Only 4% of Indexed MCP Servers Meet Verification Standards
Key Takeaways
- ▸Only 4% of 995 scanned MCP servers pass verification; ecosystem maturity remains low despite 700+ servers now passing handshakes in the expanded index
- ▸Tool naming collisions and destructive operations pose emerging safety risks—agents selecting between identically-named tools with different semantics could execute unintended actions
- ▸Majority of MCP servers lack transparency: unknown provenance (467), stale maintenance signals (113 no commits in 1+ year), and authentication walls (517) prevent independent verification
Summary
MCPExplorer, a verification service for Model Context Protocol servers, published findings from testing 995 indexed MCP servers via live handshake. Only 39 servers (4%) passed their verification criteria, which require live handshake completion, full tool extraction and risk-labeling, and a trust score of 60+ across factors like provenance, verification, maintenance, and adoption.
Of the 995 servers tested, 277 (28%) successfully completed a live tools/list handshake. Among reachable servers, 59% expose at least one write tool, while 67 expose operations classified as destructive (delete, revoke, cancel). The analysis identified critical ecosystem gaps: 467 servers have unknown provenance, 113 have no commits in over a year, 30 different servers use identical tool names (like "search"), and 517 servers gate access with authentication walls, preventing independent verification.
The MCP ecosystem is growing rapidly—the index has since expanded to 1,600+ servers with 700+ passing handshakes as of the report date (July 7, 2026). MCPExplorer publishes its verification methodology openly, positioning continuous protocol-based testing as more reliable than traditional README indexing for assessing server trustworthiness and safety.
- Live MCP protocol handshakes and continuous verification provide stronger trust signals than static README-based directories for agent safety and auditability
Editorial Opinion
The MCP ecosystem is expanding rapidly but critical trust gaps threaten responsible agent deployment. With 96% of servers failing verification, the findings expose a maturity gap that grows more urgent as enterprises integrate agent tooling into production systems. MCPExplorer's approach—continuous, transparent, protocol-based verification—sets a crucial precedent: ecosystem growth must be paired with security rigor. The industry needs more services like this one as MCP adoption accelerates.
