AgentScoreMCP Security

Repo Dossiers

Tracked repos

Dossiers for public GitHub repos with MCP dependencies. Each repo has a canonical URL, a policy-gate verdict, per-package scores, and the aggregate capability surface an AI agent inherits by installing the stack. Seeded from real demand signal (the repos people have looked up via /api/repo/preview).

Want a dossier for a different repo? Enter it in the preview form. If it has MCP deps, you will get a canonical URL at /repo/owner/name.

grafana/k6-studio
Performance testing tool, MCP config detected, 28 lookups across 4 days
Read the dossier →
Shopify/hydrogen
React e-commerce framework, multiple MCP servers, 25 lookups across 5 days
Read the dossier →
redis/RedisInsight
Case study: pinned all MCP versions after our scan
Read the dossier →
stripe/ai
MCP tool servers, single lookup
Read the dossier →
cloudflare/agents
MCP agent runtime, single lookup
Read the dossier →
PrefectHQ/fastmcp
MCP framework, single lookup
Read the dossier →
microsoft/clarity
Analytics platform, single lookup
Read the dossier →
inngest/agent-kit
Agent framework, single lookup
Read the dossier →
upstash/mcp-server
Context7 MCP, single lookup
Read the dossier →
getsentry/spotlight
Dev observability, single lookup
Read the dossier →
kurrent-io/KurrentDB
Event store, single lookup
Read the dossier →
grafana/mcp-grafana
Grafana MCP server, single lookup
Read the dossier →

What a dossier contains

  • Policy-gate verdict: the exact decision (ALLOW / WARN / BLOCK) the AgentScore GitHub Action would return on a PR for this repo.
  • Per-package table: every MCP dependency found, with its current score, risk level, and gate verdict. Each package links to its own report page.
  • Aggregate capability surface: the union of powers (filesystem access, shell exec, network egress, email messaging, etc.) the repo's MCP stack grants to any agent using it, sorted by risk.
  • Files checked: which config files the scanner read (package.json, .mcp.json, .cursor/mcp.json, etc.).
  • Unsupported install paths: items installed via Python, Docker, remote HTTP, or raw git URL that the npm-based scanner cannot reach. Flagged for manual review rather than silently dropped.
  • Timestamped snapshot: a dossier is a point-in-time record of what the repo's MCP surface looks like on a given day. Every view re-fetches; the page caches for an hour.