64
/100
C
◔ Limited 3⁄4
mcp-lock
MCP servers are installed via npx -y @scope/package — which silently downloads the latest version every time your AI tool starts, with no integrity check. mcp-lock fixes this by recording exact tarball hashes on first run and detecting any changes on every run after that — the same guarantee npm ci gives you for Node.js projects.
Exa
npm
Glama
Limited visibility
— 3/4 applicable dimensions scored
✓ Schema Quality
○ Protocol
— Reliability
✓ Docs & Maintenance
✓ Security Hygiene
— Schema Interpretability
A remote probe is needed for Protocol and Reliability scores.
Schema Quality
48
25% weight
Protocol Compliance
—
20% weight
Reliability
—
20% weight
Docs & Maintenance
68
15% weight
Security Hygiene
81
20% weight
Score History
Category Trends
30-Day Uptime
30 days ago
Today
Static Analysis
| Metric | Score | Rating |
|---|---|---|
| Schema Completeness | 40 | Fair |
| Description Quality | 60 | Fair |
| Documentation Coverage | 40 | Fair |
| Maintenance Pulse | 70 | Good |
| Dependency Health | 75 | Good |
| License Clarity | 100 | Good |
| Version Hygiene | 90 | Good |
Analyzed 1 month, 1 week ago
Add this to your README to display your MCP Scoreboard grade:
