HVTracker Is Now an MCP Server: Trust Checks Before Your Agent Connects

June 21, 2026 · 5 min read · HVTracker Research

Your coding agent will happily connect to an MCP server it has never seen, install a package nobody has audited, and run a tool it cannot vouch for. The decision to trust happens silently, in milliseconds, with no evidence on the table.

So we put the evidence on the table — at the exact moment the agent makes that call. HVTracker's public trust registry is now an MCP server. Point any MCP client at https://hvtracker.net/mcp and your agent can ask, before it connects: is this thing tracked, and is there any independent reason to trust it?

Think of it as Safe Browsing for MCP. The same evidence-weighted trust scores behind every leaderboard profile, now callable as three read-only tools over Streamable HTTP — no auth, no signup, and the verdict stays open.

The three tools

The server exposes exactly three tools. All are read-only, idempotent, and safe to call at decision time — they never write anything and never touch your code.

Tool	What it answers
verify_mcp_server	Pre-connect trust verdict for an MCP server, package, or repo. "Should my agent connect to this?" Returns trusted/untracked, grade, score, and reasons.
check_agent_trust	Full supply-chain profile for a tracked agent or framework — trust score, evidence grade, rank, provenance, and OpenSSF Scorecard.
search_agents	Search tracked agents and frameworks by name, repo, or category, ranked by trust score.

A real call

Here is an actual response from the live endpoint — check_agent_trust for LangGraph, pulled straight from the registry:

{
  "query": "LangGraph",
  "tracked": true,
  "name": "LangGraph",
  "repo": "langchain-ai/langgraph",
  "trust_score": 92.8,
  "evidence_grade": "A",
  "rank": 3,
  "category": "Agent Frameworks",
  "has_provenance": true,
  "scorecard_score": 6.8,
  "profile_url": "https://hvtracker.net/agents/langgraph/"
}

An untracked server is honest about it: tracked: false with a note that there is no independent evidence — not a guarantee of harm, just the absence of a reason to trust. That distinction is the whole point.

Add it in 30 seconds

The fastest path is the one-click install on Smithery. Or point any MCP client at the endpoint directly:

{
  "mcpServers": {
    "hvtracker": {
      "url": "https://hvtracker.net/mcp"
    }
  }
}

That's it — no API key, no account. The transport is stateless Streamable HTTP, so it works with any MCP-aware client (Claude, Cursor, and friends). Prefer plain HTTP? The same verdict is available at GET /api/v1/mcp/verify?server=<name>.

Endpoint: https://hvtracker.net/mcp (Streamable HTTP)
One-click install: smithery.ai/servers/hvtracker/hvtracker-mcp
Source & docs: github.com/YugantM/hvtracker-mcp
Browser front door: hvtracker.net/verify — paste any agent or MCP server
HTTP API: hvtracker.net/data

Open verdict, by design

The MCP server is a thin adapter over the same trust engine that powers the site — there is no separate scoring logic, so the tools and the public profiles always agree. The scores and the data stay open under CC BY 4.0; only operations and scale are ever gated. Every grade traces back to public, checkable signals you can audit yourself on the methodology page.

Why this matters now: 45% of the agents we track already ship or declare an MCP server, and most publish no build provenance. As tool-poisoning becomes a top 2026 attack, a trust check before the connection is the cheapest defense there is. We covered the data in Hundreds of AI Agents Now Ship MCP Servers.

Give your agent a trust check

Add the HVTracker MCP server in one click, or verify any agent or MCP server right now in your browser.

Install on Smithery

An agent that can check trust before it connects is a safer agent. The registry was always open — now it's where your agent already is.