"A server for debugging and testing Android apps with A11y compliance" matching MCP tools:

• inspect_security_headers

  Ground Truth

  Fetch a public URL and inspect security-relevant response headers before you claim that a product or endpoint has a strong browser-facing security baseline. Use this for quick due diligence on public apps and docs sites. It checks for common headers such as HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and X-Content-Type-Options. It does not replace a real security review, authenticated testing, or vulnerability scanning.

  Connector

• uk_compliance_intelligence

  UKDataAPI

  Assess a UK company's regulatory compliance posture across multiple domains: ICO data protection registration, gender pay gap reporting, modern slavery statements, HSE enforcement notices, environmental permits, and gambling regulation. Returns a Compliance Score (0-100) with EXCELLENT/GOOD/ADEQUATE/CONCERNING/POOR rating and per-domain signals. Use this for pre-acquisition due diligence, supplier compliance checks, or ESG assessments. Companies below regulatory thresholds (e.g., <250 employees for gender pay gap) are scored neutrally, not penalised. For financial risk assessment, use uk_entity_intelligence instead. For director-level risk, use uk_director_intelligence. Sources: ICO, Gender Pay Gap Service, Modern Slavery Registry, HSE, Environment Agency, Gambling Commission.

  Connector

• get_domain_stats

  DMARKOFF — DMARC, SPF & DKIM Analytics

  Quick compliance summary for a domain over a date range: total messages, SPF/DKIM pass/fail counts, compliance percentages. Key fields: • compliantPct — overall DMARC compliance rate: dmarcAligned / total * 100. A message is "DMARC aligned" when it passes the DMARC policy check (either SPF or DKIM aligned with the From domain). • spfCompliantPct — SPF alignment rate: spfPass / total * 100 (SPF result matches the From domain). • dkimCompliantPct — DKIM alignment rate: dkimPass / total * 100 (DKIM signing domain matches the From domain). Note: compliantPct ≥ max(spfCompliantPct, dkimCompliantPct) because DMARC passes if either SPF or DKIM is aligned. Use this for a fast numeric check of a single domain's authentication rates. For a complete diagnostic including records, timeline, and health trends, use get_domain_full_data instead.

  Connector

• list_pillars

  Bidda Sovereign Intelligence

  List all compliance pillars in the Bidda Sovereign Intelligence registry with node counts. Use this first to discover available compliance domains before searching. Bidda has 3,680 cryptographically-verified nodes across 31 pillars including Banking, AI Governance, Cybersecurity, Healthcare, Legal, ESG and more.

  Connector

• switch_dannet_server

  dannet

  Switch between local and remote DanNet servers on the fly. This tool allows you to change the DanNet server endpoint during runtime without restarting the MCP server. Useful for switching between development (local) and production (remote) servers. Args: server: Server to switch to. Options: - "local": Use localhost:3456 (development server) - "remote": Use wordnet.dk (production server) - Custom URL: Any valid URL starting with http:// or https:// Returns: Dict with status information: - status: "success" or "error" - message: Description of the operation - previous_url: The URL that was previously active - current_url: The URL that is now active Example: # Switch to local development server result = switch_dannet_server("local") # Switch to production server result = switch_dannet_server("remote") # Switch to custom server result = switch_dannet_server("https://my-custom-dannet.example.com")

  Connector

• data_profile

  ThinAir Data

  FULL data quality + compliance report for a table: per-column stats PLUS a 0-100 health score, type-gated PII detection (email / phone / SSN / etc.), and insight warnings. Slower than `analyze_table` but returns everything needed to audit a table for ownership / compliance / onboarding. Use this when the user says 'profile' or 'quality report' or mentions PII/compliance. [BUILD tier]

  Connector

• list_sessions

  waysway

  List all in-memory session summaries. Useful for debugging only.

  Connector

• stacks.recommend

  BuyAPI

  Recommends a complete stack from BuyAPI's corpus with a structured decision matrix, cost estimate, assumptions, unknowns, alternatives, and sources. Use this when the user is starting a project or asks for a complete stack choice. Do not use this for local coding/debugging/docs questions that do not involve software or vendor selection. Do not call vendors.resolve first; this tool handles retrieval and ranking.

  Connector

• setup_payment

  BoostedTravel

  Attach a payment card. Required before booking. For testing: {"token": "tok_visa"} For production: {"payment_method_id": "pm_xxx"} from Stripe.js One-time setup — all future charges are automatic. Requires GitHub star verification.

  Connector

• uk_compliance_intelligence

  ukdatapi

  Assess a UK company's regulatory compliance posture across multiple domains: ICO data protection registration, gender pay gap reporting, modern slavery statements, HSE enforcement notices, environmental permits, and gambling regulation. Returns a Compliance Score (0-100) with EXCELLENT/GOOD/ADEQUATE/CONCERNING/POOR rating and per-domain signals. Use this for pre-acquisition due diligence, supplier compliance checks, or ESG assessments. Companies below regulatory thresholds (e.g., <250 employees for gender pay gap) are scored neutrally, not penalised. For financial risk assessment, use uk_entity_intelligence instead. For director-level risk, use uk_director_intelligence. Sources: ICO, Gender Pay Gap Service, Modern Slavery Registry, HSE, Environment Agency, Gambling Commission.

  Connector

• gns_roll_epoch

  mcp-perception

  Roll all pending breadcrumbs into a new sealed epoch with a Merkle root. Returns { epoch_index, merkle_root, block_count, epoch_hash }. Call this at the end of a session to produce a tamper-evident compliance snapshot.

  Connector

• get_domain_timeline

  DMARKOFF — DMARC, SPF & DKIM Analytics

  Daily timeline of email volume and DMARC compliance for a domain. Each day shows: total messages, compliant, SPF/DKIM aligned, failed, forwarded, unknown counts. Use this to spot trends, volume drops, or compliance changes over a date range. Included in get_domain_full_data — call this separately only if you need timeline data alone.

  Connector

• checklist_lookup

  vigo-mcp

  Search the SFC compliance checklist by topic, licence type, or MIC function (CF1-CF8). Returns compliance items with legal references, SOP guidance, case law, and grey area analysis. Use for questions about regulatory obligations, MIC responsibilities, procedural guidance, or compliance requirements.

  Connector

• get_device_ads

  Trillboards DOOH Advertising

  Get current ads scheduled for a device (for testing). WHEN TO USE: - Testing device ad delivery - Debugging which ads are being shown - Verifying ad targeting is working RETURNS: - ads: Array of advertisement objects - default_stream: Default content when no ads - schedule: Current ad schedule EXAMPLE: User: "What ads are showing on device P_abc123?" get_device_ads({ fingerprint: "P_abc123" })

  Connector

• ateam_test_status

  ateam-mcp

  Poll the progress of an async skill test. Returns iteration count, tool call steps, status (running/completed/failed), and result when done. (Advanced — use ateam_test_skill with wait=true for synchronous testing.)

  Connector

• search_vaadin_docs

  docs-mcp

  Search Vaadin documentation for relevant information about Vaadin development, components, and best practices. Uses hybrid semantic + keyword search. USE THIS TOOL for questions about: Vaadin components (Button, Grid, Dialog, etc.), TestBench, UI testing, unit testing, integration testing, @BrowserCallable, Binder, DataProvider, validation, styling, theming, security, Push, Collaboration Engine, PWA, production builds, Docker, deployment, performance, and any Vaadin-specific topics. When using this tool, try to deduce the correct development model from context: use "java" for Java-based views, "react" for React-based views, or "common" for both. Use get_full_document with file_paths containing the result's file_path when you need complete context.

  Connector

• virtualsms_order_history

  sms

  List past orders with optional filters for status, service, country, and a lookback window in days. Returns up to 50 orders (server cap) ordered most-recent-first.

  Connector

• test_webhook

  Trillboards DOOH Advertising

  Send a test event to a webhook endpoint. WHEN TO USE: - Verifying webhook endpoint is working - Testing integration during development - Debugging webhook delivery issues RETURNS: - success: Boolean indicating delivery success - response_code: HTTP response code from endpoint - response_time_ms: Response time in milliseconds - error: Error message if delivery failed EXAMPLE: User: "Test my webhook with a device.online event" test_webhook({ webhook_id: "wh_mmmpdbvj_8b7c5a59296d", event: "device.online" })

  Connector

• get_blockchain_anchor

  HIPAA Agent

  Get the blockchain anchor proof for a specific date. Returns the SHA-256 root hash of all audit events from that date, the Base L2 transaction hash, and a Basescan verification link. Proves compliance records have not been tampered with. Free, no authentication required.

  Connector

• health_check

  foundation-discovery

  Check server health and connectivity. Returns: Dictionary with health status including: - status: "healthy" or "unhealthy" - version: Server version - environment: Current environment (dev/staging/prod)

  Connector