u/dseven4evr

▲ 3 r/MCPservers+1 crossposts

I analyzed all 42,912 MCP servers in the public registries. Fewer than 7% are reachable by an agent.

I wanted to know how many MCP servers an agent could actually use over the network, so I analyzed every server in the public registries.

The funnel: 42,912 indexed, but only 2,840 (6.6%) advertise a remote HTTP endpoint. The other 93% are stdio/local servers meant to run on your own machine, plus dead and endpoint-less listings. I probed 98% of the reachable ones. 46% completed an anonymous MCP handshake, 27% were auth-gated, the rest errored or timed out.

I scored each reachable server on five dimensions and put it on a readiness ladder. More than half can't hold a clean session, and only 1.7% clear a basic agent-safety bar. The most useful finding: servers that exist mostly speak the protocol correctly, but score lowest on discoverability and safety. They can talk, but an agent often can't find them and has no signal they're safe to invoke.

Full data and methodology: waypoint.ing/blog/state-of-mcp

I also built a free scanner that runs the same checks on any server (no signup) if you want to see where yours lands: isyourmcpready.com

Curious what checks people here think are missing from the rubric.

TL;DR: Analyzed 42,912 MCP servers. <7% are reachable by an agent over the network, 1.7% are agent-safe. Most can speak the protocol but can't be found or trusted.

reddit.com
u/dseven4evr — 6 days ago
▲ 6 r/MCPservers+1 crossposts

I scored a bunch of MCP servers against the emerging standards. Most fail on the same thing.

The standards around MCP have been landing fast: the official registry, the Server Card spec for .well-known discovery (SEP-2127), OAuth protected-resource metadata (RFC 9728), A2A agent cards, an OWASP MCP Top 10. The Dev Summits keep repeating one word: readiness.

So I built a scorer mapped to those specs. Paste an MCP server URL, get a 0 to 100 score across Discoverability, Protocol Compatibility, Tool Quality, Auth & Access, and Safety, plus a copy-paste fix for every gap. Read-only, no tool calls, and it shows exactly what it did and didn't test.

The most common failure by far is Discoverability: servers that speak MCP fine but ship no server card and sit in no registry, so a client can't describe them before connecting. Which is the whole reason Server Cards are being standardized.

Works from both sides. Host a server and it's a fix-list. About to wire someone else's into your agent and it's a pre-flight trust check. You also get your percentile against every server scanned so far.

https://isyourmcpready.com. Curious what scores your mcp servers come back with, and whether you'd weight a dimension differently.

u/dseven4evr — 13 days ago