The MCP Server Pre-Install Trust Directory
Registries list MCP servers. MCP Skills tells you what risk you are about to install.
MCP servers can bridge an AI assistant into files, databases, SaaS APIs, cloud accounts, browsers, and local shells. Discovery has moved faster than trust infrastructure, so the moment before install has become the most important checkpoint.
The new MCP Skills trust directory turns the crawler and scoring engine into a public pre-install surface. Instead of pasting a repo only after you already suspect risk, you can browse 1,220 scored MCP servers, AI skills, and packages as of May 10, 2026, then open a score page before running unknown code.
What the directory shows
- Trust tier and composite score for each scored repo or package.
- Skills Mode and Limited labels so you know what analysis was possible.
- Last scored date, description, and a direct link to the full public score page.
- Filters for Verified, Established, New, Blocked, Skills Mode, and Limited entries.
Why this exists
The official registry and marketplaces are valuable discovery layers, but registry presence is not a safety signal. MCP Skills is designed to answer the next question: should this thing be trusted enough to evaluate, or does it need manual review first?
Every score combines public signals across maintenance, author credibility, security posture, dependency health, tool safety, supply-chain risk, documentation, and license clarity. Static analysis is not a guarantee, but it gives developers a faster way to spot obvious risk before install.
For maintainers
If your project scores well, your score page now includes a copyable README badge. Add it to show users that your MCP server is actively trust-scored and that the status updates as the project changes.
The pre-install moment should have a trust check. That is the job MCP Skills is taking on.