30 MCP servers. Public signals only. One honest grade each. Every month, automatically.
This is the pipeline behind the MCP Trust Index — our monthly scan of 30 popular AI tool servers. We check real adoption data, maintenance health, and open security advisories from public sources, then publish the results. Transparency is the point: you can see exactly what signals we use and why.
There is no pay-for-placement. A server earns a PASS by having healthy public signals — not by paying us. An ALERT means there's an unpatched critical advisory in the public record. We publish the method so you can verify our work.
🔒 We publish the signals and the grades — not our exact internal thresholds. The methodology is the product.