polygraph.so
Login

Grades are snapshots. Tools keep shipping.

Your network ships MCP servers and skills you don’t fully control: a new release, a quiet regression, a swapped tool surface. We keep an independent, reproducible trust index for the network and re-grade it on a cadence, so the grade you shipped on doesn’t go stale on you.

or email hello@polygraph.so

What a trust index looks like.

Every grade below is read live from the same evidence the per-network pages show: current, reproducible, and yours to re-run against the open harness.

225 live grades · 6 networks

Base network

MCP servers an onchain agent on Base can use: the projects integrating Base MCP, plus the wider DeFi, data, and infrastructure servers around the network.

16A10B2D
28 graded · 33 trackedLast graded 2026-07-06View ecosystem →

Bankr ecosystem

Static safety grades for the Bankr skill library, plus behavioral grades for the agents that ship their own MCP server.

107A1D1F
107 skills · 7 agentsLast graded 2026-07-08View ecosystem →

Virtuals Protocol

Behavioral grades for the MCP surface of the Virtuals agent launchpad on Base: the protocol's own commerce and framework infrastructure, and the agents launched on it.

1A1B1D
3 graded · 21 trackedLast graded 2026-07-06View ecosystem →

Uniswap builder skills

Static safety grades for the community “build on Uniswap” skills carried in the Bankr library: v4 hooks, trading, and client-integration helpers.

20A
20 skillsLast graded 2026-07-05View ecosystem →

ClawHub registry

Static safety grades for skills distributed through ClawHub: the malicious skills Snyk flagged (graded D under litmus-skill-v3) next to the popular ones an agent would install.

20A11D
31 skillsLast graded 2026-07-05View ecosystem →

skills.sh directory

Static safety grades for the most-installed skills on skills.sh (Vercel’s open Agent Skills directory): a behavioral A to F verdict alongside its dependency alerts.

34A
34 skillsLast graded 2026-07-05View ecosystem →

Not listed yet?

Start a trust index for your ecosystem’s servers, agents, and skills: graded, then re-graded on a cadence.

Start monitoring

An index is only as good as its last run.

A behavioral grade describes a tool on the day it ran. Then the tool changes, and a stale A is worse than no grade, because someone is trusting it.
A grade is a measurement, and measurements have a date. The tool it describes won’t hold still.
Third-party servers and skills get new releases and new owners, and a tool surface can change after grading, which is exactly how a rug pull works. None of that shows up in a grade you ran once. Re-running the same test, again and again, is the only thing that keeps an index honest.

Re-grade, detect, alert.

The same open harness, on a clock, set up per network when an ecosystem signs on.
  1. 01

    Re-grade

    We re-run the harness against every server and skill in a network's index on a set schedule: the same behavioral test, repeated. Not a one-time snapshot.
  2. 02

    Detect

    Each run is compared against the prior grade. A drop, a newly failing probe, or a changed tool surface (a sha256 fingerprint mismatch, the signature of a rug pull) is flagged against what graded before.
  3. 03

    Alert

    Your team hears about a regression before your users do, with the evidence bundle attached.

What a monitoring client can't change.

Subscribing changes what we watch, never what we report.

The harness is open and deterministic. Re-run it against the same ref and you get the same grade, so a drop is something you can check, not take on faith.

Nobody can pay for a grade. A monitoring engagement changes what we re-grade and how often, never the letter we publish.

Every grade is pinned to a sha256 fingerprint of the tool surface. Change the surface and the grade goes stale on its own. That recheck is what makes “monitored” mean something.

Keep this index from going stale.

Every grade above was last re-run on 2026-07-08. Without monitoring, that’s the date it stays frozen at.

Monitor your ecosystem.

Run an independent, continuous trust index for your network's MCP servers, agents, and skills, re-graded daily instead of once, with regressions flagged to your team. Tell us what you ship and we'll keep the tracked list of servers and skills current as you add them.

Prefer to write us directly? hello@polygraph.so

Every grade is behavioral and reproducible. Re-run the open harness against the same ref to check it. See the full MCP Security Index.