@kryptosai/mcp-observatory 0.23.0 → 0.24.0

package/docs/metrics-dashboard.md

@@ -0,0 +1,105 @@
+# Local Metrics Dashboard
+
+MCP Observatory includes a private laptop dashboard for collecting telemetry, GitHub activity, and npm download data going forward.
+
+The dashboard is intentionally local. It stores raw telemetry in a SQLite database on your laptop, then renders a sanitized static HTML view that is safe to screenshot or skim without exposing raw emails, hostnames, private URLs, tokens, or private command bodies.
+
+The layout follows an App Store Connect-style breakdown:
+
+- Overview
+- Acquisition
+- Downloads
+- Usage
+- Reliability
+
+Daily rows are shown newest to oldest so the most recent project activity is always at the top.
+
+## Refresh
+
+```bash
+npm run metrics:refresh
+npm run metrics:serve
+```
+
+Outputs are written to:
+
+- `.mcp-observatory-metrics/observatory.sqlite`
+- `.mcp-observatory-metrics/dashboard/index.html`
+- `.mcp-observatory-metrics/dashboard/latest.json`
+- `.mcp-observatory-metrics/logs/`
+
+The local metrics directory is ignored by git and should not be published.
+
+## Data Sources
+
+The collector stores each source independently. If one source fails, the dashboard still builds from the last good SQLite data and records the failure in the Reliability section.
+
+| Source | Data |
+| --- | --- |
+| Telemetry | Existing Cloudflare D1 export flow via `scripts/export-telemetry-d1.ts` |
+| GitHub | clones, views, referrers, popular paths, repo snapshot, latest release, open issue/PR counts, workflow runs |
+| npm | public daily downloads for `@kryptosai/mcp-observatory` |
+
+GitHub traffic APIs have a limited visible window, so the collector stores snapshots locally going forward. npm daily buckets can lag; the dashboard labels npm data as complete public days rather than assuming current-day zero.
+
+## Credentials
+
+GitHub collection uses either:
+
+```bash
+gh auth login
+```
+
+or:
+
+```bash
+export GH_TOKEN=...
+```
+
+Telemetry collection uses the same Wrangler configuration as the existing telemetry export script. If the config is not auto-discovered, set:
+
+```bash
+export MCP_OBSERVATORY_TELEMETRY_WRANGLER_CONFIG=/path/to/wrangler.toml
+export MCP_OBSERVATORY_TELEMETRY_D1_DATABASE=mcp-observatory-telemetry
+```
+
+No npm token is required for public download counts.
+
+## Commands
+
+```bash
+npm run metrics:collect   # collect telemetry, GitHub, and npm into SQLite
+npm run metrics:build     # render HTML from the existing SQLite database
+npm run metrics:refresh   # collect + build
+npm run metrics:open      # open the static read-only dashboard
+npm run metrics:serve     # open the local dashboard with an Update Data button
+```
+
+The **Update Data** button is available in `metrics:serve` mode. A static `file://` dashboard cannot run local commands from the browser, so `metrics:open` shows the same data but disables the button.
+
+For tests or offline recovery, you can seed telemetry from an existing export:
+
+```bash
+npm run metrics:refresh -- --telemetry-input telemetry-exports/events-flat-full.json
+```
+
+## Optional Hourly Refresh
+
+Generate a small local refresh wrapper:
+
+```bash
+npx tsx scripts/metrics-dashboard.ts scheduler
+```
+
+The generated script lives under `.mcp-observatory-metrics/` and can be called by `launchd` or cron. It uses the same refresh command and writes logs to `.mcp-observatory-metrics/logs/refresh.log`.
+
+## Privacy
+
+Raw telemetry remains available in the local SQLite database for account intelligence and product analytics. The dashboard view uses sanitized aggregates by default:
+
+- company domains, not raw emails
+- aggregate source and command counts, not private command bodies
+- GitHub and npm public metrics
+- collection errors and freshness status
+
+Do not commit `.mcp-observatory-metrics/`, telemetry exports, private reports, or screenshots that reveal raw data.

package/docs/paid-pilot-offer.md

@@ -17,11 +17,13 @@ This is a manual pilot, not a self-serve SaaS promise.
 
 ## What The Pilot Includes
 
-- review of the customer’s MCP config, repo, or startup commands
-- MCP Observatory CI rollout for selected servers
+- MCP server inventory across selected repos, configs, or agent environments
+- reproducible test artifacts for each reviewed server
 - private readiness report covering startup, capabilities, schema quality, security findings, and drift risk
-- MCP lock-file setup for contract drift review
-- prioritized remediation notes
+- schema/tool drift baseline using MCP lock files
+- MCP Observatory CI rollout plan for selected servers
+- executive summary with “safe for agent dependency” verdicts
+- prioritized remediation notes and owner-ready next steps
 - optional certification language for servers that pass agreed checks
 
 ## Starting Prices
@@ -55,4 +57,18 @@ William
 
 ## Delivery Shape
 
-Start with static reports and CI setup. Do not build a dashboard until paid pilot feedback proves exactly what buyers need.
+Start with static reports and CI setup. The first deliverable should look like an internal security/readiness packet, not a SaaS login.
+
+## Evidence Standard
+
+The public [Safety Methodology](./methodology.md) and [MCP Server Safety Index](./mcp-server-safety-index.md) are the template for private work:
+
+- command/config used
+- date and tool version
+- JSON artifact
+- Markdown or HTML report
+- failure class
+- verdict
+- reproduction notes
+
+Private pilots can include customer-specific details, but public/customer-facing summaries should use sanitized evidence unless the customer approves otherwise.

package/docs/project-case-study.md

@@ -57,14 +57,15 @@ For deeper context, see the [MCP Server Security Field Guide](./mcp-security-fie
 
 Telemetry is used privately to understand product usage and identify account-level signals without publishing raw personal data.
 
-As of the latest local export on June 20, 2026:
+As of the latest local export on June 21, 2026:
 
-- 10,918 telemetry events
-- 7,380 total sessions
-- 5,379 external sessions after separating internal activity
+- 11,481 telemetry events
+- 7,571 total sessions
+- 5,389 external sessions after separating internal activity
 - 2,446 external CI sessions
-- 138 attributed company/org sessions
-- 11 attributed company/org candidates
+- 148 attributed company/org sessions
+- 12 attributed company/org candidates
+- latest external activity: June 21, 2026
 
 Public claims use aggregate or sanitized data only. Raw emails, hostnames, private URLs, tokens, and response bodies are not published.
 
@@ -77,9 +78,12 @@ Current public distribution proof includes:
 - latest release: `v0.23.0`
 - npm package: `@kryptosai/mcp-observatory`
 - GitHub Action: `KryptosAI/mcp-observatory/action@main`
-- visible GitHub traffic window: 721 clones and 221 unique cloners
+- npm downloads snapshot: 511 downloads for June 11-20, 2026
+- visible GitHub traffic window: 745 clones and 232 unique cloners
+- visible GitHub page-view window: 12 views and 9 unique visitors
+- public code-search references in MCP indexes, listing mirrors, and external experiment repos
 - official MCP reference PR open and green: [`modelcontextprotocol/servers#4392`](https://github.com/modelcontextprotocol/servers/pull/4392)
-- open certification PRs for Microsoft Playwright MCP, Upstash Context7, ExecuteAutomation Playwright MCP, and other MCP projects
+- open certification PRs for Microsoft Playwright MCP, Upstash Context7, ExecuteAutomation Playwright MCP, AntV, BrowserMCP, UI5, Notion, and other MCP projects
 
 See [reference evaluations](./reference-evaluations.md) and [public proof](./proof.md).
 

package/docs/proof.md

@@ -5,13 +5,15 @@ MCP Observatory is early, but it is already a working MCP testing/security stack
 ## Current Public Surface
 
 - npm package: `@kryptosai/mcp-observatory`
-- GitHub Action: `KryptosAI/mcp-observatory/action@main`
+- GitHub Action: `KryptosAI/mcp-observatory/action@v0.24.0`
 - Latest release: `v0.23.0`
 - CLI command count: scan, test, record, replay, verify, diff, watch, suggest, serve, lock, history, init-ci, ci-report, enterprise-report, score, badge, cloud
 - Test suite: 334 passing tests across 43 test files as of June 20, 2026
-- GitHub traffic snapshot: 721 clones and 221 unique cloners in the visible June 2026 traffic window
-- npm downloads snapshot: 104 downloads for June 11-17, 2026
+- GitHub traffic snapshot: 745 clones and 232 unique cloners in the visible June 2026 traffic window
+- GitHub page views snapshot: 12 views and 9 unique visitors in the visible June 2026 traffic window
+- npm downloads snapshot: 511 downloads for June 11-20, 2026
 - Security guide: [MCP Server Security Field Guide](./mcp-security-field-guide.md)
+- Safety methodology: [MCP Observatory Safety Methodology](./methodology.md)
 - Safety index: [MCP Server Safety Index](./mcp-server-safety-index.md)
 - Public examples: [Reference Evaluations](./reference-evaluations.md)
 - Lock-file CI primitive: [MCP Lock Files](./mcp-lock-files.md)
@@ -22,14 +24,15 @@ MCP Observatory is early, but it is already a working MCP testing/security stack
 
 Internal telemetry is used for product analytics and account-level outreach. Public reporting uses only aggregate or sanitized data.
 
-As of the latest local export on June 20, 2026:
+As of the latest local export on June 21, 2026:
 
-- 10,918 telemetry events
-- 7,380 total sessions
-- 5,379 external sessions after separating internal/personal activity
+- 11,481 telemetry events
+- 7,571 total sessions
+- 5,389 external sessions after separating internal/personal activity
 - 2,446 external CI sessions
-- 138 attributed company/org sessions
-- 11 attributed company/org candidates
+- 148 attributed company/org sessions
+- 12 attributed company/org candidates
+- latest external activity: June 21, 2026
 - top external commands: `serve`, `run`, `diff`, `test`, `scan`, `history`
 
 Raw emails, hostnames, private URLs, tokens, and response bodies are not published.
@@ -54,20 +57,30 @@ MCP Observatory can:
 
 The certification campaign is designed to create public proof through accepted maintainer PRs.
 
-Accepted third-party integrations will be tracked here:
+Open and accepted third-party integrations are tracked here:
 
 | Repo | PR | Check Added | Badge Added | Status |
 | --- | --- | --- | --- | --- |
 | `modelcontextprotocol/servers` | [#4392](https://github.com/modelcontextprotocol/servers/pull/4392) | Yes | No | Open, mergeable, MCP Observatory check passing |
-| `microsoft/playwright-mcp` | [#1657](https://github.com/microsoft/playwright-mcp/pull/1657) | Yes | No | Open |
-| `upstash/context7` | [#2800](https://github.com/upstash/context7/pull/2800) | Yes | No | Open |
+| `microsoft/playwright-mcp` | [#1657](https://github.com/microsoft/playwright-mcp/pull/1657) | Yes | No | Closed, unmerged |
+| `upstash/context7` | [#2800](https://github.com/upstash/context7/pull/2800) | Yes | No | Closed, maintainer declined third-party CI |
 | `executeautomation/mcp-playwright` | [#225](https://github.com/executeautomation/mcp-playwright/pull/225) | Yes | No | Open |
 | `kazuph/mcp-taskmanager` | [#11](https://github.com/kazuph/mcp-taskmanager/pull/11) | Yes | No | Open |
-| `cyanheads/filesystem-mcp-server` | [#19](https://github.com/cyanheads/filesystem-mcp-server/pull/19) | Yes | No | Open |
+| `cyanheads/filesystem-mcp-server` | [#19](https://github.com/cyanheads/filesystem-mcp-server/pull/19) | Yes | No | Closed, unmerged |
 | `antvis/mcp-server-chart` | [#312](https://github.com/antvis/mcp-server-chart/pull/312) | Yes | No | Open |
 | `BrowserMCP/mcp` | [#189](https://github.com/BrowserMCP/mcp/pull/189) | Yes | No | Open |
-| `UI5/mcp-server` | [#348](https://github.com/UI5/mcp-server/pull/348) | Yes | No | Open |
-| `makenotion/notion-mcp-server` | [#324](https://github.com/makenotion/notion-mcp-server/pull/324) | Yes | No | Open |
+| `UI5/mcp-server` | [#348](https://github.com/UI5/mcp-server/pull/348) | Yes | No | Closed, maintainer declined third-party CI |
+| `makenotion/notion-mcp-server` | [#324](https://github.com/makenotion/notion-mcp-server/pull/324) | Yes | No | Closed after policy-style CI failure |
+
+## Public Discovery Snapshot
+
+GitHub code search shows public references outside the main repo. These are discovery/listing signals, not customer claims:
+
+- `punkpeye/awesome-mcp-devtools` lists MCP Observatory in an MCP developer-tools index.
+- `linny006/mcp-servers-live` mirrors a public MCP Observatory listing page.
+- `gabrielmoreira/awesome-ai-rabbit-holes` catalogs the GitHub project.
+- `fmfg03/supermcp` includes an `apps/mcp-observatory` package path.
+- `vellankikoti/mcp-observatory`, `LuKrlier/mcp-observatory`, and `shigeki7777/sasame-mcp-observatory` appear as separate public repos referencing or experimenting with the Observatory name/code surface.
 
 ## Commercial Proof
 

package/docs/public-post-drafts.md

@@ -2,12 +2,22 @@
 
 Use these as launch posts, GitHub Discussion posts, LinkedIn posts, or short blog drafts. The framing is about MCP safety patterns, not “look at my tool.”
 
-## 1. I Tested 20 MCP Servers. The Pattern Was Not “Bad Servers”; It Was Missing Gates.
+## Flagship Post: I Tested Popular MCP Servers. The Failure Pattern Was Not What I Expected.
 
 MCP servers are becoming production dependencies for agents, but many of them still ship without the kind of CI gate we expect from normal software dependencies.
 
 The main pattern I saw while building the first MCP Server Safety Index was simple: the risky part is rarely that a server exists. The risky part is that agents may depend on a tool surface nobody is testing for startup reliability, schema quality, security posture, or drift.
 
+The industry does not need another vibes-based directory. It needs reproducible readiness evidence:
+
+- exact command/config
+- date and package version where available
+- JSON artifact
+- Markdown report
+- verdict
+- failure class
+- reproduction notes
+
 The checks that matter most:
 
 - does the server start cleanly in CI?
@@ -18,7 +28,9 @@ The checks that matter most:
 
 My takeaway: MCP needs a package-lock moment. Commit the agent-facing contract, then make drift visible before agents depend on it.
 
-## 2. Browser MCP Servers Need A Different Security Bar
+I am publishing the Safety Methodology and the first MCP Server Safety Index as a small evidence standard, not a leaderboard. If your team is putting MCP into private or production agent workflows, I am doing a small number of private MCP readiness reviews: inventory, CI rollout, schema/tool drift baseline, security findings, and safe-for-agent-dependency verdicts.
+
+## Supporting Angle: Browser MCP Servers Need A Different Security Bar
 
 Browser automation MCP servers are powerful because agents can navigate pages, click, type, inspect state, and sometimes execute scripts.
 
@@ -32,9 +44,9 @@ For browser MCP servers, a useful review should separate:
 - network/navigation controls
 - tool schemas that are too broad for safe agent planning
 
-The goal is not to block browser MCP. The goal is to make the trust boundary visible before an agent gets a browser with hands.
+The goal is not to block browser MCP. The goal is to make the trust boundary visible before an agent gets browser-control powers.
 
-## 3. Filesystem MCP Servers Should Always Test In A Sandbox
+## Supporting Angle: Filesystem MCP Servers Should Always Test In A Sandbox
 
 Filesystem MCP servers are one of the clearest examples of why MCP CI needs context.
 
@@ -50,7 +62,7 @@ The minimum safety pattern:
 
 Agents need tools. They do not need accidental access to everything.
 
-## 4. Token-Backed SaaS MCP Servers Need Issue-First Certification
+## Supporting Angle: Token-Backed SaaS MCP Servers Need Issue-First Certification
 
 Many SaaS, cloud, payments, database, and developer-platform MCP servers cannot be safely checked with a drive-by PR because meaningful startup requires tokens or live services.
 
@@ -68,7 +80,7 @@ Once maintainers provide a token-safe target config, the useful checks are:
 
 Security adoption works better when it starts by respecting maintainer context.
 
-## 5. MCP Drift Is An AI Supply Chain Problem
+## Supporting Angle: MCP Drift Is An AI Supply Chain Problem
 
 When a package dependency changes, teams have lock files, diffs, review, and release notes.
 

package/docs/publish-readiness.md

@@ -26,11 +26,7 @@ Confirm:
 
 Known audit note:
 
-- `npm audit` may report `undici <=6.26.0` through the `npm@11.17.0` package bundled under `@semantic-release/npm`. As of June 20, 2026, `npm audit fix` cannot update this bundled copy and `npm@11.17.0` is the current published npm package. The remaining vulnerable `undici` copy is release tooling only and is not part of MCP Observatory runtime dependencies or the packed npm artifact. Recheck after npm publishes a newer package.
-
-Known audit note:
-
-- `npm audit` may report `undici <=6.26.0` through the `npm@11.17.0` package bundled under `@semantic-release/npm`. `npm audit fix` updates the fixable `@actions/http-client` path, but the remaining `undici` copy is bundled inside npm release tooling and is not part of MCP Observatory runtime dependencies or the packed npm artifact. Recheck after npm publishes a newer package.
+- Release automation runs `semantic-release` ephemerally in GitHub Actions instead of installing it into the repository lockfile. This keeps release-only bundled dependencies out of the default-branch audit surface and out of the packed CLI artifact.
 
 ## Public Distribution
 

package/docs/reference-evaluations.md

@@ -70,7 +70,7 @@ Representative public category: filesystem-backed MCP servers.
 
 Public proof:
 
-- PR: [`cyanheads/filesystem-mcp-server#19`](https://github.com/cyanheads/filesystem-mcp-server/pull/19)
+- PR: [`cyanheads/filesystem-mcp-server#19`](https://github.com/cyanheads/filesystem-mcp-server/pull/19), closed unmerged by maintainer
 
 What this represents: