GitHub Repository

Testing and certification platform for MCP servers. Lighthouse for the MCP ecosystem.

3 starsTypeScript

MCP Certify – Auto-test MCP servers for security and compliance

Name: MCP Certify – Auto-test MCP servers for security and compliance
Availability: InStock
Author: jackgladowsky

by jackgladowsky·Mar 18, 2026·1 point·0 comments

Visit Project View on HN

AI Analysis

●●SolidShip ItSolve My Problem

Lighthouse-style certification for MCP servers with trivy supply chain scanning.

Strengths

•Six test suites covering protocol, security, functional, performance, supply chain, and runtime
•Trivy integration for vulnerability scanning plus Rego policy support for custom rules
•README badge generation creates visible certification signal for server maintainers

Weaknesses

•OAuth and cloud-hosted server support not yet implemented — best for local stdio servers only
•MCP ecosystem still emerging; limited immediate audience compared to established protocols

Post Description

Hi everyone,

Over the weekend Claude and I built mcp-certify.

Been using MCP since Anthropic dropped the protocol and as its gotten more popular, security has been a major problem for people wanting to run/connect to MCP servers, so I built this CLI that automatically can test any MCP server for:

- protocol compliance - security - logic correctness - performance - supply chain

It returns a single score and detailed findings for the server. Currently works best with local/self-hosted servers (stdio or HTTP). Working on better support for OAuth and cloud-hosted servers next.

Repository: https://github.com/jackgladowsky/mcp-certify Install: npm install -g mcp-certify

Would love some feedback, bug reports, or anything!