name: agent-bom-registry
description: >-
MCP server security registry and trust assessment — look up servers in the 427+
server security metadata registry, run pre-install marketplace checks, batch
fleet risk scoring, assess skill file trust, and run SAST code scans. Use when
the user mentions MCP server trust, registry lookup, marketplace check, or
skill trust assessment.
version: 0.88.4
license: Apache-2.0
compatibility: >-
Requires Python 3.11+. Install via pipx or pip. Optional: Semgrep for SAST
code scanning. No API keys or network access required (registry is bundled).
metadata:
author: msaad00
homepage: https://github.com/msaad00/agent-bom
source: https://github.com/msaad00/agent-bom
pypi: https://pypi.org/project/agent-bom/
scorecard: https://securityscorecards.dev/viewer/?uri=github.com/msaad00/agent-bom
tests: 7239
install:
pipx: agent-bom
pip: agent-bom
openclaw:
requires:
bins: []
env: []
credentials: none
credential_policy: "Zero credentials required. Registry data is bundled locally. No network calls needed."
credential_handling: "No credentials are required for bundled registry lookups. Optional enrichment tokens must stay in the operator environment and must not be printed or embedded in skill output."
optional_env:

• name: SNYK_TOKEN

purpose: "Optional third-party vulnerability enrichment for codescan (requires SNYKTOKEN)"
required: false
optional_bins:

• semgrep

emoji: "\U0001F50D"
homepage: https://github.com/msaad00/agent-bom
source: https://github.com/msaad00/agent-bom
license: Apache-2.0
os:

• darwin
• linux
• windows

data_flow: "Purely local. Registry data (427+ MCP server metadata) is bundled in the package. Lookups are in-memory string matches. Skill trust analysis parses user-provided SKILL.md content passed as a string argument."
file_reads:

• "user-provided SKILL.md files (for skill_trust analysis)"

file_writes: []
network_endpoints:

• url: "https://api.snyk.io"

purpose: "Optional third-party vulnerability enrichment for codescan (requires SNYKTOKEN)"
auth: true
telemetry: false
persistence: false
privilege_escalation: false
always: false
autonomous_invocation: restricted

agent-bom-registry — MCP Server Trust & Security Registry

Look up MCP servers in the 427+ server security metadata registry, assess skill
file trust, and run pre-install marketplace checks.

Install

pipx install agent-bom
agent-bom mcp scan @modelcontextprotocol/server-brave-search --ecosystem npm
agent-bom mcp scan @modelcontextprotocol/server-filesystem --ecosystem npm

Tools (7)

| Tool | Description |
|------|-------------|
| registry_lookup | Look up MCP server in 427+ server security metadata registry |
| marketplace_check | Pre-install trust check with registry cross-reference |
| fleet_scan | Batch registry lookup + risk scoring for MCP server inventories |
| skill_scan | Scan instruction files for package refs, trust, and findings |
| skill_verify | Verify Sigstore provenance for instruction files |
| skill_trust | Assess skill file trust level (5-category analysis) |
| code_scan | SAST scanning via Semgrep with CWE-based compliance mapping |

Example Workflows

# Look up a server in the registry
registry_lookup(server_name="brave-search")

# Pre-install trust check
marketplace_check(package="@modelcontextprotocol/server-filesystem")

# Scan instruction files and then assess a specific skill file
skill_scan(path=".")
skill_trust(skill_path="./SKILL.md")

# Batch risk scoring
fleet_scan(servers=["brave-search", "github", "slack"])

MCP Resources

| Resource | Description |
|----------|-------------|
| registry://servers | Browse 427+ MCP server security metadata registry |

Privacy & Data Handling

Registry data is bundled in the package — lookups are in-memory string
matches with zero network calls. Skill trust analysis parses content passed
as a string argument (no file system access needed).

Verification

• Source: github.com/msaad00/agent-bom (Apache-2.0)
• 7,100+ tests with CodeQL + OpenSSF Scorecard
• No telemetry: Zero tracking, zero analytics