Continuous monitoring
Grades are snapshots. Tools keep shipping.
Your network ships MCP servers and skills you don’t fully control: a new release, a quiet regression, a swapped tool surface. We keep an independent, reproducible trust index for the network and re-grade it on a cadence, so the grade you shipped on doesn’t go stale on you.
or email hello@polygraph.so
What a trust index looks like.
225 live grades · 6 networks
Base network
MCP servers an onchain agent on Base can use: the projects integrating Base MCP, plus the wider DeFi, data, and infrastructure servers around the network.
Bankr ecosystem
Static safety grades for the Bankr skill library, plus behavioral grades for the agents that ship their own MCP server.
Virtuals Protocol
Behavioral grades for the MCP surface of the Virtuals agent launchpad on Base: the protocol's own commerce and framework infrastructure, and the agents launched on it.
Uniswap builder skills
Static safety grades for the community “build on Uniswap” skills carried in the Bankr library: v4 hooks, trading, and client-integration helpers.
ClawHub registry
Static safety grades for skills distributed through ClawHub: the malicious skills Snyk flagged (graded D under litmus-skill-v3) next to the popular ones an agent would install.
skills.sh directory
Static safety grades for the most-installed skills on skills.sh (Vercel’s open Agent Skills directory): a behavioral A to F verdict alongside its dependency alerts.
Your network
Not listed yet?
Start a trust index for your ecosystem’s servers, agents, and skills: graded, then re-graded on a cadence.
Start monitoringAn index is only as good as its last run.
A grade is a measurement, and measurements have a date. The tool it describes won’t hold still.
Re-grade, detect, alert.
- 01
Re-grade
We re-run the harness against every server and skill in a network's index on a set schedule: the same behavioral test, repeated. Not a one-time snapshot. - 02
Detect
Each run is compared against the prior grade. A drop, a newly failing probe, or a changed tool surface (a sha256 fingerprint mismatch, the signature of a rug pull) is flagged against what graded before. - 03
Alert
Your team hears about a regression before your users do, with the evidence bundle attached.
What a monitoring client can't change.
Reproducible
The harness is open and deterministic. Re-run it against the same ref and you get the same grade, so a drop is something you can check, not take on faith.
Independent
Nobody can pay for a grade. A monitoring engagement changes what we re-grade and how often, never the letter we publish.
Rug-pull-aware
Every grade is pinned to a sha256 fingerprint of the tool surface. Change the surface and the grade goes stale on its own. That recheck is what makes “monitored” mean something.
Keep this index from going stale.
Monitor your ecosystem.
Run an independent, continuous trust index for your network's MCP servers, agents, and skills, re-graded daily instead of once, with regressions flagged to your team. Tell us what you ship and we'll keep the tracked list of servers and skills current as you add them.
Prefer to write us directly? hello@polygraph.so
Every grade is behavioral and reproducible. Re-run the open harness against the same ref to check it. See the full MCP Security Index.