don't need a key to embed our scores. If you're building a high-volume integration, email partners@m8ven.ai and we'll provision a partner key with raised limits.

Score lookup

GET/api/mcp/score

Resolve any MCP identifier (GitHub URL, npm package, Smithery URL, run.tools endpoint, or smithery CLI command) to a trust score, key findings, capabilities, and required env vars.

ParamTypeDescription
url*stringThe identifier to look up. Accepts: github.com URLs, npm names (@scope/pkg or pkg-name), bare owner/repo slugs, smithery.ai/server/... URLs, *.run.tools URLs, and "npx @smithery/cli@latest run X" commands.
Request
curl 'https://m8ven.ai/api/mcp/score?url=https://github.com/Nekzus/npm-sentinel-mcp'
Response (abridged)
{
  "identifier": "https://github.com/Nekzus/npm-sentinel-mcp",
  "github_url": "https://github.com/Nekzus/npm-sentinel-mcp",
  "score": 94,
  "grade": "A",
  "tier": 2,
  "source": "db",
  "commit_sha": "a1b2c3d...",
  "code_hash": "sha256:...",
  "verified_at": "2026-04-10T12:00:00Z",
  "signature": "...",

  "findings": [
    {
      "name": "Annotation honesty",
      "status": "pass",
      "severity": "pass",
      "detail": "19 read-only tools verified — handlers contain no write/delete/exec"
    },
    ...
  ],

  "network_hosts": ["api.osv.dev"],
  "env_vars_required": [
    { "name": "NPM_REGISTRY_URL", "is_secret": false }
  ],

  "tools": [ { "name": "npm_search", "description": "..." }, ... ],

  "live_introspection": { "ok": true, "tool_count": 19, ... },
  "dual_verification": { "status": "agree", "static_count": 19, "live_count": 19 }
}

source tells you where the result came from: precache (file, <100ms), db (Supabase, ~200ms), or live (full clone + analysis, ~30s). Cache the response on your end keyed by code_hash — same hash always returns the same result.

Browse / list

GET/api/mcp/registry

Paginated list of every MCP we've discovered. Useful for partners building their own catalogs that mirror M8ven's coverage.

ParamTypeDescription
sourcestring'all' (default) or one of: smithery, official, mcp_so, pulsemcp, npm, glama, m8ven_submission
sortstring'score' (default), 'installs', 'updated', 'name'
pagenumber1-indexed page number, default 1
limitnumberPage size, default 50, max 100
qstringFree-text search over name + description
statusstring'scored' (default), 'pending', 'failed', 'all'
gradestringFilter to a specific letter grade: A, B, C, D, or F
min_scorenumberOnly return entries with latest_score >= this value (0-100)
has_cveboolean'true' returns only entries with a high or critical CVE in their latest scan. Each entry includes cve_high / cve_critical counts.
Request
curl 'https://m8ven.ai/api/mcp/registry?source=smithery&grade=A&sort=installs&limit=20'
Response (abridged)
{
  "page": 1,
  "limit": 20,
  "total": 138,
  "has_more": true,
  "source_filter": "smithery",
  "sort": "installs",
  "entries": [
    {
      "slug": "smithery-nekzus-npm-sentinel-mcp",
      "name": "NPM Sentinel MCP",
      "description": "MCP server for npm package security analysis",
      "source": "smithery",
      "github_url": "https://github.com/Nekzus/npm-sentinel-mcp",
      "score": 94,
      "grade": "A",
      "cve_high": 0,
      "cve_critical": 0,
      "tool_count": 19,
      "install_count": 1240,
      "scored_at": "2026-04-10T12:00:00Z"
    },
    ...
  ]
}

README badge

GET/api/mcp/badge

Returns a Shields-style SVG badge for embedding in a README. The badge auto-updates: if the verified hash matches the current commit, it shows the score; if the code has changed since verification, it shows 'verification stale'.

ParamTypeDescription
repo*stringGitHub owner/repo slug — e.g. Nekzus/npm-sentinel-mcp
Markdown for your README
[![M8ven Trust Score](https://m8ven.ai/api/mcp/badge?repo=Nekzus/npm-sentinel-mcp)](https://m8ven.ai/mcp/smithery-nekzus-npm-sentinel-mcp)

Verify a stored score

GET/api/mcp/verify

Verify whether a previously-issued M8ven badge is current. Used by directories that want to confirm a score embedded in a publisher's README still matches our records.

ParamTypeDescription
url*stringThe MCP identifier to look up
signaturestringOptional HMAC signature to verify against the stored record
Response
{
  "valid": true,
  "state": "verified",
  "score": 94,
  "grade": "A",
  "commit_sha": "a1b2c3d...",
  "code_hash": "sha256:...",
  "verified_at": "2026-04-10T12:00:00Z",
  "signature": "..."
}

state is verified if the cache matches, code_changed if the upstream repo has been modified since our last scan, or unknown if we have no record at all.

Bulk export

GET/api/mcp/list

Bulk listing endpoint optimised for indexers and search engines. Returns the full registry as a flat array — no pagination, slower response, larger payload.

Request
curl 'https://m8ven.ai/api/mcp/list'

Refresh this no more than once per hour. If you need real-time updates, use /api/mcp/registry with sort=updated and a small limit instead.

Scoring model

Scores start at 100 and deduct for findings. Severity buckets:

  • Catastrophic (−60): secret exfiltration, sensitive filesystem reads, code obfuscation, missing source, hardcoded credentials. Also hard-cap the ceiling at 25-45.
  • High (−15): annotation dishonesty, description vs implementation mismatch, critical CVEs in production deps
  • Medium (−8): failing tests, broken coverage, medium CVEs, postinstall hooks
  • Low (−3): missing README/license, missing annotations, dev-only CVEs

Tier 1 (manifest reviewed) caps at 80. Tier 2 (code verified) caps at 100. Limited-language scans (non-JS/TS code where AST analysis is unavailable) cap at 75. Letter grades: A ≥ 90, B ≥ 75, C ≥ 60, D ≥ 40, F < 40.

Caching

Every score response includes a code_hash. If you cache responses keyed by hash on your end, repeated lookups become free for the same code: same hash → guaranteed same result. When the publisher pushes new code the hash changes and you naturally fall through to a fresh lookup. This is the same pattern we use internally — verifying once per unique code state, not per request.

Partner integrations

If you operate an MCP directory, an IDE extension, or a developer tool that lists MCPs, we'd love to embed our scores in your UI for free. Email partners@m8ven.ai and we'll set up a partner key, custom rate limits, and a dedicated Slack channel.