API reference
Surface M8ven Tool Trust verdicts in your MCP directory, IDE extension, or developer tool. This reference is visible so partners with access can integrate; new keys are issued after review to match the private-beta phase we're in.
Access is gated during private beta
We're reviewing each request to make sure the use case is a fit. Most reviews finish within a business day.
Request access →Quick reference
GET /api/mcp/score?url=...— single MCP score lookupGET /api/mcp/registry— paginated list with filtersGET /api/mcp/badge?repo=...— README badge SVGGET /api/mcp/verify?url=...&signature=...— verify a stored scoreGET /api/mcp/list— bulk export for indexers
Authentication
All endpoints listed here are free, public, and unauthenticated for read access. We track usage by IP and reserve the right to rate-limit abusive callers, but you don't need a key to embed our scores. If you're building a high-volume integration, email partners@m8ven.ai and we'll provision a partner key with raised limits.
Score lookup
/api/mcp/scoreResolve any MCP identifier (GitHub URL, npm package, Smithery URL, run.tools endpoint, or smithery CLI command) to a trust score, key findings, capabilities, and required env vars.
| Param | Type | Description |
|---|---|---|
| url* | string | The identifier to look up. Accepts: github.com URLs, npm names (@scope/pkg or pkg-name), bare owner/repo slugs, smithery.ai/server/... URLs, *.run.tools URLs, and "npx @smithery/cli@latest run X" commands. |
curl 'https://m8ven.ai/api/mcp/score?url=https://github.com/Nekzus/npm-sentinel-mcp'
{
"identifier": "https://github.com/Nekzus/npm-sentinel-mcp",
"github_url": "https://github.com/Nekzus/npm-sentinel-mcp",
"score": 94,
"grade": "A",
"tier": 2,
"source": "db",
"commit_sha": "a1b2c3d...",
"code_hash": "sha256:...",
"verified_at": "2026-04-10T12:00:00Z",
"signature": "...",
"findings": [
{
"name": "Annotation honesty",
"status": "pass",
"severity": "pass",
"detail": "19 read-only tools verified — handlers contain no write/delete/exec"
},
...
],
"network_hosts": ["api.osv.dev"],
"env_vars_required": [
{ "name": "NPM_REGISTRY_URL", "is_secret": false }
],
"tools": [ { "name": "npm_search", "description": "..." }, ... ],
"live_introspection": { "ok": true, "tool_count": 19, ... },
"dual_verification": { "status": "agree", "static_count": 19, "live_count": 19 }
}source tells you where the result came from: precache (file, <100ms), db (Supabase, ~200ms), or live (full clone + analysis, ~30s). Cache the response on your end keyed by code_hash — same hash always returns the same result.
Browse / list
/api/mcp/registryPaginated list of every MCP we've discovered. Useful for partners building their own catalogs that mirror M8ven's coverage.
| Param | Type | Description |
|---|---|---|
| source | string | 'all' (default) or one of: smithery, official, mcp_so, pulsemcp, npm, glama, m8ven_submission |
| sort | string | 'score' (default), 'installs', 'updated', 'name' |
| page | number | 1-indexed page number, default 1 |
| limit | number | Page size, default 50, max 100 |
| q | string | Free-text search over name + description |
| status | string | 'scored' (default), 'pending', 'failed', 'all' |
| grade | string | Filter to a specific letter grade: A, B, C, D, or F |
| min_score | number | Only return entries with latest_score >= this value (0-100) |
| has_cve | boolean | 'true' returns only entries with a high or critical CVE in their latest scan. Each entry includes cve_high / cve_critical counts. |
curl 'https://m8ven.ai/api/mcp/registry?source=smithery&grade=A&sort=installs&limit=20'
{
"page": 1,
"limit": 20,
"total": 138,
"has_more": true,
"source_filter": "smithery",
"sort": "installs",
"entries": [
{
"slug": "smithery-nekzus-npm-sentinel-mcp",
"name": "NPM Sentinel MCP",
"description": "MCP server for npm package security analysis",
"source": "smithery",
"github_url": "https://github.com/Nekzus/npm-sentinel-mcp",
"score": 94,
"grade": "A",
"cve_high": 0,
"cve_critical": 0,
"tool_count": 19,
"install_count": 1240,
"scored_at": "2026-04-10T12:00:00Z"
},
...
]
}README badge
/api/mcp/badgeReturns a Shields-style SVG badge for embedding in a README. The badge auto-updates: if the verified hash matches the current commit, it shows the score; if the code has changed since verification, it shows 'verification stale'.
| Param | Type | Description |
|---|---|---|
| repo* | string | GitHub owner/repo slug — e.g. Nekzus/npm-sentinel-mcp |
[](https://m8ven.ai/mcp/smithery-nekzus-npm-sentinel-mcp)
Verify a stored score
/api/mcp/verifyVerify whether a previously-issued M8ven badge is current. Used by directories that want to confirm a score embedded in a publisher's README still matches our records.
| Param | Type | Description |
|---|---|---|
| url* | string | The MCP identifier to look up |
| signature | string | Optional HMAC signature to verify against the stored record |
{
"valid": true,
"state": "verified",
"score": 94,
"grade": "A",
"commit_sha": "a1b2c3d...",
"code_hash": "sha256:...",
"verified_at": "2026-04-10T12:00:00Z",
"signature": "..."
}state is verified if the cache matches, code_changed if the upstream repo has been modified since our last scan, or unknown if we have no record at all.
Bulk export
/api/mcp/listBulk listing endpoint optimised for indexers and search engines. Returns the full registry as a flat array — no pagination, slower response, larger payload.
curl 'https://m8ven.ai/api/mcp/list'
Refresh this no more than once per hour. If you need real-time updates, use /api/mcp/registry with sort=updated and a small limit instead.
Scoring model
Scores start at 100 and deduct for findings. Severity buckets:
- Catastrophic (−60): secret exfiltration, sensitive filesystem reads, code obfuscation, missing source, hardcoded credentials. Also hard-cap the ceiling at 25-45.
- High (−15): annotation dishonesty, description vs implementation mismatch, critical CVEs in production deps
- Medium (−8): failing tests, broken coverage, medium CVEs, postinstall hooks
- Low (−3): missing README/license, missing annotations, dev-only CVEs
Tier 1 (manifest reviewed) caps at 80. Tier 2 (code verified) caps at 100. Limited-language scans (non-JS/TS code where AST analysis is unavailable) cap at 75. Letter grades: A ≥ 90, B ≥ 75, C ≥ 60, D ≥ 40, F < 40.
Caching
Every score response includes a code_hash. If you cache responses keyed by hash on your end, repeated lookups become free for the same code: same hash → guaranteed same result. When the publisher pushes new code the hash changes and you naturally fall through to a fresh lookup. This is the same pattern we use internally — verifying once per unique code state, not per request.
Partner integrations
If you operate an MCP directory, an IDE extension, or a developer tool that lists MCPs, we'd love to embed our scores in your UI for free. Email partners@m8ven.ai and we'll set up a partner key, custom rate limits, and a dedicated Slack channel.