saferagenticai-mcp
SaferAgenticAI MCP Server
Serves the SaferAgenticAI framework (canonical criteria + Implementation Patterns layer) to coding assistants via the Model Context Protocol.
Available in
Published to the canonical MCP catalogues — install from a registry-aware client or the CLI below:
PyPI —
saferagenticai-mcpOfficial MCP Registry —
io.github.NellInc/saferagenticai-mcp
Also rolling out across the wider MCP ecosystem: mcp.directory, mcpservers.org, PulseMCP (via the registry ingest), and mcp.so.
Related MCP server: mcp-devtools
Install
Pick the path that matches your setup.
Option 1 — uvx (fastest, no manual venv)
If you have uv installed, point your MCP client at:
uvx --from git+https://github.com/NellInc/saferagenticai-mcp saferagenticai-mcpuv handles isolation and caches the install. Works for single-command config
lines in ~/.claude/mcp.json.
Option 2 — pipx (isolated global install)
pipx install "git+https://github.com/NellInc/saferagenticai-mcp"Exposes saferagenticai-mcp globally; updated with pipx upgrade saferagenticai-mcp.
Option 3 — manual venv (works offline from a checkout)
Homebrew / system Python blocks direct pip install under PEP 668, so if
you've cloned the repo and want an editable install:
python3 -m venv research/mcp/.venv
research/mcp/.venv/bin/pip install -e research/mcp/serverProduces research/mcp/.venv/bin/saferagenticai-mcp. Pattern YAML edits in
the repo are picked up live (editable mode).
Option 4 — from PyPI
pipx install saferagenticai-mcp
# or, with the modern uv toolchain:
uv tool install saferagenticai-mcp
# or plain pip:
pip install --user saferagenticai-mcpFor audit-trail reproducibility, pin the version: pipx install saferagenticai-mcp==0.3.3.
The package bundles criteria-v1.json + 238 pattern YAMLs + 4 exemplars
operational_heuristics.yamlinsidesaferagenticai_mcp/_data/, so a wheel install works without any repo checkout. (The 0.3.0 wheel predates the corpus extension and bundles only 214 patterns, no heuristics; 0.3.1 is the first complete build.)
Configure (Claude Code)
Add to ~/.claude/mcp.json (or your IDE's MCP config). Pick the variant that
matches your install option.
With uvx
{
"mcpServers": {
"saferagenticai": {
"command": "uvx",
"args": [
"--from",
"git+https://github.com/NellInc/saferagenticai-mcp",
"saferagenticai-mcp"
]
}
}
}With pipx or manual venv
{
"mcpServers": {
"saferagenticai": {
"command": "/absolute/path/to/saferagenticai-mcp"
}
}
}For a manual venv checkout, the absolute path is
<repo>/research/mcp/.venv/bin/saferagenticai-mcp.
Restart Claude Code / your IDE after editing. The server will load on the first tool call from your assistant.
Tools (12 total)
Tool | Input | Returns |
| — | 16 suites with titles and subgoal counts |
|
| one subgoal + its Pattern layer; falls back to fuzzy candidates if no exact match |
| suite/type/content_type/confidence filters | filtered subgoal list with reliability signals |
|
| field-weighted ranked matches with |
|
| outgoing adjacencies |
|
| incoming adjacencies (who cites this pattern) |
|
| canonicalise a partial id, slug fragment, or display_id; always returns candidates |
|
| top patterns grouped by suite for a task description; defaults to compact mode for cheap triage |
|
| patterns without |
| — | coverage %, per-suite, per-confidence; plus validation issue count |
|
| operational heuristics distilled from production agentic AI deployment, optionally filtered by suite or keyword |
|
| single operational heuristic by id (e.g. |
Data sources
Canonical framework:
assessor/src/data/criteria-v1.json(extracted fromframework.html)Pattern layer:
research/mcp/suites/<SUITE>/<pattern_id>.yaml(238 files)Exemplars:
research/mcp/exemplars/*.yaml(fallback for four anchor subgoals)Operational heuristics:
research/mcp/operational_heuristics.yaml(14 heuristics)
At startup the server loads both and builds an in-memory index keyed by pattern_id. display_id lookups are also supported but may resolve to multiple subgoals (underlined variants).
Smoke test (without MCP installed)
python3 -c "
from saferagenticai_mcp.framework_loader import load_framework
idx = load_framework()
print(f'{len(idx.subgoals)} subgoals, {sum(1 for s in idx.subgoals.values() if s.has_pattern)} with patterns')
"Versioning
Canonical framework: follows
criteria-v1.json'sversionfield.Pattern layer:
v1-draftwhile this directory is being populated;v1once reviewed.Server: semantic versioning. Current release is 0.3.3 (full 238-pattern corpus + operational heuristics bundled; argument validation in dispatch; MIT license with bundled
LICENSE, corrected package metadata, and MCP-registry ownership token). Pin explicitly for audit reproducibility.
What's already built in
Hot reload — server stat-walks the source tree on each tool call; edits show up without restart.
Load-time validation — required fields, content_type enum, confidence enum. Invalid patterns log WARNINGs but don't fail the server.
find_patterns_for_task— natural-language task → top patterns grouped by suite. Replaces the need for a separate embedding index at current scale.Reverse xref index — built at load, queried by
get_reverse_references.
Not implemented
Auth / remote transport (stdio only).
Embedding-based semantic search — the field-weighted keyword scoring is sufficient at 238 patterns; embeddings would be worth it at 10× this scale.
mark_reviewedwrite tool — deliberately not added. Phase 3 review edits go through the YAML directly (editor + git diff = auditable); the MCP stays read-only.
License
This server (the code in this directory) is licensed MIT — see LICENSE.
The safety-framework content it serves (the patterns, canonical criteria, and operational heuristics bundled under saferagenticai_mcp/_data/) is part of the SaferAgenticAI framework, published under CC-BY-4.0 at the repository root. Attribution: Nell Watson and the Agentic AI Safety Community of Practice.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/NellInc/saferagenticai-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server