AxioRankZero-Trust for AI Agents
Open the console
All posts

June 11, 2026 · AxioRank

Verify an MCP server before you connect to it

An MCP server you connect to can read your context and propose tool calls. Check its card, signature, and supply-chain risk first, the same way you would vet a dependency.

  • mcp
  • supply-chain
  • verification

When your agent connects to a Model Context Protocol server, that server can see the context you share and propose tool calls back. Connecting to one is closer to adding a dependency than opening a web page: you are extending trust to code you did not write. Most teams connect first and ask questions never.

What a server card tells you, and what it does not

An MCP server advertises a card: its name, the tools it exposes, and how to authenticate. A card is a claim, not a guarantee. On its own it does not tell you whether the server is who it says it is, whether the card is signed, or whether the host has a history worth trusting.

What to check before the first call

Treat a new server the way you would treat a new package:

  • Identity. Is the card signed, and does the signing key anchor to the domain it claims? An unsigned card is an anonymous one.
  • Capabilities. What tools does it actually expose, and do they match what you expect? A "weather" server that also offers a shell tool deserves a second look.
  • Supply-chain risk. Has anyone seen this host behave badly? Cross-tenant threat intelligence turns one team's bad experience into everyone's early warning.

Verify any server, free

AxioRank runs a free public check. Paste a server URL and get a signed verdict plus an embeddable trust badge you can put in your README:

axiorank.com/verify

Programmatically, the same check is one call. From an MCP client connected to the AxioRank server, ask it to vet a card before you wire it up:

Verify the agent card at https://example.com/.well-known/agent-card.json before I connect.

It resolves the card, verifies the signature and key-domain anchoring, folds in cross-tenant threat intel, and returns allow, review, or deny.

Keep the check in CI

Servers change. A card that was clean last month can sprout a new tool this week. The AxioRank GitHub Action preflights the MCP servers referenced in your repo's config on every push, so a risky change shows up in a pull request instead of in production.

Read the MCP server docs to connect, or the verification guide for the API behind the badge.

Share this post

Share on XShare on LinkedIn

Govern your agents with AxioRank

Score every tool call for leaked secrets, PII, destructive operations, and prompt injection. Start free, or try it locally with no key.

Get an API keyRead the docs