RegistryCompare › Composio vs MCP TypeScript SDK

Composio vs MCP TypeScript SDK

An independent, evidence-based trust comparison of Composio and MCP TypeScript SDK, two Protocols & Tool Integration projects in the HVTracker registry. Scores come from public, checkable signals — supply-chain provenance, OSSF Scorecard, maintenance, and adoption — not popularity.

Composio leads on trust — 87.5/100 (Grade A) vs 84.8/100 (Grade A), a 2.7-point gap. Full breakdown below.
Signal Composiocomposiohq/composio MCP TypeScript SDKmodelcontextprotocol/typescript-sdk
HVTrust score 87.5 84.8
Evidence grade A A
Overall rank #42 #44
Rank in Protocols & Tool Integration #2 #3
GitHub stars 29.1k 12.8k
Last updated today today
Build provenance No No
OSSF Scorecard 5.8 / 10 6.3 / 10
License MIT NOASSERTION
Downloads 103k/wk
Trust dimensions (points earned)
Safety / integrity / 25 11.6 12.9
Identity & provenance / 20 10.8 10.8
Transparency / 17 13.4 13.9
Maintenance / 20 20.0 19.1
Adoption / 20 17.4 9.9
Open in the live compare tool → Composio profile MCP TypeScript SDK profile More Protocols & Tool Integration →

How to read this: HVTrust (0–100) weighs supply-chain signals (provenance, OSSF Scorecard, signed commits, open license) alongside real-world adoption, scaled by an evidence-confidence factor. Grade bands: A ≥ 80, B ≥ 65, C ≥ 50, D < 50. Signals refresh daily. Full methodology v4.0 →