mcp-skills-vault
A deterministic registry + integrity scanner for MCP servers,
so installing one stops feeling like curl | bash.
Sister project to mcp-trace.
Install
# One-line — no clone, no global install
npx -y @froggychips/mcp-vault scan --cwd ./my-project # what to install for this stack
npx -y @froggychips/mcp-vault list # all 114 servers in the DB
npx -y @froggychips/mcp-vault audit --strict # diff installed vs DB
npx -y @froggychips/mcp-vault verify --offline # true offline DB-pin gate
npx -y @froggychips/mcp-vault doctor # local readiness check
# Prefer it on PATH? Drop the npx prefix after this.
npm i -g @froggychips/mcp-vault
# As a Claude Code skill (optional)
git clone https://github.com/froggychips/mcp-skills-vault.git
mkdir -p ~/.claude/skills
cp -r mcp-skills-vault/mcp-ecosystem-intelligence ~/.claude/skills/
Zero runtime dependencies. Node built-ins only. One JSON file is the entire database.
What you get
- Curated DB — 114 entries across ~26 categories, all with pinned versions, SPDX licenses, and
trust: verified | candidate. 20 Core / 76 Recommended / 18 Experimental. - Browse it —
mcp-vault listshows every entry with name / category / tier / trust / install command. Filters:--category,--tier,--trust,--query.--jsonfor scripts. - Supply-chain scanner — sha512 (npm), sha256 (PyPI), and
@sha256:(Docker) integrity pinning, re-verified against the live registry; 4 advisory feeds merged (npm bulk + OSV.dev + GHSA + Snyk) before the install command is written. - Behavioural smoke —
mcp-vault eval --sandboxspawns a server jailed in an ephemeral container, runs theinitialize→tools/listhandshake, counts tools and lints each schema. The hash proves you got the file; this proves the file actually starts. - Audit installed setup —
mcp-vault auditdiffs your installed servers against the DB and flags drift, untrusted entries, heavy-unbounded servers, and scope issues. - Doctor —
mcp-vault doctorchecks Node,gh, Docker,uvx, and Claude MCP config readiness without printing token values.
What this does NOT do
- Not a sandbox. Installing an MCP server still runs that server with the permissions of your MCP host.
- Not a runtime monitor. Vault is an install-time gate; use mcp-trace or another monitor for runtime behaviour.
- Not proof that a server is benign. Hashes prove you got the artifact you expected, not that the artifact is safe.
Latest release
v0.12.0 — 2026-06-20
- Sandboxed PR-time behavioural smoke —
mcp-vault eval --sandboxruns each changed server jailed in an ephemeral container; default-deny spawn policy;failure_classtaxonomy (NEEDS_ENV / NEEDS_NET / TIMEOUT / NO_TOOLS / CRASH). - Shared zero-dep
mcp_stdio.cjswire core, vendored in common with mcp-trace (#64).
v0.11.0 — 2026-06-20
- Promoted
@anyproto/anytype-mcp+touchdesigner-mcp-serverfrom the discovery inbox — DB now 114 entries (#62).
v0.10.0 — 2026-05-24
mcp-vault doctor— local readiness checks for Node,gh, Docker,uvx, project MCP config, and global Claude config without printing token values.mcp-vault verify --offline— true network-free DB-pin gate.--no-auditnow means “skip advisory APIs”, not offline.mcp-vault site-registry— generate a browsable public registry page and adjacentregistry.jsonfromtools_database.json.
Quick taste
$ npx -y @froggychips/mcp-vault scan
Stack: Langs: Node | DB: postgres | Infra: aws, teamcity, atlassian
Needs: database, infra, ci-cd, pm
── Recommended ──────────────────────────────────────────────
Core mcp-server-neon 10 tools score 105
Core mcp-server-aws 20 tools score 105
Core mcp-server-filesystem 10 tools score 105
Recommended teamcity-mcp null tools score 65
── Heavy — scope before global install ──────────────────────
Experimental mcp-atlassian 72 tools ⚠ score 55
--toolsets jira,confluence
JSON output snippets
Every user-facing command has --json for scripts and Claude Code skills.
$ mcp-vault scan --cwd ./project --json
{
"stack": {
"langs": ["Python"],
"dbs": ["postgres", "redis"],
"infra": ["kubernetes", "teamcity", "atlassian"]
},
"recommended": [
{ "name": "mcp-server-neon", "classification": "Core", "health_score": 105 },
{ "name": "teamcity-mcp", "classification": "Recommended", "health_score": 65 }
],
"heavy": [
{ "name": "mcp-atlassian", "est_tools_count": 72 }
]
}
$ mcp-vault audit --json
{
"counts": { "drift": 1, "untrusted": 0, "heavy-unbounded": 1 },
"findings": [
{
"category": "heavy-unbounded",
"server": "github",
"message": "100 tools and no --toolsets / allowedTools scope"
}
]
}
Browse the registry
The public registry page is generated directly from tools_database.json and includes category, tier, trust, license, score, tool count, and install command.