io.github.soufianetahiri/mception

io.github.soufianetahiri/mception·v0.5.2·Security

Audits other MCP servers for security risks. Returns safe / caution / unsafe / inconclusive.

Trust verdict · v1 advisory · method

NOT YET SCREENEDno verdict on file

Verdict not yet evaluated for this tool. The semantic screen takes adversarial cases first; coverage rolls out as the corpus expands (15/150 labels to graduation). The deterministic conformance probe is built but has not yet run on the public corpus, so a recorded verdict here is REVIEW or UNVERIFIED, never a clearing ALLOW. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: the eval, four-state verdict, honest limits.

Own this server? Screen its description →

Environment variables

MCEPTION_DATA_DIR

Where audit reports and rug-pull baselines live. Defaults to ~/.mception.

MCEPTION_OFFLINE

Set to 1 to block outbound HTTP (OSV, registry signals, phantom-repo probes).

MCEPTION_INTROSPECT_TIMEOUT

Per-target timeout in seconds for the fetcher + engine pipeline.

MCEPTION_ENABLE_LLM_JUDGE

Set to 1 to enable advisory LLM-assisted classification via MCP sampling. No API key needed.

MCP quality score · maturity, not trust · methodology

freshness

completeness

installability

documentation

stability

Alternatives in Security

ai.dynamicfeed/dynamic-feed

87 keyless tools of live, verifiable data for AI: weather, hazards, space, CVEs. Ed25519-signed.

Helixar Security

ai.helixar/mcp

Security tools for AI agents: scan MCP servers, validate HDP delegation chains, audit releases.

RFP.ai

ai.rfp/rfp-ai

Draft cited RFP and security questionnaire answers from your knowledge base, with human review

Install

Claude Desktop (uvx)

{
  "mcpServers": {
    "mception": {
      "command": "uvx",
      "args": [
        "mception"
      ],
      "env": {
        "MCEPTION_DATA_DIR": "<mception_data_dir>",
        "MCEPTION_OFFLINE": "0",
        "MCEPTION_INTROSPECT_TIMEOUT": "60",
        "MCEPTION_ENABLE_LLM_JUDGE": "0"
      }
    }
  }
}

Verdict API

curl -s mcpindex.ai/api/v1/trust/server/io-github-soufianetahiri-mception

Free-tier verdict as JSON: decision + dimensions + severity. Call it from your agent before it invokes a tool it just discovered.

Details

version: v0.5.2
category: Security
quality: 69 / 100
operator: io.github.soufianetahiri

Provenance

Verdict history is anchored to Bitcoin via OpenTimestamps. The free tier returns the current verdict only; the anchored record is served on the authenticated tier.