Alpha Preview: Fidensa is currently in early testing. Scores are for demonstration purposes and are not considered final or reliable.

Fidensa
MCP Server Certified

mcp-server-everything

A comprehensive MCP test server that demonstrates all protocol features including tools, resources, prompts, sampling, subscriptions, and notifications for client development testing.

84

/ 100 · Grade B

B = 80–89

I need to test and validate MCP client implementations against a comprehensive server that exercises all protocol features and capabilities.

developmenttestingmcpprotocolreference
Publisher: Model Context Protocol a Series of LF Projects, LLC.Version: 2.0.0Certified: Mar 28, 2026Expires: Mar 28, 2027Source ↗

mcp-server-everything earned Certified status with a trust score of 84/100 (Grade B). No adversarial findings — all attack patterns were handled gracefully. Supply chain contains 304 components with 17 known vulnerabilities. Security scan: clean.

Trust Score Breakdown

Eight weighted signals composing the aggregate trust score

security scan
100% × 15w
15.0
supply chain
0% × 10w
0.0
adversarial
100% × 25w
25.0
provenance
100% × 20w
20.0
consumer confirm
87% × 10w
8.7
behavioral pass
87% × 10w
8.7
contract accuracy
83% × 6w
5.0
uptime
100% × 4w
4.0

Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.

Findings

Security scan results, adversarial testing, and pipeline review

Security Scan — Cisco MCP Scanner

cisco-mcp-scannerSAFE
yarallmreadiness
critical: 0high: 0medium: 0low: 0
Live scan: completed · 0 findings · 10140ms
Code scan: completed · 0 findings · 4895ms

Adversarial Testing — 3 categories, 0 findings

prompt injection chainscapability squattingdependency confusion

No adversarial findings — all attack patterns handled gracefully.

Methodology v1.0 · 3 categories · ~55 attack patterns

OWASP MCP Top 10 Coverage

Evaluation activity mapped to the OWASP MCP Top 10 risk framework

MCP01 covered

Excessive Agency & Permissions

Cisco scanner behavioral analysis of permission scope

MCP02 covered

Unauthorized Data Access

Category 3 (data exfiltration) attack patterns

MCP03 covered

Tool Poisoning

Category 1 (prompt injection) and Category 5 (context poisoning) attack patterns

MCP04 covered

Supply Chain Vulnerabilities

SBOM generation (syft/cdxgen) and vulnerability scanning (grype/osv-scanner/npm audit)

MCP05 covered

Command Injection

Category 2 (privilege escalation) and Category 6 (repo config injection) attack patterns

MCP06 covered

Intent Subversion

Category 1 (prompt injection) and Category 4 (capability squatting) attack patterns

MCP07 covered

Insecure Data Handling

Cisco scanner data flow and sensitive data handling analysis

MCP08 gap

Insufficient Logging

Not directly tested — logging adequacy requires runtime observation beyond current pipeline scope

MCP09 covered

Resource Exhaustion

Resource profiling (CPU, memory) during functional and adversarial testing

MCP10 covered

Context Injection

Category 5 (context poisoning) attack patterns

OWASP MCP Top 10 (Beta) — owasp.org/www-project-mcp-top-10

Supply Chain

SBOM analysis and vulnerability assessment

Components

304

Direct deps

15

Transitive deps

289

Total vulns

17

Vulnerability breakdown

critical: 0high: 8medium: 0low: 9

Format: CycloneDX 1.5 · Generated: Mar 28, 2026

Behavioral Fingerprint

Runtime performance baseline for drift detection

Samples

391

Error rate

10.1%

Peak memory

86.9 MB

Avg CPU

0.12%

Response time distribution

p50: 1msp95: 64msp99: 10034ms

Output size distribution

p50: 324 Bp95: 2.1 KBmean: 847 B

Per-tool performance

Toolp50p95Error rateSamples
echo1ms2ms0.0%34
get-env1ms2ms0.0%9
get-sum1ms1ms0.0%49
get-tiny-image1ms1ms0.0%6
get-resource-links1ms2ms0.0%31
get-annotated-message1ms2ms0.0%38
gzip-file-as-resource2ms145ms0.0%84
get-resource-reference1ms2ms0.0%54
get-structured-content1ms1ms0.0%34
toggle-simulated-logging2ms3ms0.0%6
toggle-subscriber-updates2ms6ms0.0%6
trigger-long-running-operation1ms10036ms13.0%40

Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline

Interface

Enumerated tools, resources, and prompts

Tools (13)

echo

Echoes back the input string

get-annotated-message

Demonstrates how annotations can be used to provide metadata about content.

get-env

Returns all environment variables, helpful for debugging MCP server configuration

get-resource-links

Returns up to ten resource links that reference different types of resources

get-resource-reference

Returns a resource reference that can be used by MCP clients

get-structured-content

Returns structured content along with an output schema for client data validation

get-sum

Returns the sum of two numbers

get-tiny-image

Returns a tiny MCP logo image.

gzip-file-as-resource

Compresses a single file using gzip compression. Depending upon the selected output type, returns either the compressed data as a gzipped resource or a resource link, allowing it to be downloaded in a subsequent request during the current session.

toggle-simulated-logging

Toggles simulated, random-leveled logging on or off.

toggle-subscriber-updates

Toggles simulated resource subscription updates on or off.

trigger-long-running-operation

Demonstrates a long running operation with progress updates.

simulate-research-query

Simulates a deep research operation that gathers, analyzes, and synthesizes information. Demonstrates MCP task-based operations with progress through multiple stages. If 'ambiguous' is true and client supports elicitation, sends an elicitation request for clarification.

Resources (7)

architecture.md

demo://resource/static/document/architecture.md

extension.md

demo://resource/static/document/extension.md

features.md

demo://resource/static/document/features.md

how-it-works.md

demo://resource/static/document/how-it-works.md

instructions.md

demo://resource/static/document/instructions.md

startup.md

demo://resource/static/document/startup.md

structure.md

demo://resource/static/document/structure.md

Prompts (4)

simple-prompt

A prompt with no arguments

args-prompt

A prompt with two arguments, one required and one optional

completable-prompt

First argument choice narrows values for second argument.

resource-prompt

A prompt that includes an embedded resource reference

Transport: stdio

Scope & Permissions

What this capability can and cannot access — derived from pipeline analysis

creates files

no

deletes files

no

modifies files

no

accesses env variables

yes

invokes external tools

no

makes network requests

yes

Side effects

Makes outbound network requests

Accesses environment variables

Behavioral Guarantees

Claims extracted from publisher documentation — each tagged with provenance

exercises all the features of the MCP protocol

author

implements prompts, tools, resources, sampling, and more to showcase MCP capabilities

author

serves as a test server for builders of MCP clients

author

supports stdio transport

author

supports HTTP+SSE transport (deprecated)

author

supports streamable HTTP transport

author

can be run from source

author

can be installed and run as a package

author

works with Claude Desktop

author

works with VS Code

author

Known failure modes

HTTP+SSE transport is deprecated as of 2025-03-26

Sources: author, protocol

Badge & Integration

Embed certification status in your README, docs, or CI pipeline

Fidensa Certified badge for mcp-server-everything
badge SVG →attestation API →integration guide →

Certification Notes

Provenance observations from the pipeline

publisher

Publisher "Model Context Protocol a Series of LF Projects, LLC." is not verified — first certification from this publisher

provenance

Single contributor — no peer review evidence in commit history

provenance

Repository is 11 days old — recently created

Signed Artifact

Certification provenance and verification metadata

Content hash
sha256:650159a121a2f7c06e107bc141c39656073337716c81a232805c05101a9d3269
Key ID
kms-9db4ed3b9f53
Certified
Mar 28, 2026
Expires
Mar 28, 2027
Pipeline version
1.0
Status
valid
Annotated Filedownload →

The original instruction file with a certification footer appended. Replace the source file in your project so AI agents see the trust score, verification link, and SOP.

.cert.jsondownload →

ES256-signed JWS artifact for programmatic verification. Use with the Fidensa MCP server or GitHub Action to validate integrity.

Pipeline Artifacts

Raw data files from this certification run — downloadable for independent verification

contract.json

Full unsigned contract

stage1-ingest.json

Ingest stage output

stage2a-sbom.json

SBOM generation results

stage2a-vulns.json

Vulnerability scan results

stage2b-security.json

Security scan results

stage3a-functional.json

Functional test results

stage3b-adversarial.json

Adversarial test results

stage3c-fingerprint.json

Behavioral fingerprint

stage4-certify.json

Certification decision + trust score

stage3a-measurements.json

Raw functional test measurements

stage3b-measurements.json

Raw adversarial test measurements

run-log.json

Pipeline execution log

Not all files may be present for every certification.