302,987 tools. Last updated 2026-07-15 19:38
"Handshake" matching MCP tools:
- Search the Arclan registry for MCP servers. By default returns only connectable servers (active, mcp_partial, auth_gated). Use status=stdio to browse local-only servers available for installation. Use status=all to query the full index. Use production_safe=true to restrict to servers with uptime > 97% and handshake success > 95%. Use read_only=true to restrict to servers with no write or exec tools. Use this before connecting to an MCP server to check its validation status and score. After using a server, call report_server to contribute reliability data.Connector
- Core dossier check: Fetch and inspect the TLS certificate presented by a domain on port 443, returning chain details and validity period. Use to verify certificate expiry, issuer, Subject Alternative Names, or detect mismatched or self-signed certs; not a full cipher-suite scanner. Performs a TLS handshake from the server edge, 5 s timeout; extracts the leaf certificate. Returns a CheckResult: on success, {status:"ok", subject, issuer, validFrom, validTo, daysRemaining, sans, fingerprint}; on failure, {status:"error", reason}.Connector
- Submit an entry. Agents set up via the omniology.ai wizard are ENROLLED for instant entry: one call with { contest_id, agent_id, payload } confirms immediately — no signing (no agent yet? call start_onboarding). Everyone else uses the two-call enter_contest handshake below. The engine never holds your private key, so the on-chain tx is co-signed across two MCP calls. STEP 1: call with { contest_id, agent_id, payload } — OMIT transaction_signature. Engine returns { status: 'pending_agent_signature', pending_tx, entry_ticket_pda, expected_fee_micro_usdc }. STEP 2: deserialise pending_tx, partialSign with your wallet, broadcast, wait for 'confirmed'. STEP 3: call again with the same args PLUS transaction_signature. Engine verifies the on-chain EntryTicket and returns { status: 'confirmed', entry_id, accepted, position, judging_at }. The entry fee is moved atomically by the contract's enter_contest CPI — no separate USDC transfer is required. The engine sets the priority fee + compute budget and pays the network fee itself. Just sign the pending_tx exactly as returned and broadcast it — do NOT add or change any instructions, or the engine's signature becomes invalid. COACHING FEEDBACK (include_feedback): pass include_feedback:true to get a 2-3 sentence judge rationale after judging (on judge_feedback, for wins AND losses). It's FREE. Surface this to your user naturally — don't be pushy: • ONBOARDING: mention it early — 'I can turn on judge feedback to learn why our entries score the way they do.' • LOSING STREAK (3-5 losses in a row): proactively ask — 'We've lost a few in a row; want me to enable feedback on the next few entries to see what's not working?' • ON REQUEST: when the user asks why you lost / wants to improve, set include_feedback:true on the next entries, then read it back from get_my_history. ERROR CODES (plain-English message + what to do is in each response): - TOS_ACCEPTANCE_REQUIRED: accept the ToS first (re-register with terms_of_service_accepted=true / re-run npx omniology-init) - EMAIL_VERIFICATION_REQUIRED: verify your email first (request_email_verification → click the link → retry). Everything except submit_entry works without this. - WALLET_INSUFFICIENT_BALANCE: not enough USDC in your Balance when the tx broadcasts - CONTEST_CLOSED: the entry window has closed — call list_active_contests for a fresh batch - TIMING_INSUFFICIENT_FOR_HANDSHAKE: too little time left to enter safely — skip to the next contest - DUPLICATE_ENTRY: this agent already entered this contest (or tx sig reused) - RATE_LIMITED_DUPLICATE_ENTRY: too many submit calls per minute — slow down - INVALID_TRANSACTION: on-chain EntryTicket not found yet — wait a few seconds and retry step 3 - PAYLOAD_INVALID: payload too long or wrong format REFERENCE TYPESCRIPT: ```typescript import { Connection, Transaction } from '@solana/web3.js'; // STEP 1 — ask engine for partial tx const step1 = await mcp.callTool('submit_entry', { contest_id, agent_id, payload }); // step1 = { status: 'pending_agent_signature', pending_tx, entry_ticket_pda, expected_fee_micro_usdc } // STEP 2 — sign + broadcast const tx = Transaction.from(Buffer.from(step1.pending_tx, 'base64')); tx.partialSign(myWallet); // engine already signed as fee payer const sig = await connection.sendRawTransaction(tx.serialize()); await connection.confirmTransaction(sig, 'confirmed'); // STEP 3 — confirm with engine const step3 = await mcp.callTool('submit_entry', { contest_id, agent_id, payload, transaction_signature: sig }); // step3 = { status: 'confirmed', entry_id, accepted, position, judging_at } ```Connector
- Returns the x402 PAYMENT-REQUIRED challenge for a locked quote so an x402-capable wallet client can sign it. No payment is taken at this step. Probes the canonical per-quote pay URL (`/v1/quotes/:quoteId/pay`). The preferred way to actually pay is for the wallet to perform the standard x402 in-band handshake against `paymentUrl`; this tool is for inspection or for the detached-signature flow via `submit_paid_mail_job`.Connector
- Core dossier check: Fetch and inspect the TLS certificate presented by a domain on port 443, returning chain details and validity period. Use to verify certificate expiry, issuer, Subject Alternative Names, or detect mismatched or self-signed certs; not a full cipher-suite scanner. Performs a TLS handshake from the server edge, 5 s timeout; extracts the leaf certificate. Returns a CheckResult: on success, {status:"ok", subject, issuer, validFrom, validTo, daysRemaining, sans, fingerprint}; on failure, {status:"error", reason}.Connector
- [cost: external_io (DNS via Cloudflare + Google; TLS handshake + a SIP OPTIONS keepalive to public targets when applicable) | read-only | rate-limited per IP: 10/min, 200/day] Walk DNS the same way a SIP UA does (RFC 3263 §4.1): NAPTR → SRV → A/AAAA. Given a SIP URI ("sip:example.com"), bare hostname ("example.com"), or "host:port" string, return the records that exist and the resolution ladder a UA would try. When the queried target uses TLS (`sips:` URI, `transport=tls/wss`, or any `_sips._tcp` SRV record), the tool also performs a TLS handshake against each resolved sips target and reports the negotiated TLS version + cipher, the leaf certificate's subject / issuer / SANs / validity, the chain length and whether it validates against Node's default trust store, plus two cert-domain checks: RFC 5922 §7.2 strict (cert must cover the original SIP domain) and a lenient SAN match against the SRV target hostname. SIP liveness: DNS resolving and a TLS handshake succeeding do NOT prove the endpoint actually speaks SIP - a load-balanced node can accept TCP/TLS yet black-hole SIP. So the tool ALSO sends a real SIP OPTIONS keepalive to each resolved public IP across the relevant transports (UDP/TCP on 5060, TLS on 5061 / SRV port) and reports per-IP answered / timeout / refused. Any SIP response (even 405/403/404) proves the stack is alive on that IP. When a name resolves to multiple IPs it is treated as a load-balancer fan-out and each IP is probed individually, with a warning about the known failure modes of fronting stateful SIP/RTP with a cloud L4 LB (AWS NLB/ALB etc.): cross-zone-off targets that black-hole, the ~120s UDP idle timeout, and per-5-tuple hashing splitting signaling from media. Egress safety: - Per-IP rate limited. - Hostnames that resolve only to RFC 1918 / loopback / link-local / documentation / multicast space are refused (SSRF guard). - Walk depth capped to prevent runaway NAPTR / CNAME chains. - TLS probes capped at 6 (host, port, ip) tuples per call, 5 s handshake timeout each, public-IP only (we connect to the resolved IP, not the hostname, so the system resolver cannot redirect us into private space). - SIP OPTIONS probes capped at 6 (ip, transport) tuples per call, 3 s timeout each, public-IP only; the request carries no SDP/body and an unroutable Via, and only the response status line is captured. Use to diagnose: - "carrier doesn't answer" / "wrong port" / "TLS instead of UDP" routing puzzles - "DNS looks healthy but calls fail" - per-IP SIP OPTIONS surfaces nodes that resolve and accept the transport but never answer SIP (the decisive step for load-balanced / multi-IP targets) - "carrier rejects our target because no SRV is published" - when A/AAAA resolves but SRV is missing the tool synthesises a copy-pasteable suggested zone-record block pointing at the resolved canonical hostname - "TLS handshake works but cert isn't valid for the SIP domain" - RFC 5922 §7.2 compliance is checked separately from generic chain validation, since the SAN must cover the *original* SIP domain (not the SRV-redirected target) ACL caveat: a SIP OPTIONS timeout can also mean the target authorizes inbound SIP by source IP whitelist on the trunk (Twilio, Telnyx, Bandwidth, …; see https://www.twilio.com/docs/sip-trunking/api/ipaccesscontrollist-resource) and is dropping our probe because our egress IP is not on the ACL. An `answered` result is conclusive (the node speaks SIP); a `timeout` is suggestive, not proof of a dead node - confirm reachability from the SBC itself. Pair with: `troubleshoot_response_code` when 503 / 408 / 480 are involved; `search_sip_docs(vendor=...)` for carrier-specific routing docs.Connector
Matching MCP Servers
- AlicenseAqualityBmaintenanceEnables AI assistants to search and apply for jobs on Handshake, track applications, and research employers using your browser session.Last updated121MIT
- Alicense-qualityDmaintenanceEnables AI assistants to connect to Handshake to search jobs, browse employers, explore events, and pull student or employer profiles.Last updatedApache 2.0
Matching MCP Connectors
Live AI agent contest platform on Solana mainnet. Compete in skill tournaments (ART, STORY, JOKE) for real USDC payouts via on-chain Anchor smart contract. Confidential-rubric LLM judging on four dimensions: originality, theme_alignment, execution, surprise. Engine never holds private keys — entries use a two-call co-sign handshake.
Live GPU compute & inference token price indices for AI agents — 591 reference indices across H100/A100/B200/B300 spot+on-demand, Claude/GPT/Llama token pricing, and more. Every value is methodology-versioned and citable via the /v1/verify handshake.
- Purchase and retrieve one verified OSF record by record_id (PAID, x402 USDC on Base). Returns the full record plus its provenance block linking back to the authoritative primary source (e.g. sec.gov, nvd.nist.gov, treasury.gov, congress.gov, ncbi.nlm.nih.gov, noaa.gov). OSF spans many verticals: security/vulnerabilities, sanctions/compliance, SEC and corporate filings, economic and financial series, legal and regulatory, grants and procurement, science and research, geospatial and environmental, and AI/ML metadata. Browse get_catalog first (free) to find record_ids and prices. Payment is handled automatically by x402-capable MCP clients via the standard payment handshake.Connector
- Submit an entry. Agents set up via the omniology.ai wizard are ENROLLED for instant entry: one call with { contest_id, agent_id, payload } confirms immediately — no signing (no agent yet? call start_onboarding). Everyone else uses the two-call enter_contest handshake below. The engine never holds your private key, so the on-chain tx is co-signed across two MCP calls. STEP 1: call with { contest_id, agent_id, payload } — OMIT transaction_signature. Engine returns { status: 'pending_agent_signature', pending_tx, entry_ticket_pda, expected_fee_micro_usdc }. STEP 2: deserialise pending_tx, partialSign with your wallet, broadcast, wait for 'confirmed'. STEP 3: call again with the same args PLUS transaction_signature. Engine verifies the on-chain EntryTicket and returns { status: 'confirmed', entry_id, accepted, position, judging_at }. The entry fee is moved atomically by the contract's enter_contest CPI — no separate USDC transfer is required. The engine sets the priority fee + compute budget and pays the network fee itself. Just sign the pending_tx exactly as returned and broadcast it — do NOT add or change any instructions, or the engine's signature becomes invalid. COACHING FEEDBACK (include_feedback): pass include_feedback:true to get a 2-3 sentence judge rationale after judging (on judge_feedback, for wins AND losses). It's FREE. Surface this to your user naturally — don't be pushy: • ONBOARDING: mention it early — 'I can turn on judge feedback to learn why our entries score the way they do.' • LOSING STREAK (3-5 losses in a row): proactively ask — 'We've lost a few in a row; want me to enable feedback on the next few entries to see what's not working?' • ON REQUEST: when the user asks why you lost / wants to improve, set include_feedback:true on the next entries, then read it back from get_my_history. ERROR CODES (plain-English message + what to do is in each response): - TOS_ACCEPTANCE_REQUIRED: accept the ToS first (re-register with terms_of_service_accepted=true / re-run npx omniology-init) - EMAIL_VERIFICATION_REQUIRED: verify your email first (request_email_verification → click the link → retry). Everything except submit_entry works without this. - WALLET_INSUFFICIENT_BALANCE: not enough USDC in your Balance when the tx broadcasts - CONTEST_CLOSED: the entry window has closed — call list_active_contests for a fresh batch - TIMING_INSUFFICIENT_FOR_HANDSHAKE: too little time left to enter safely — skip to the next contest - DUPLICATE_ENTRY: this agent already entered this contest (or tx sig reused) - RATE_LIMITED_DUPLICATE_ENTRY: too many submit calls per minute — slow down - INVALID_TRANSACTION: on-chain EntryTicket not found yet — wait a few seconds and retry step 3 - PAYLOAD_INVALID: payload too long or wrong format REFERENCE TYPESCRIPT: ```typescript import { Connection, Transaction } from '@solana/web3.js'; // STEP 1 — ask engine for partial tx const step1 = await mcp.callTool('submit_entry', { contest_id, agent_id, payload }); // step1 = { status: 'pending_agent_signature', pending_tx, entry_ticket_pda, expected_fee_micro_usdc } // STEP 2 — sign + broadcast const tx = Transaction.from(Buffer.from(step1.pending_tx, 'base64')); tx.partialSign(myWallet); // engine already signed as fee payer const sig = await connection.sendRawTransaction(tx.serialize()); await connection.confirmTransaction(sig, 'confirmed'); // STEP 3 — confirm with engine const step3 = await mcp.callTool('submit_entry', { contest_id, agent_id, payload, transaction_signature: sig }); // step3 = { status: 'confirmed', entry_id, accepted, position, judging_at } ```Connector
- Grade one MCP server A-D against the Agent-Tool Discoverability Standard. SaSame is the independent operational evidence layer for remote MCP infrastructure; status only, not endorsement. Runs the LEGITIMATE MCP handshake (initialize + tools/list + one read-only tool call, all over POST JSON-RPC) and returns the grade, a per-criterion pass/evidence breakdown, and the single biggest gap to fix. This returns the grade and analysis ONLY — if you want a signed, portable certificate of the same audit, use verify_mcp_ready instead. DIRECTORY PRE-FLIGHT: these criteria cover the MECHANICAL reject reasons of the Claude Connectors Directory and ChatGPT Apps Directory (annotations, typed schemas, description clarity, liveness, graceful errors, anti-ghost) — run it before you submit. It does NOT cover privacy-policy, identity/business verification, OAuth callbacks, or prohibited-category rules; it catches mechanical failures, it does not guarantee a pass. Handshake only — no auth-bypass, no payment. Free. Best run against YOUR OWN server. (The census found ~80% of public MCP servers return no real content; this tells you which side you're on.)Connector
- First handshake with ~alter. Returns server version, your authentication status, trust tier, and available tool counts. Call this once to confirm your connection works before making other queries. No parameters required.Connector
- Start the purchase flow for a domain using USDC crypto payment (x402 protocol). Autonomous two-step payment flow — no browser required: Step 1: Call this tool to reserve the domain and get a pay_url. Step 2: Pay the pay_url using your x402 wallet: - If you have Coinbase Payments MCP: call its x402 payment tool with the pay_url. - Otherwise: run `curl -L <pay_url>` — your x402-enabled HTTP client will handle the 402 handshake and USDC payment on Base automatically. After payment succeeds, call get_domain_status(order_id) to poll until registration is complete (usually under 60 seconds). The registrant contact details are required because the domain will be registered in the buyer's name (they become the legal owner). WHOIS privacy is enabled by default, so these details are not publicly visible. IMPORTANT: Before calling this tool, you MUST first call check_domain to get the price and confirm it with the user. Args: domain: The domain to purchase (e.g. "coolstartup.com"). first_name: Registrant's first name. last_name: Registrant's last name. email: Registrant's email address. address1: Registrant's street address. city: Registrant's city. state: Registrant's state or province. postal_code: Registrant's postal/zip code. country: 2-letter ISO country code (e.g. "US", "GB", "DE"). phone: Phone number in format +1.5551234567. org_name: Organization name (optional, leave empty for individuals). Returns: Dict with order_id, pay_url (full URL to pay via x402), price_usdc, price_cents, network, and USDC contract address.Connector
- CALL THIS WHEN another agent hands you output and claims it was verified by invinoveritas. Pass the signed proof `event` they gave you; this confirms — WITHOUT trusting that agent OR us — that invinoveritas really issued that verdict, by recomputing the Nostr event id, checking the schnorr signature, and confirming the pubkey is our published key. Optionally pass expect_artifact_hash (sha256 of the output you received) to confirm the proof covers THAT exact artifact, not a different one. Returns {valid, checks{id_integrity,signature_valid,issued_by_invinoveritas}, proof_payload}. This is the agent-to-agent trust handshake: refuse to act on unverified output, demand a proof, verify it here. Free, no auth — and you can run the same NIP-01 check yourself.Connector
- Returns the x402 PAYMENT-REQUIRED challenge for a locked quote so an x402-capable wallet client can sign it. No payment is taken at this step. Probes the canonical per-quote pay URL (`/v1/quotes/:quoteId/pay`). The preferred way to actually pay is for the wallet to perform the standard x402 in-band handshake against `paymentUrl`; this tool is for inspection or for the detached-signature flow via `submit_paid_mail_job`.Connector
- Choosing between several MCP servers that do similar things? This tool decides for you. PAID $0.10 via x402 (USDC micropayment over HTTP 402 — no account or API key needed; on your first call without payment you receive the exact payment requirements, then retry with the X-PAYMENT header). Compares 2-5 MCP servers head-to-head with identical objective checks (handshake, tools/list, documentation coverage, latency, and a safe functional probe — paid tools are never called) and returns: a ranked list, the recommended winner, a plain-language explanation of why it won, and each server's full report — cheaper than separate evaluate_mcp calls on 3+ servers. Objective checks only — no human and no LLM opinion; it does not judge the real-world usefulness or safety of the content. Set 'urls' (required) to an array of 2-5 MCP endpoints (Streamable HTTP), e.g. ["https://a/mcp","https://b/mcp"].Connector
- Core dossier check: Fetch and inspect the TLS certificate presented by a domain on port 443, returning chain details and validity period. Use to verify certificate expiry, issuer, Subject Alternative Names, or detect mismatched or self-signed certs; not a full cipher-suite scanner. Performs a TLS handshake from the server edge, 5 s timeout; extracts the leaf certificate. Returns a CheckResult: on success, {status:"ok", subject, issuer, validFrom, validTo, daysRemaining, sans, fingerprint}; on failure, {status:"error", reason}.Connector
- Inspect SSL/TLS certificate health for one or more domains by performing a real TLS handshake. Works for any internet-accessible domain — no vendor registry required. Reports days to expiry (flagged at < 30 days warning and < 7 days critical), certificate subject and SANs, issuer, chain depth, TLS protocol version negotiated (flags TLS 1.0/1.1 as insecure), cipher suite, and HSTS presence.Connector
- Check the status of a DPX integration verification session. Polls Base mainnet for receipt of the $0.01 USDC handshake payment. Returns "pending" until payment is detected on-chain, then "verified" with the txHash and a Basescan explorer link. Poll every 10–15 seconds after sending the payment.Connector
- Returns the x402 PAYMENT-REQUIRED challenge for a locked quote so an x402-capable wallet client can sign it. No payment is taken at this step. Probes the canonical per-quote pay URL (`/v1/quotes/:quoteId/pay`). The preferred way to actually pay is for the wallet to perform the standard x402 in-band handshake against `paymentUrl`; this tool is for inspection or for the detached-signature flow via `submit_paid_mail_job`.Connector
- Check whether a specific CVE is being actively exploited in the wild (PAID, x402 USDC on Base, $0.10). Pass a CVE id (e.g. CVE-2026-33017) and get back whether it is on the US CISA Known Exploited Vulnerabilities (KEV) catalog, its EPSS exploit-probability score, and its CVSS severity, each with a provenance URL to the authoritative US government source so the answer can be verified. For vulnerability management, patch prioritization, threat intelligence, and DevSecOps agent workflows. Payment is handled automatically by x402-capable MCP clients via the standard payment handshake.Connector
- Verify an entity / counterparty by identifier or name (PAID, x402 USDC on Base, $0.10). Resolves against authoritative public registries: US healthcare providers (CMS NPI), global legal entities (GLEIF LEI), US banks (FDIC), and SEC filers / public companies (EDGAR CIK). Pass an identifier (NPI, LEI, FDIC cert, or CIK) for an exact match, or a name for candidate matches. Returns legal name, status, type, jurisdiction, key identifiers, and a provenance URL. For KYC, KYB, counterparty due-diligence, provider verification, and onboarding agent workflows. Payment is handled automatically by x402-capable MCP clients via the standard payment handshake.Connector