If you use Claude Desktop, Cursor, Cline, or Continue, you've probably installed MCP servers from a "curated list" or directory. Here's the uncomfortable truth: most of those directories don't actually audit the servers they list. They're curated lists, not security audits.
I built an MCP marketplace that actually audits every server. Here's what I learned about MCP security — and how you can protect yourself.
Most "awesome-mcp-servers" lists work like this:
This means:
This actually happened. Two weeks ago, a typosquatting repo (JuanquiFortuny/prospector-mcp-email-finder
) slipped a Windows trojan (Trojan:Win64/Lazy.PGPK!MTB
) into a competing MCP directory via a fake "Download Latest Release" badge.
At MarketNow, every MCP server goes through 8 audit layers before entering the catalog:
Opens the actual package zip (recursively — zips inside zips) and scans for:
.exe
, .dll
, .scr
).bat
, .cmd
, .vbs
, .ps1
)17 YARA-equivalent rules for known malware families: Emotet, Cobalt Strike, Mimikatz, RedLine, Vidar, Raccoon, LummaC2, AsyncRAT, njRAT, Remcos, and more.
When you browse marketnow.site, every skill has:
Go to marketnow.site, search for what you need, check the Sentinel score, and copy the install command.
Add MarketNow as an MCP server in your assistant:
{
"mcpServers": {
"marketnow": {
"command": "npx",
"args": ["-y", "marketnow-mcp"]
}
}
}
Now you can ask Claude/Cursor/Cline: "Find me a filesystem MCP server with a high security score" — and it'll search MarketNow, filter by Sentinel score, and return only audited servers.
curl "https://marketnow.site/api/search?q=filesystem" | jq
curl "https://marketnow.site/api/audit-skill?skillId=mn-mcp-filesystem" | jq
For agent-to-agent trust, we also built ATC (Agent Trust Card) — SSL certificates for AI agents:
curl "https://marketnow.site/api/atc?action=verify&card_id=ATC-2026-XXXXXXX"
Returns: valid/invalid, Sentinel score, risk level, signature verification, revocation status.
marketnow.site/verify
before trusting a skill.MCP is becoming the standard for how AI assistants call external tools. But the trust infrastructure doesn't exist yet. Anyone can publish an MCP server, and most directories don't check anything.
MarketNow is trying to fix this: every server audited, every certificate signed, every incident public. The marketplace is free. The security infrastructure is the product.
Try it: https://marketnow.site
Install: npx -y marketnow-mcp
GitHub: https://github.com/edgarfloresguerra2011-a11y/marketnow
— Edison Flores, AliceLabs LLC