43
grade D
13 days ago
glama
ToolMesh
ToolMesh is an Apache-2.0, self-hosted MCP gateway written in Go that sits between AI agents and backend systems. It enforces a fail-closed pipeline on every tool call, including per-tool and per-user authorization, server-side credential injection, structured audit logging, and output policies. APIs are declared in YAML with DADL, turning REST endpoints into MCP tools without writing a custom MCP
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
✅
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/dunkelcloud-toolmesh-1g7gdk)commit: b088f9128d6bbaf269a7726e0fb5b00d668885ca
code hash: 21ee442b7d4817bd680a5b8169dc57cc450c48af8ea5a8a69e1beaff76073b60
verified: 4/11/2026, 2:20:44 PM