Skip to main content
Glama
261,376 tools. Last updated 2026-07-05 12:09

"namespace:com.onrender.hexnest-mvp-roomboard" matching MCP tools:

  • Scan a public GitHub MCP-server repository for security issues. Clones the repo (shallow, <60s, <200 MB), runs compuute-scan v0.6.2 in static analysis mode (no code execution from the target), and returns a structured report with severity counts, a 0-100 score, and the 10 most severe findings. WHEN TO USE: - Before connecting to an unknown MCP server discovered via Anthropic Registry, Smithery, mcp.so, or a Discord recommendation. - Before installing a third-party MCP-server package into a production pipeline. - As part of an agent's pre-commit / pre-deploy due-diligence step when adding new dependencies. - As one input to a multi-source trust evaluation (combine with publisher reputation, package install count, last-update recency). WHEN NOT TO USE: - For private repos. Use the on-prem CLI instead: `npx compuute-scan ./path-to-private-repo` - For deep exploitability assessment of a specific code path. This is pattern matching, not dataflow analysis. Book a manual L2-L4 audit at https://compuute.se/audit for that depth. - For non-GitHub hosts (GitLab, Bitbucket, self-hosted). v1 supports github.com only. - For repos > 200 MB or clone time > 60s. The endpoint returns a 413 or 504 in those cases — fall back to local CLI. EXPECTED RESPONSE TIME: - Median: ~1-2 seconds for small repos (<100 files). - p99: ~10 seconds for medium repos. - Hard timeout at clone=60s, scan=120s combined. EXPECTED COST: - Free tier in MVP. Future Pro tier may charge per-scan or per-month. DATA FRESHNESS: - Scanner version is reported in response.scanner.version. - L1 rule set freshness reflects compuute-scan releases — see github.com/Compuute/compuute-scan/CHANGELOG.md for the latest CVE and threat-intel response timeline. EXAMPLES: Example 1 — scan an MCP server you're evaluating: github_url = "https://github.com/modelcontextprotocol/servers" → score: 0, summary: {critical: 1, high: 94, medium: 22} → top_findings include SSRF, eval, etc. → recommendation: "AVOID — 1 critical and 94 high finding(s)..." Example 2 — scan a clean reference implementation: github_url = "https://github.com/microsoft/azure-devops-mcp" → score: 90+, summary: {critical: 0, high: 1} → recommendation: "REVIEW — 1 high finding(s)..." Example 3 — scan your own dev MCP-server before publishing: github_url = "https://github.com/yourorg/your-mcp" → audit your own surface before others install it OUTPUT FIELDS (stable schema): - repo_url (str): canonical URL of the scanned repo. - score (int): 0-100, higher safer. Coarse summary, not a precision claim. - summary (object): {critical, high, medium, low, info, files_scanned}. - recommendation (str): action guidance derived from severity counts. - findings_count (int): total raw findings (may include false positives). - top_findings (list): up to 10 most severe, each with {id, title, severity, file, line, owasp, cwe}. - l0_discovery (object): MCP transport, tool count, dependency pinning. - performance (object): clone_seconds, scan_seconds, repo_size_bytes. - scanner (object): {name, version, layers_covered}. - _disclaimer (str): MANDATORY triage disclaimer. Read it. Args: github_url: Public GitHub HTTPS URL (e.g. https://github.com/org/repo). Must be public and < 200 MB. v1 is github.com only. Returns: Structured scan result. On error, returns {"error": code, "message": ...} with HTTP-style code (invalid_url, clone_failed, scan_timeout, etc.).
    Connector
  • Use this read-only resolver tool to load a TF-XBRL TripCode as a SEC/XBRL evidence object. Parameters: tripcode is required and must be a proprietary DeltaSignal SEC/XBRL resolver key such as TF-XBRL-HUT-2026Q1-... Behavior: idempotent and local for the MVP; it has no destructive side effects, does not mutate SEC filings, does not call wallets or x402 settlement, and returns HUT seed objects when the TripCode is known. Use this before article comparison whenever a Substack article names a TF-XBRL evidence object.
    Connector
  • Use this read-only resolver tool to load a TF-XBRL TripCode as a SEC/XBRL evidence object. Parameters: tripcode is required and must be a proprietary DeltaSignal SEC/XBRL resolver key such as TF-XBRL-HUT-2026Q1-... Behavior: idempotent and local for the MVP; it has no destructive side effects, does not mutate SEC filings, does not call wallets or x402 settlement, and returns HUT seed objects when the TripCode is known. Use this before article comparison whenever a Substack article names a TF-XBRL evidence object.
    Connector
  • Use this read-only comparison tool to compare a TF-SUB article node against resolved TF-XBRL filing evidence objects. Parameters: article_tripcode is optional, filing_tripcodes may list one or more TF-XBRL objects, and ticker=HUT with no filing_tripcodes loads the default HUT filing pack. Behavior: idempotent and local for the MVP; it has no destructive side effects, does not mint official SEC identity, does not infer filing evidence from prose, and does not call wallets or x402 settlement. The HUT MVP returns a structured article-readiness packet with filing changes, confirmed thesis points, weakened assumptions, stress points, XBRL drivers, invalidation checks, and next-filing monitors.
    Connector
  • Get the full detail of a specific opportunity: description, score breakdown, MVP features, competitors, differentiation, risks and community evidence count. (Free tool)
    Connector
  • Use this read-only synthesis tool when a subscriber gives Codex or Claude Code a DeltaSignal article TripCode and asks for the thesis map behind the article. Parameters: pass article_tripcode or tripcode, optional prior_article_tripcodes, linked_xbrl_tripcodes, filing_tripcodes, and ticker. For HUT, the MVP can use the seeded HUT filing pack when no filing_tripcodes are supplied. Behavior: idempotent and evidence-scoped with no destructive side effects. It resolves the TF-SUB article object when Azure Blob is configured, compares linked TF-XBRL filing evidence, marks missing live ATLAS evidence explicitly, and returns the eight required thesis-map sections. It does not call Grok, does not invent evidence, does not mutate Substack or Azure Blob, and does not treat TripCodes as official SEC identities.
    Connector

Matching MCP Servers

Matching MCP Connectors

  • AI debate arena where agents argue positions, challenge each other, and run Python experiments mid-debate. Agents join rooms, take sides, and prove points with real code. Built by machines, for machines.

  • Ed25519-signed ground-truth oracle — 63 paid x402 tools live on Base mainnet.

  • Use this read-only synthesis tool when a subscriber gives Codex or Claude Code a DeltaSignal article TripCode and asks for the thesis map behind the article. Parameters: pass article_tripcode or tripcode, optional prior_article_tripcodes, linked_xbrl_tripcodes, filing_tripcodes, and ticker. For HUT, the MVP can use the seeded HUT filing pack when no filing_tripcodes are supplied. Behavior: idempotent and evidence-scoped with no destructive side effects. It resolves the TF-SUB article object when Azure Blob is configured, compares linked TF-XBRL filing evidence, marks missing live ATLAS evidence explicitly, and returns the eight required thesis-map sections. It does not call Grok, does not invent evidence, does not mutate Substack or Azure Blob, and does not treat TripCodes as official SEC identities.
    Connector
  • Use this read-only SEC/XBRL identity tool to generate a deterministic TF-XBRL resolver object for a DeltaSignal evidence object. Parameters: pass ticker=HUT with no filing overrides for the HUT 2026-Q1 10-Q seed object, or provide cik, issuer, filing_type, filing_period, and source document fields for explicit generation. Behavior: idempotent and local for the MVP; it has no destructive side effects, does not modify SEC filings, does not call wallets or x402 settlement, and never replaces SEC accession numbers, CIKs, form types, reporting periods, or XBRL concept identities. Use the returned TripCode as a subscriber-facing join key from article nodes, research rivers, SEC evidence, and DeltaSignal outputs.
    Connector
  • Inject audio into an open Voice Bridge call. Two modes: (1) text — we synthesize via OmniVoice TTS in any of 602 languages; (2) audio_base64 + encoding — bring your own audio (mulaw_8000 or pcm_l16_16000 for MVP). STT is automatically muted while we inject, so the agent doesn't hear itself. No additional payment — covered by the session deposit.
    Connector
  • Render a validated StrategiX visual-spec contract into deterministic Go-native SVG with fit report, hashes, compact search metadata, and human-readable receipt fields. This MVP does not use external D2/Graphviz yet.
    Connector
  • Render a validated StrategiX visual-spec contract into deterministic Go-native SVG with fit report, hashes, compact search metadata, and human-readable receipt fields. This MVP does not use external D2/Graphviz yet.
    Connector
  • Get Lenny Zeltser's expert strategic guidelines for a specific product strategy topic. Topics: market (segmentation), capabilities (AI, agents, MVP, positioning), sales (GTM, channels, distribution, POCs), pricing (models, retention), delivery (deployment, APIs), trust (compliance, security program), platform (ecosystem positioning), team (expertise, gaps), competitive (differentiation, moats), defensibility (AI-era defensibility rubric scoring a product across seven dimensions), smb (SMB market dynamics), endpoint (endpoint viability), ai_security (AI security vertical), role (product manager responsibilities), category_creation (new category strategy), comparative (multi-company analysis), evidence_tiering (evidence classification framework). This server never requests your product plans and instructs your AI to keep them local—guidelines flow to your AI for local analysis.
    Connector
  • Use this read-only comparison tool to compare a TF-SUB article node against resolved TF-XBRL filing evidence objects. Parameters: article_tripcode is optional, filing_tripcodes may list one or more TF-XBRL objects, and ticker=HUT with no filing_tripcodes loads the default HUT filing pack. Behavior: idempotent and local for the MVP; it has no destructive side effects, does not mint official SEC identity, does not infer filing evidence from prose, and does not call wallets or x402 settlement. The HUT MVP returns a structured article-readiness packet with filing changes, confirmed thesis points, weakened assumptions, stress points, XBRL drivers, invalidation checks, and next-filing monitors.
    Connector
  • MVP-advice guardrail. Use before telling a founder to build when trust, permission, embeddedness, or guardian proof is untested. This wrapper returns an advisory preflight scaffold only; full engine verdicts require the typed REST /v1/decision-check route, source-backed evidence, and licensed access where applicable.
    Connector
  • Use this read-only SEC/XBRL identity tool to generate a deterministic TF-XBRL resolver object for a DeltaSignal evidence object. Parameters: pass ticker=HUT with no filing overrides for the HUT 2026-Q1 10-Q seed object, or provide cik, issuer, filing_type, filing_period, and source document fields for explicit generation. Behavior: idempotent and local for the MVP; it has no destructive side effects, does not modify SEC filings, does not call wallets or x402 settlement, and never replaces SEC accession numbers, CIKs, form types, reporting periods, or XBRL concept identities. Use the returned TripCode as a subscriber-facing join key from article nodes, research rivers, SEC evidence, and DeltaSignal outputs.
    Connector
  • Drop-in agent guardrail before market entry, MVP launch, scale, funding, CFO action, or partnership advice in African and high-context markets. This wrapper returns an advisory preflight scaffold only; full engine verdicts require the typed REST /v1/decision-check route, source-backed evidence, and licensed access where applicable.
    Connector