@kryptosai/mcp-observatory 0.22.0 → 0.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/COMMERCIAL.md +5 -3
  2. package/PRIVACY.md +5 -2
  3. package/README.md +28 -13
  4. package/dist/src/cli.js +1 -1
  5. package/dist/src/cli.js.map +1 -1
  6. package/dist/src/commands/init-ci.d.ts +3 -0
  7. package/dist/src/commands/init-ci.js +26 -9
  8. package/dist/src/commands/init-ci.js.map +1 -1
  9. package/dist/src/commercial.js +2 -2
  10. package/dist/src/commercial.js.map +1 -1
  11. package/dist/src/reporters/pr-comment.js +6 -2
  12. package/dist/src/reporters/pr-comment.js.map +1 -1
  13. package/dist/src/score.js +1 -1
  14. package/dist/src/score.js.map +1 -1
  15. package/dist/src/validate.js +58 -3
  16. package/dist/src/validate.js.map +1 -1
  17. package/docs/certification-campaign-template.md +10 -10
  18. package/docs/certification-distribution.md +16 -0
  19. package/docs/directory-listing-copy.md +12 -5
  20. package/docs/distribution-launch.md +5 -5
  21. package/docs/enterprise-outreach-playbook.md +2 -2
  22. package/docs/mcp-lock-files.md +63 -0
  23. package/docs/mcp-safety-report-latest.md +16 -7
  24. package/docs/mcp-security-field-guide.md +97 -0
  25. package/docs/mcp-server-safety-index.md +61 -0
  26. package/docs/methodology.md +90 -0
  27. package/docs/metrics-dashboard.md +105 -0
  28. package/docs/paid-pilot-offer.md +74 -0
  29. package/docs/project-case-study.md +77 -43
  30. package/docs/proof.md +42 -12
  31. package/docs/public-post-drafts.md +98 -0
  32. package/docs/publish-readiness.md +6 -4
  33. package/docs/reference-evaluations.md +134 -0
  34. package/docs/safety-index/artifacts/antv-chart-server.json +2765 -0
  35. package/docs/safety-index/artifacts/antv-chart-server.md +156 -0
  36. package/docs/safety-index/artifacts/browsermcp-server.json +416 -0
  37. package/docs/safety-index/artifacts/browsermcp-server.md +163 -0
  38. package/docs/safety-index/artifacts/context7-server.json +286 -0
  39. package/docs/safety-index/artifacts/context7-server.md +163 -0
  40. package/docs/safety-index/artifacts/everything-server.json +482 -0
  41. package/docs/safety-index/artifacts/everything-server.md +163 -0
  42. package/docs/safety-index/artifacts/executeautomation-playwright-server.json +955 -0
  43. package/docs/safety-index/artifacts/executeautomation-playwright-server.md +163 -0
  44. package/docs/safety-index/artifacts/filesystem-server.json +583 -0
  45. package/docs/safety-index/artifacts/filesystem-server.md +156 -0
  46. package/docs/safety-index/artifacts/memory-server.json +469 -0
  47. package/docs/safety-index/artifacts/memory-server.md +156 -0
  48. package/docs/safety-index/artifacts/opentofu-server.json +387 -0
  49. package/docs/safety-index/artifacts/opentofu-server.md +163 -0
  50. package/docs/safety-index/artifacts/playwright-mcp-server.json +919 -0
  51. package/docs/safety-index/artifacts/playwright-mcp-server.md +156 -0
  52. package/docs/safety-index/artifacts/promptopia-server.json +442 -0
  53. package/docs/safety-index/artifacts/promptopia-server.md +156 -0
  54. package/docs/safety-index/artifacts/puppeteer-server.json +377 -0
  55. package/docs/safety-index/artifacts/puppeteer-server.md +163 -0
  56. package/docs/safety-index/artifacts/ref-tools-server.json +262 -0
  57. package/docs/safety-index/artifacts/ref-tools-server.md +156 -0
  58. package/docs/safety-index/artifacts/sequential-thinking-server.json +286 -0
  59. package/docs/safety-index/artifacts/sequential-thinking-server.md +156 -0
  60. package/docs/safety-index/maintainer-note-template.md +25 -0
  61. package/docs/safety-index/targets.json +192 -0
  62. package/package.json +17 -13
package/docs/safety-index/artifacts/filesystem-server.json ADDED
@@ -0,0 +1,583 @@
1
+ {
2
+ "artifactType": "run",
3
+ "schemaVersion": "1.0.0",
4
+ "gate": "pass",
5
+ "runId": "run_2026-06-24T020723999Z_5297ea01",
6
+ "createdAt": "2026-06-24T02:07:23.999Z",
7
+ "toolVersion": "0.24.0",
8
+ "target": {
9
+ "targetId": "filesystem-server",
10
+ "adapter": "local-process",
11
+ "command": "npx",
12
+ "args": [
13
+ "-y",
14
+ "@modelcontextprotocol/server-filesystem",
15
+ "examples/filesystem-fixture"
16
+ ],
17
+ "cwd": ".",
18
+ "metadata": {
19
+ "package": "@modelcontextprotocol/server-filesystem",
20
+ "purpose": "mcp-safety-index",
21
+ "riskClass": "Filesystem boundary",
22
+ "failureClass": "Sandboxed filesystem access",
23
+ "whyItMatters": "Filesystem tools need harmless test roots and clear read/write boundaries."
24
+ },
25
+ "serverName": "secure-filesystem-server",
26
+ "serverVersion": "0.2.0"
27
+ },
28
+ "environment": {
29
+ "platform": "darwin 25.5.0",
30
+ "nodeVersion": "v22.22.1"
31
+ },
32
+ "summary": {
33
+ "total": 7,
34
+ "pass": 2,
35
+ "fail": 0,
36
+ "partial": 3,
37
+ "unsupported": 2,
38
+ "flaky": 0,
39
+ "skipped": 0,
40
+ "gate": "pass"
41
+ },
42
+ "checks": [
43
+ {
44
+ "id": "tools",
45
+ "capability": "tools",
46
+ "status": "pass",
47
+ "durationMs": 5.625334000000294,
48
+ "message": "Advertised capability responded with the minimal expected shape (14 items).",
49
+ "evidence": [
50
+ {
51
+ "endpoint": "tools/list",
52
+ "advertised": true,
53
+ "responded": true,
54
+ "minimalShapePresent": true,
55
+ "itemCount": 14,
56
+ "identifiers": [
57
+ "read_file",
58
+ "read_text_file",
59
+ "read_media_file",
60
+ "read_multiple_files",
61
+ "write_file",
62
+ "edit_file",
63
+ "create_directory",
64
+ "list_directory",
65
+ "list_directory_with_sizes",
66
+ "directory_tree",
67
+ "move_file",
68
+ "search_files",
69
+ "get_file_info",
70
+ "list_allowed_directories"
71
+ ],
72
+ "diagnostics": [
73
+ "Secure MCP Filesystem Server running on stdio",
74
+ "Client does not support MCP Roots, using allowed directories set from server args: [",
75
+ "'/Users/williamweishuhn/Documents/New project/mcp-observatory/examples/filesystem-fixture'",
76
+ "]"
77
+ ],
78
+ "schemas": {
79
+ "read_file": {
80
+ "type": "object",
81
+ "properties": {
82
+ "path": {
83
+ "type": "string"
84
+ },
85
+ "tail": {
86
+ "description": "If provided, returns only the last N lines of the file",
87
+ "type": "number"
88
+ },
89
+ "head": {
90
+ "description": "If provided, returns only the first N lines of the file",
91
+ "type": "number"
92
+ }
93
+ },
94
+ "required": [
95
+ "path"
96
+ ],
97
+ "$schema": "http://json-schema.org/draft-07/schema#"
98
+ },
99
+ "read_text_file": {
100
+ "type": "object",
101
+ "properties": {
102
+ "path": {
103
+ "type": "string"
104
+ },
105
+ "tail": {
106
+ "description": "If provided, returns only the last N lines of the file",
107
+ "type": "number"
108
+ },
109
+ "head": {
110
+ "description": "If provided, returns only the first N lines of the file",
111
+ "type": "number"
112
+ }
113
+ },
114
+ "required": [
115
+ "path"
116
+ ],
117
+ "$schema": "http://json-schema.org/draft-07/schema#"
118
+ },
119
+ "read_media_file": {
120
+ "type": "object",
121
+ "properties": {
122
+ "path": {
123
+ "type": "string"
124
+ }
125
+ },
126
+ "required": [
127
+ "path"
128
+ ],
129
+ "$schema": "http://json-schema.org/draft-07/schema#"
130
+ },
131
+ "read_multiple_files": {
132
+ "type": "object",
133
+ "properties": {
134
+ "paths": {
135
+ "minItems": 1,
136
+ "type": "array",
137
+ "items": {
138
+ "type": "string"
139
+ },
140
+ "description": "Array of file paths to read. Each path must be a string pointing to a valid file within allowed directories."
141
+ }
142
+ },
143
+ "required": [
144
+ "paths"
145
+ ],
146
+ "$schema": "http://json-schema.org/draft-07/schema#"
147
+ },
148
+ "write_file": {
149
+ "type": "object",
150
+ "properties": {
151
+ "path": {
152
+ "type": "string"
153
+ },
154
+ "content": {
155
+ "type": "string"
156
+ }
157
+ },
158
+ "required": [
159
+ "path",
160
+ "content"
161
+ ],
162
+ "$schema": "http://json-schema.org/draft-07/schema#"
163
+ },
164
+ "edit_file": {
165
+ "type": "object",
166
+ "properties": {
167
+ "path": {
168
+ "type": "string"
169
+ },
170
+ "edits": {
171
+ "type": "array",
172
+ "items": {
173
+ "type": "object",
174
+ "properties": {
175
+ "oldText": {
176
+ "type": "string",
177
+ "description": "Text to search for - must match exactly"
178
+ },
179
+ "newText": {
180
+ "type": "string",
181
+ "description": "Text to replace with"
182
+ }
183
+ },
184
+ "required": [
185
+ "oldText",
186
+ "newText"
187
+ ]
188
+ }
189
+ },
190
+ "dryRun": {
191
+ "default": false,
192
+ "description": "Preview changes using git-style diff format",
193
+ "type": "boolean"
194
+ }
195
+ },
196
+ "required": [
197
+ "path",
198
+ "edits"
199
+ ],
200
+ "$schema": "http://json-schema.org/draft-07/schema#"
201
+ },
202
+ "create_directory": {
203
+ "type": "object",
204
+ "properties": {
205
+ "path": {
206
+ "type": "string"
207
+ }
208
+ },
209
+ "required": [
210
+ "path"
211
+ ],
212
+ "$schema": "http://json-schema.org/draft-07/schema#"
213
+ },
214
+ "list_directory": {
215
+ "type": "object",
216
+ "properties": {
217
+ "path": {
218
+ "type": "string"
219
+ }
220
+ },
221
+ "required": [
222
+ "path"
223
+ ],
224
+ "$schema": "http://json-schema.org/draft-07/schema#"
225
+ },
226
+ "list_directory_with_sizes": {
227
+ "type": "object",
228
+ "properties": {
229
+ "path": {
230
+ "type": "string"
231
+ },
232
+ "sortBy": {
233
+ "default": "name",
234
+ "description": "Sort entries by name or size",
235
+ "type": "string",
236
+ "enum": [
237
+ "name",
238
+ "size"
239
+ ]
240
+ }
241
+ },
242
+ "required": [
243
+ "path"
244
+ ],
245
+ "$schema": "http://json-schema.org/draft-07/schema#"
246
+ },
247
+ "directory_tree": {
248
+ "type": "object",
249
+ "properties": {
250
+ "path": {
251
+ "type": "string"
252
+ },
253
+ "excludePatterns": {
254
+ "default": [],
255
+ "type": "array",
256
+ "items": {
257
+ "type": "string"
258
+ }
259
+ }
260
+ },
261
+ "required": [
262
+ "path"
263
+ ],
264
+ "$schema": "http://json-schema.org/draft-07/schema#"
265
+ },
266
+ "move_file": {
267
+ "type": "object",
268
+ "properties": {
269
+ "source": {
270
+ "type": "string"
271
+ },
272
+ "destination": {
273
+ "type": "string"
274
+ }
275
+ },
276
+ "required": [
277
+ "source",
278
+ "destination"
279
+ ],
280
+ "$schema": "http://json-schema.org/draft-07/schema#"
281
+ },
282
+ "search_files": {
283
+ "type": "object",
284
+ "properties": {
285
+ "path": {
286
+ "type": "string"
287
+ },
288
+ "pattern": {
289
+ "type": "string"
290
+ },
291
+ "excludePatterns": {
292
+ "default": [],
293
+ "type": "array",
294
+ "items": {
295
+ "type": "string"
296
+ }
297
+ }
298
+ },
299
+ "required": [
300
+ "path",
301
+ "pattern"
302
+ ],
303
+ "$schema": "http://json-schema.org/draft-07/schema#"
304
+ },
305
+ "get_file_info": {
306
+ "type": "object",
307
+ "properties": {
308
+ "path": {
309
+ "type": "string"
310
+ }
311
+ },
312
+ "required": [
313
+ "path"
314
+ ],
315
+ "$schema": "http://json-schema.org/draft-07/schema#"
316
+ },
317
+ "list_allowed_directories": {
318
+ "type": "object",
319
+ "properties": {},
320
+ "$schema": "http://json-schema.org/draft-07/schema#"
321
+ }
322
+ }
323
+ }
324
+ ]
325
+ },
326
+ {
327
+ "id": "prompts",
328
+ "capability": "prompts",
329
+ "status": "unsupported",
330
+ "durationMs": 0.0021669999996447586,
331
+ "message": "Prompts are not advertised by the target.",
332
+ "evidence": [
333
+ {
334
+ "endpoint": "prompts/list",
335
+ "advertised": false,
336
+ "responded": false,
337
+ "minimalShapePresent": false,
338
+ "diagnostics": []
339
+ }
340
+ ]
341
+ },
342
+ {
343
+ "id": "resources",
344
+ "capability": "resources",
345
+ "status": "unsupported",
346
+ "durationMs": 0.001209000000017113,
347
+ "message": "Resources are not advertised by the target.",
348
+ "evidence": [
349
+ {
350
+ "endpoint": "resources/list | resources/templates/list",
351
+ "advertised": false,
352
+ "responded": false,
353
+ "minimalShapePresent": false,
354
+ "diagnostics": []
355
+ }
356
+ ]
357
+ },
358
+ {
359
+ "id": "security-lite",
360
+ "capability": "security-lite",
361
+ "status": "partial",
362
+ "durationMs": 0.17987500000026557,
363
+ "message": "Found 3 security finding(s): 0 high, 3 medium, 0 low.",
364
+ "evidence": [
365
+ {
366
+ "endpoint": "security/scan-lite",
367
+ "advertised": true,
368
+ "responded": true,
369
+ "minimalShapePresent": true,
370
+ "itemCount": 3,
371
+ "identifiers": [
372
+ "write_file",
373
+ "edit_file",
374
+ "create_directory"
375
+ ],
376
+ "diagnostics": [
377
+ "[medium] Tool \"write_file\" accepts filesystem paths and has destructive capabilities.",
378
+ "[medium] Tool \"edit_file\" accepts filesystem paths and has destructive capabilities.",
379
+ "[medium] Tool \"create_directory\" accepts filesystem paths and has destructive capabilities."
380
+ ],
381
+ "findings": [
382
+ {
383
+ "ruleId": "broad-filesystem",
384
+ "severity": "medium",
385
+ "toolName": "write_file",
386
+ "message": "Tool \"write_file\" accepts filesystem paths and has destructive capabilities."
387
+ },
388
+ {
389
+ "ruleId": "broad-filesystem",
390
+ "severity": "medium",
391
+ "toolName": "edit_file",
392
+ "message": "Tool \"edit_file\" accepts filesystem paths and has destructive capabilities."
393
+ },
394
+ {
395
+ "ruleId": "broad-filesystem",
396
+ "severity": "medium",
397
+ "toolName": "create_directory",
398
+ "message": "Tool \"create_directory\" accepts filesystem paths and has destructive capabilities."
399
+ }
400
+ ]
401
+ }
402
+ ]
403
+ },
404
+ {
405
+ "id": "conformance",
406
+ "capability": "conformance",
407
+ "status": "pass",
408
+ "durationMs": 5.242750000000342,
409
+ "message": "All 7 conformance checks passed.",
410
+ "evidence": [
411
+ {
412
+ "endpoint": "conformance/check",
413
+ "advertised": true,
414
+ "responded": true,
415
+ "minimalShapePresent": true,
416
+ "itemCount": 7,
417
+ "identifiers": [],
418
+ "diagnostics": [
419
+ "[pass] capabilities-present: Server returned capabilities object.",
420
+ "[pass] server-info: Server provided initialization info.",
421
+ "[pass] tools-capability-match: tools/list returned 14 tool(s).",
422
+ "[pass] prompts-capability-match: Prompts not advertised — endpoint check skipped.",
423
+ "[pass] resources-capability-match: Resources not advertised — endpoint check skipped.",
424
+ "[pass] tool-response-content: Tool \"list_allowed_directories\" response has valid content array.",
425
+ "[pass] error-handling: Server returned proper error code -32601 for unknown method."
426
+ ]
427
+ }
428
+ ]
429
+ },
430
+ {
431
+ "id": "schema-quality",
432
+ "capability": "schema-quality",
433
+ "status": "partial",
434
+ "durationMs": 2.2571250000000873,
435
+ "message": "Found 18 quality finding(s) across 14 item(s): 0 warnings, 18 info.",
436
+ "evidence": [
437
+ {
438
+ "endpoint": "schema-quality/scan",
439
+ "advertised": true,
440
+ "responded": true,
441
+ "minimalShapePresent": true,
442
+ "itemCount": 18,
443
+ "identifiers": [
444
+ "read_file",
445
+ "read_text_file",
446
+ "read_media_file",
447
+ "write_file",
448
+ "edit_file",
449
+ "create_directory",
450
+ "list_directory",
451
+ "list_directory_with_sizes",
452
+ "directory_tree",
453
+ "move_file",
454
+ "search_files",
455
+ "get_file_info"
456
+ ],
457
+ "diagnostics": [
458
+ "[info] tool \"read_file\": Property 'path' missing description",
459
+ "[info] tool \"read_text_file\": Property 'path' missing description",
460
+ "[info] tool \"read_media_file\": Property 'path' missing description",
461
+ "[info] tool \"write_file\": Property 'path' missing description",
462
+ "[info] tool \"write_file\": Property 'content' missing description",
463
+ "[info] tool \"edit_file\": Property 'path' missing description",
464
+ "[info] tool \"edit_file\": Property 'edits' missing description",
465
+ "[info] tool \"create_directory\": Property 'path' missing description",
466
+ "[info] tool \"list_directory\": Property 'path' missing description",
467
+ "[info] tool \"list_directory_with_sizes\": Property 'path' missing description",
468
+ "[info] tool \"directory_tree\": Property 'path' missing description",
469
+ "[info] tool \"directory_tree\": Property 'excludePatterns' missing description",
470
+ "[info] tool \"move_file\": Property 'source' missing description",
471
+ "[info] tool \"move_file\": Property 'destination' missing description",
472
+ "[info] tool \"search_files\": Property 'path' missing description",
473
+ "[info] tool \"search_files\": Property 'pattern' missing description",
474
+ "[info] tool \"search_files\": Property 'excludePatterns' missing description",
475
+ "[info] tool \"get_file_info\": Property 'path' missing description"
476
+ ]
477
+ }
478
+ ]
479
+ },
480
+ {
481
+ "id": "security",
482
+ "capability": "security",
483
+ "status": "partial",
484
+ "durationMs": 2.14449999999988,
485
+ "message": "Found 3 security finding(s): 0 high, 3 medium, 0 low.",
486
+ "evidence": [
487
+ {
488
+ "endpoint": "security/scan",
489
+ "advertised": true,
490
+ "responded": true,
491
+ "minimalShapePresent": true,
492
+ "itemCount": 3,
493
+ "identifiers": [
494
+ "write_file",
495
+ "edit_file",
496
+ "create_directory"
497
+ ],
498
+ "diagnostics": [
499
+ "[medium] Tool \"write_file\" accepts filesystem paths and has destructive capabilities.",
500
+ "[medium] Tool \"edit_file\" accepts filesystem paths and has destructive capabilities.",
501
+ "[medium] Tool \"create_directory\" accepts filesystem paths and has destructive capabilities."
502
+ ],
503
+ "findings": [
504
+ {
505
+ "ruleId": "broad-filesystem",
506
+ "severity": "medium",
507
+ "toolName": "write_file",
508
+ "message": "Tool \"write_file\" accepts filesystem paths and has destructive capabilities."
509
+ },
510
+ {
511
+ "ruleId": "broad-filesystem",
512
+ "severity": "medium",
513
+ "toolName": "edit_file",
514
+ "message": "Tool \"edit_file\" accepts filesystem paths and has destructive capabilities."
515
+ },
516
+ {
517
+ "ruleId": "broad-filesystem",
518
+ "severity": "medium",
519
+ "toolName": "create_directory",
520
+ "message": "Tool \"create_directory\" accepts filesystem paths and has destructive capabilities."
521
+ }
522
+ ]
523
+ }
524
+ ]
525
+ }
526
+ ],
527
+ "healthScore": {
528
+ "overall": 77,
529
+ "grade": "C",
530
+ "dimensions": [
531
+ {
532
+ "name": "Protocol Compliance",
533
+ "weight": 0.3,
534
+ "score": 100,
535
+ "details": [
536
+ "conformance: pass (100/100)"
537
+ ]
538
+ },
539
+ {
540
+ "name": "Schema Quality",
541
+ "weight": 0.2,
542
+ "score": 60,
543
+ "details": [
544
+ "schema-quality: partial (60/100)"
545
+ ]
546
+ },
547
+ {
548
+ "name": "Security",
549
+ "weight": 0.2,
550
+ "score": 60,
551
+ "details": [
552
+ "security-lite: partial (60/100)",
553
+ "security: partial (60/100)"
554
+ ]
555
+ },
556
+ {
557
+ "name": "Reliability",
558
+ "weight": 0.2,
559
+ "score": 67,
560
+ "details": [
561
+ "tools: pass (100/100)",
562
+ "prompts: unsupported (50/100)",
563
+ "resources: unsupported (50/100)"
564
+ ]
565
+ },
566
+ {
567
+ "name": "Performance",
568
+ "weight": 0.1,
569
+ "score": 100,
570
+ "details": [
571
+ "Connect: 733ms",
572
+ "p95 latency: 6ms (3 operations)"
573
+ ]
574
+ }
575
+ ]
576
+ },
577
+ "performanceMetrics": {
578
+ "connectMs": 733.215083,
579
+ "toolsListMs": 5.625334000000294,
580
+ "promptsListMs": 0.0021669999996447586,
581
+ "resourcesListMs": 0.001209000000017113
582
+ }
583
+ }