Packageactivev0.2.1
io.github.attestd-io/attestd-mcp
io.github.attestd-io/attestd-mcp
CVE and supply chain checks for MCP clients. Covers infrastructure, PyPI, and npm packages.
No blockers found
assessed on 1 of 4 dimensions
ProvenanceOrigin linked to a public source repository.Official MCP Registry · as of Jul 7, 2026
PassMaintenanceRepository maintenance signals not yet ingested.
PendingManifest integrityManifest capture requires running the package (sandbox phase).
PendingSupply chainPackage vulnerability scan not yet run.
PendingBehavioral trustNo live endpoint to observe.
Not applicable
Connect
npm package · v0.2.1 · stdio
ATTESTD_API_KEYsecret
Attestd API key (atst_...). Required for check_package_vulnerability and check_batch_vulnerabilities. Get one at https://api.attestd.io/portalATTESTD_BASE_URL
Optional API base URL override. Defaults to https://api.attestd.io
Provenance
- Official MCP Registry · as of Jul 7, 2026 · registry-tos
Every verdict is attributable to its sources and recomputed from our own landed copy — never read live on this page.