Summary
Adds a security layer for AI agents connecting to MCP servers. Exposes six tools including check_trust to look up scores by URL or npm package, scan_server for live security analysis, and search_registry to query over 4,200 indexed servers. The pattern is straightforward: before connecting to any MCP server, call check_trust and refuse connections to anything graded D or F. Also includes payment tools for initiating USDC certification and verifying on-chain transactions. Connects to the CraftedTrust API at mcp.craftedtrust.com. Useful if you're building agents that dynamically connect to third-party MCP servers and need a trust gate similar to SSL certificate verification.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Trust-Gated Agent Examples
Reference implementations showing how to make AI agents check CraftedTrust before connecting to any MCP server. If a server scores D or F, the agent refuses to connect.
This is the "SSL certificate check for AI agents" pattern.
Quick Start
Add CraftedTrust to your agent's MCP config:
{
"mcpServers": {
"craftedtrust": {
"url": "https://mcp.craftedtrust.com/api/v1/mcp",
"description": "Check trust scores before connecting to MCP servers"
}
}
}
Your agent now has access to 6 tools:
| Tool | Description |
|---|---|
check_trust | Look up trust score by URL or npm name |
scan_server | Trigger a live security scan |
search_registry | Search 4,200+ indexed MCP servers |
get_stats | Ecosystem statistics |
pay_for_certification | Initiate USDC certification payment |
verify_payment | Verify on-chain payment |
The Pattern
Before your agent connects to any new MCP server:
- Call
check_truston CraftedTrust - If grade is D or F, refuse and explain why
- If grade is A/B/C, proceed with the connection
Examples
Python (LangGraph)
See python/trust_gated_agent.py for a complete LangGraph agent that gates MCP connections through CraftedTrust.
cd python
pip install -r requirements.txt
python trust_gated_agent.py
TypeScript (MCP Client)
See typescript/trust-gated-client.ts for a TypeScript MCP client that checks trust scores before connecting.
cd typescript
npm install
npx tsx trust-gated-client.ts
How It Works
Agent receives task → needs mcp.example.com
↓
Agent calls CraftedTrust check_trust("mcp.example.com")
↓
Score: 82/100, Grade: B ← Safe
↓
Agent connects to mcp.example.com ✓
Agent receives task → needs sketchy-server.xyz
↓
Agent calls CraftedTrust check_trust("sketchy-server.xyz")
↓
Score: 15/100, Grade: F ← Dangerous
↓
Agent refuses: "Server scored F (15/100). Not connecting." ✗
Trust Score Grades
| Grade | Score | Meaning |
|---|---|---|
| A | 90-100 | Excellent security practices |
| B | 75-89 | Good security, minor improvements possible |
| C | 60-74 | Adequate but has gaps |
| D | 40-59 | Significant security issues |
| F | 0-39 | Critical issues, do not connect |
API Reference
Full API documentation: mcp.craftedtrust.com/api-docs.html
License
MIT
Built by Cyber Craft Solutions LLC
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Registryactive
TransportHTTP
UpdatedMar 25, 2026
