How to find safe MCP servers for your AI coding assistant (and why most directories lie) A developer built MarketNow, an MCP marketplace that audits every server for malware and security risks, after discovering that most MCP directories do not actually audit the servers they list. The platform uses eight audit layers, including scanning for executables, scripts, and known malware families, and provides a Sentinel security score for each server. The developer warns that a typosquatting repo recently slipped a Windows trojan into a competing directory via a fake download badge. If you use Claude Desktop, Cursor, Cline, or Continue, you've probably installed MCP servers from a "curated list" or directory. Here's the uncomfortable truth: most of those directories don't actually audit the servers they list. They're curated lists, not security audits. I built an MCP marketplace that actually audits every server. Here's what I learned about MCP security — and how you can protect yourself. Most "awesome-mcp-servers" lists work like this: This means: This actually happened. Two weeks ago, a typosquatting repo JuanquiFortuny/prospector-mcp-email-finder slipped a Windows trojan Trojan:Win64/Lazy.PGPK MTB into a competing MCP directory via a fake "Download Latest Release" badge. At MarketNow https://marketnow.site , every MCP server goes through 8 audit layers before entering the catalog: Opens the actual package zip recursively — zips inside zips and scans for: .exe , .dll , .scr .bat , .cmd , .vbs , .ps1 17 YARA-equivalent rules for known malware families: Emotet, Cobalt Strike, Mimikatz, RedLine, Vidar, Raccoon, LummaC2, AsyncRAT, njRAT, Remcos, and more. When you browse marketnow.site https://marketnow.site , every skill has: Go to marketnow.site https://marketnow.site , search for what you need, check the Sentinel score, and copy the install command. Add MarketNow as an MCP server in your assistant: { "mcpServers": { "marketnow": { "command": "npx", "args": "-y", "marketnow-mcp" } } } Now you can ask Claude/Cursor/Cline: "Find me a filesystem MCP server with a high security score" — and it'll search MarketNow, filter by Sentinel score, and return only audited servers. Search for skills curl "https://marketnow.site/api/search?q=filesystem" | jq Get a skill's security certificate curl "https://marketnow.site/api/audit-skill?skillId=mn-mcp-filesystem" | jq For agent-to-agent trust, we also built ATC Agent Trust Card — SSL certificates for AI agents: Verify any agent's trust card curl "https://marketnow.site/api/atc?action=verify&card id=ATC-2026-XXXXXXX" Returns: valid/invalid, Sentinel score, risk level, signature verification, revocation status. marketnow.site/verify before trusting a skill.MCP is becoming the standard for how AI assistants call external tools. But the trust infrastructure doesn't exist yet. Anyone can publish an MCP server, and most directories don't check anything. MarketNow is trying to fix this: every server audited, every certificate signed, every incident public. The marketplace is free. The security infrastructure is the product. Try it: https://marketnow.site https://marketnow.site Install: npx -y marketnow-mcp GitHub: https://github.com/edgarfloresguerra2011-a11y/marketnow https://github.com/edgarfloresguerra2011-a11y/marketnow — Edison Flores, AliceLabs LLC