@mcpskillsio/server 2.4.2 → 2.5.0

package/README.md

@@ -1,8 +1,8 @@
 # @mcpskillsio/server
 
-Trust-score any AI skill or MCP server from inside Claude Code, Cursor, or any MCP client.
+Use the MCPSkills pre-install trust layer from inside Claude Code, Cursor, or any MCP client.
 
-13 standard signals (15 in Skills Mode) across 4 dimensions with safety scanning for prompt injection, credential theft, and supply chain attacks.
+13 standard signals (15 in Skills Mode) across 4 dimensions with safety scanning for prompt injection, credential theft, and supply chain attacks. Check install risk before an MCP server or AI skill reaches your agent.
 
 ## Install
 
@@ -46,7 +46,7 @@ Add to `claude_desktop_config.json`:
 
 ### `check_trust_score`
 
-Score any GitHub repo. Returns trust tier, composite score, and 4 dimension scores.
+Score any GitHub repo, npm package, or registry URL. Returns trust tier, composite score, and 4 dimension scores.
 
 ```
 "Score anthropics/anthropic-sdk-typescript"
@@ -84,9 +84,17 @@ Start monitoring a repo for trust score changes (requires API key).
 "Watch modelcontextprotocol/servers for score changes"
 ```
 
+### `check_watched`
+
+Re-scan all watched repos for score or tier changes (requires API key).
+
+```
+"Check my watched repos"
+```
+
 ### `batch_check`
 
-Score up to 5 repos in a single call (Pro tier).
+Score up to 5 repos in a single call (Developer Pro or Team).
 
 ```
 "Batch check these repos: anthropics/anthropic-sdk-typescript, langchain-ai/langchainjs"
@@ -110,7 +118,7 @@ Recommend a vetted, pre-scored stack from MCP Skills' curated packages.
 
 ## Full Reports
 
-Free tier returns trust tier + dimension scores (same as mcpskills.io free scans).
+Free tier returns trust tier + dimension scores (same as mcpskills.io free scans, 10/day).
 
 For full reports (13 standard / 15 Skills Mode signals + safety findings) inside your IDE, set your API key:
 
@@ -118,7 +126,7 @@ For full reports (13 standard / 15 Skills Mode signals + safety findings) inside
 export MCPSKILLS_API_KEY=your_key_here
 ```
 
-Get your API key at [mcpskills.io/api](https://mcpskills.io/api).
+Get your API key at [mcpskills.io/api](https://mcpskills.io/api). Developer Pro is $19/mo or $149/yr. Team is $99/mo for org/security workflows.
 
 ## How It Works
 

package/index.js

@@ -13,7 +13,7 @@
  *   - get_badge: Get trust badge URL for READMEs
  *   - watch_repo: Monitor a repo for score changes
  *   - check_watched: Re-scan all watched repos
- *   - batch_check: Check up to 5 repos in one call (Pro)
+ *   - batch_check: Check up to 5 repos in one call (Developer Pro or Team)
  *   - auto_gate: "Should I install this?" → boolean + reason
  *   - build_stack: "What tools do I need?" → vetted stack from live trust data
  *
@@ -222,7 +222,7 @@ function formatAgentResponse(data) {
   }
 
   if (data.certified) {
-    lines.push('🏅 Certified Safe by MCP Skills');
+    lines.push('🏅 MCP Skills Verified');
   }
 
   lines.push('', 'Set MCPSKILLS_API_KEY for the full signal breakdown (13 standard / 15 Skills Mode).');
@@ -396,7 +396,7 @@ function formatSafetyResult(data) {
 const server = new Server(
   {
     name: "mcpskills",
-    version: "2.4.2",
+    version: "2.5.0",
   },
   {
     capabilities: {
@@ -508,7 +508,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
       {
         name: "batch_check",
         description:
-          "Check up to 5 repos or packages in one call. Returns a trust assessment for each. Requires a Pro API key. Accepts any mix of formats (owner/repo, npm packages, registry URLs).",
+          "Check up to 5 repos or packages in one call. Returns a trust assessment for each. Requires a Developer Pro or Team API key. Accepts any mix of formats (owner/repo, npm packages, registry URLs).",
         inputSchema: {
           type: "object",
           properties: {
@@ -800,7 +800,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
 
         if (!apiKey) {
           return {
-            content: [{ type: "text", text: "batch_check requires a Pro API key. Set MCPSKILLS_API_KEY env var.\nGet one at https://mcpskills.io" }],
+            content: [{ type: "text", text: "batch_check requires a Developer Pro or Team API key. Set MCPSKILLS_API_KEY env var.\nGet one at https://mcpskills.io/api" }],
             isError: true,
           };
         }
@@ -861,7 +861,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
           // Agent compact response
           proceed = data.safe || data.certified;
           if (data.certified) {
-            reason = `Certified Safe — verified by MCP Skills (${data.score}/10)`;
+            reason = `MCP Skills Verified (${data.score}/10)`;
           } else if (data.safe) {
             reason = `${data.tier} (${data.score}/10). ${data.reasoning || 'No disqualifiers.'}`;
           } else {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mcpskillsio/server",
-  "version": "2.4.2",
-  "description": "Trust-score any AI skill or MCP server from inside Claude Code, Cursor, or any MCP client. Accepts GitHub repos, npm packages, Smithery URLs, and OpenClaw skills. 15 signals (incl. OSV/KEV/EPSS vulnerability intelligence), safety scanning, OpenClaw frontmatter parsing + transparency scoring, recommendations, badges, monitoring, batch checking, auto-gate decisions, and stack building from live trust data.",
+  "version": "2.5.0",
+  "description": "Use the MCPSkills pre-install trust layer from Claude Code, Cursor, or any MCP client. Accepts GitHub repos, npm packages, Smithery URLs, and OpenClaw skills. 15 signals (incl. OSV/KEV/EPSS vulnerability intelligence), safety scanning, OpenClaw frontmatter parsing + transparency scoring, recommendations, badges, monitoring, batch checking, auto-gate decisions, and stack building from live trust data.",
   "type": "module",
   "main": "index.js",
   "bin": {
@@ -9,7 +9,7 @@
   },
   "scripts": {
     "start": "node index.js",
-    "test": "node --test test/"
+    "test": "node --test test/*.test.js"
   },
   "keywords": [
     "mcp",