Saw #714 (MCPWatch security grades) — great idea. This is about a complementary signal: runtime reliability.
Smithery's MCP Score covers server quality at the metadata level. MCPWatch covers static security. But neither answers: "does this server actually work reliably in practice?"
Veridict (veridict@0.2.0 on npm) tracks this. It's a lightweight MCP middleware that logs tool executions and produces a trust score based on:
- Actual success/failure rate
- Failure classification (timeout / error / validation)
- Time-decay weighting (recent 7d weighted 70%)
Output:
{
"verdict": "caution",
"score": 0.91,
"reason": "elevated timeout rate",
"failureBreakdown": { "timeout": 8, "error": 3 }
}Potential integration: a reliability indicator alongside the MCP Score and security grade — giving users three axes to evaluate a server before installing.
Happy to discuss or contribute if this direction is interesting.
Saw #714 (MCPWatch security grades) — great idea. This is about a complementary signal: runtime reliability.
Smithery's MCP Score covers server quality at the metadata level. MCPWatch covers static security. But neither answers: "does this server actually work reliably in practice?"
Veridict (
veridict@0.2.0on npm) tracks this. It's a lightweight MCP middleware that logs tool executions and produces a trust score based on:Output:
{ "verdict": "caution", "score": 0.91, "reason": "elevated timeout rate", "failureBreakdown": { "timeout": 8, "error": 3 } }Potential integration: a reliability indicator alongside the MCP Score and security grade — giving users three axes to evaluate a server before installing.
Happy to discuss or contribute if this direction is interesting.