Releases: aak204/MCP-Scorecard
MCP Scorecard v1.0.0
MCP Scorecard v1.0.0
v1.0.0 is the first stable release of MCP Scorecard.
This release takes the existing deterministic scanner and hardens it into a release-grade
CI-first scorecard for MCP servers. The core philosophy stays the same: local discovery,
deterministic checks, stable scoring, and machine-readable output. What changes in v1.0.0 is the
contract quality, naming consistency, and release surface.
Highlights
- stable V1 JSON scorecard report contract
- explicit score buckets:
conformancesecurityergonomicsmetadata
- explicit check metadata:
idtitlebucketseverityrationale
- scorecard-oriented GitHub Action outputs and PR summary
- preferred CLI name
mcp-scorecard, withmcp-trustretained as a compatibility alias
Included In v1.0.0
- JSON reports now expose a stable top-level contract:
schemageneratorscaninventoryscorecardchecksfindingsgrouped_findingsmetadata
- terminal output now mirrors the scorecard contract:
- generator
- schema version
- scan timestamp
- target description
- total score
- category scores
- findings by bucket
- limitations
- SARIF now carries aligned scorecard metadata in run properties and result properties
- sample reports regenerated from the current scanner
- release docs, checklist, and README updated for
v1.0.0
Compatibility Notes
- the repository and action reference are now
aak204/MCP-Scorecard mcp-scorecardis the preferred CLImcp-trustremains available as a compatibility alias- the Python module remains
mcp_trust
Score Meaning
- a high score means fewer deterministic findings, not a guarantee of safety
- a low score means more deterministic findings or higher-risk exposed surface, not malicious intent
- the score measures deterministic, reviewable properties only
Quickstart
Local:
python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
mcp-scorecard scan --json-out mcp-scorecard-report.json --sarif mcp-scorecard-report.sarif --cmd python examples/insecure-server/server.pyGitHub Actions:
- name: Run MCP Scorecard
id: scorecard
uses: aak204/MCP-Scorecard@v1.0.0
with:
cmd: python path/to/your/server.py
min-score: "80"
json-out: mcp-scorecard-report.json
sarif-out: mcp-scorecard-report.sarif
markdown-out: mcp-scorecard-summary.mdValidation Snapshot
examples/insecure-server->10/100@modelcontextprotocol/server-memory@2026.1.26->100/100@modelcontextprotocol/server-filesystem@2026.1.14->40/100
Out Of Scope
- LLM scoring
- hosted scanning
- registry integration
- certification-style claims
MCP Trust Kit v0.5.0
MCP Trust Kit v0.5.0
v0.5.0 is a narrow integration-driven release.
The scanner contract from v0.4.0 stays intentionally stable: local stdio discovery, deterministic rules, predictable scoring, terminal summary, JSON, SARIF, and GitHub Actions. The main reason for v0.5.0 is to make Layer 1 baseline output easier to consume by downstream systems that care about scan freshness and temporal decay.
Highlights
- explicit
scan_timestampfield in JSON output - matching timestamp metadata in SARIF
- no break to existing
generated_atconsumers - release-ready static baseline contract for higher-layer integrations
Included In v0.5.0
- JSON reports now expose:
scan_timestampgenerated_at- aggregate score breakdown
- capability-aware and hygiene-aware findings
- SARIF runs now expose:
runs[].properties.scan_timestampruns[].invocations[].endTimeUtc
- sample reports regenerated from the current scanner
- release docs and README updated for
v0.5.0
Validation Snapshot
examples/insecure-server->10/100@modelcontextprotocol/server-memory@2026.1.26->100/100@modelcontextprotocol/server-filesystem@2026.1.14->40/100
Contract Note
generated_at is still present for backward compatibility.
scan_timestamp is now the canonical timestamp field for downstream integrations that need to reason about baseline freshness.
Quickstart
python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
mcp-trust scan --json-out baseline.json --cmd python examples/insecure-server/server.pyGitHub Actions:
- name: Run MCP Trust Kit
uses: aak204/MCP-Trust-Kit@v0.5.0
with:
cmd: python path/to/your/server.py
min-score: "80"
json-out: mcp-trust-report.json
sarif-out: mcp-trust-report.sarifMCP Trust Kit v0.4.0: First Public Release
MCP Trust Kit v0.4.0
v0.4.0 is the first practically useful public release of MCP Trust Kit.
This release keeps the product intentionally narrow: local stdio MCP discovery, deterministic
rules, predictable scoring, terminal summary, JSON, SARIF, and GitHub Actions. The main change is
not "more features for the sake of it". The main change is that the score now behaves more like a
review signal and less like a demo number.
Highlights
- deterministic surface-risk scoring for MCP servers
- refined schema heuristics that stop penalizing empty object schemas for no-arg tools by default
- expanded rules for schema hygiene and risky exposed capabilities
- capability-aware report summaries
- terminal output that explains why the score is low and which tools to review first
- real-world validation against public MCP servers
- Bash-first quickstart and production-ish GitHub Action docs
Included In v0.4.0
- local
stdiodiscovery transport - normalized server, tool, finding, and report models
- deterministic rule set covering:
- metadata hygiene
- schema hygiene
- command execution
- filesystem mutation
- network request surface
- download-and-execute patterns
- penalty-based score breakdown across
spec,auth,secrets, andtool_surface - terminal summary, JSON report, and SARIF export
- demo insecure MCP server
- sample reports, validation docs, and CI workflow
Validation Snapshot
examples/insecure-server->10/100@modelcontextprotocol/server-memory@2026.1.26->100/100@modelcontextprotocol/server-filesystem@2026.1.14->40/100
The key interpretation stays the same:
- low score means higher exposed surface risk, not malicious intent
- high score means fewer deterministic findings, not a guarantee of safety
Quickstart
Local:
python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
mcp-trust scan --cmd python examples/insecure-server/server.pyGitHub Actions:
- name: Run MCP Trust Kit
uses: aak204/MCP-Trust-Kit@v0.4.0
with:
cmd: python path/to/your/server.py
min-score: "80"
json-out: mcp-trust-report.json
sarif-out: mcp-trust-report.sarif