Stop Blindly Trusting MCP Servers — Add a Trust Gate to Your AI Agent in 5 Lines

Many of the 14,820+ publicly available MCP (Model Context Protocol) servers are unreliable, returning garbage data or frequently going offline, and that AI agents cannot distinguish between trustworthy and untrustworthy servers on their own. To solve this, the author introduces a "TrustGateInterceptor" for LangChain agents that checks a server's trust score against the Dominion Observatory database (tracking 93K+ interactions) before executing any tool call, blocking servers that fall below a user-set threshold. The interceptor integrates cleanly with other LangChain interceptors for rate limiting and logging, and offers a compliance tier for EU regulations with signed attestation receipts.

Your AI agent calls MCP servers. But do you know if those servers are reliable? MCP Model Context Protocol is how agents talk to tools. There are 14,820+ MCP servers in the wild. Some are rock-solid. Some go down every hour. Some return garbage data. Your agent can't tell the difference — unless you add a trust check. The Problem When your LangChain agent calls an MCP server: - It doesn't know if the server has been reliable historically - It doesn't know if the server is currently degraded - If the server fails, your agent fails — with no fallback The Fix: TrustGateInterceptor Using the interceptor pattern in langchain-mcp-adapters : python from langchain mcp adapters.client import MultiServerMCPClient from langchain mcp adapters.trust gate import TrustGateInterceptor trust gate = TrustGateInterceptor min trust score=60 async with MultiServerMCPClient {"my server": {"url": "https://my-mcp.example.com/mcp", "transport": "streamable http"}}, interceptors= trust gate , as client: tools = client.get tools Every tool call now checks trust score first Every tool call checks Dominion Observatory 14,820 servers tracked, 93K+ interactions observed before executing. Servers below your threshold get blocked with an explanation. What's Happening Under the Hood The trust gate calls the Observatory API before each tool invocation. It gets back: - Trust score 0-100 based on observed behavior across the ecosystem - Latency stats — avg and p95 - Success rate — what % of calls succeed - SLA grade — Platinum/Gold/Silver/Bronze/Unrated If the server doesn't meet your threshold, the call is blocked and your agent gets a clear message explaining why. Scores are cached for 5 minutes to avoid excessive API calls. The Interceptor Pattern The TrustGateInterceptor implements LangChain's ToolCallInterceptor protocol — the same pattern used for rate limiting, logging, and auth injection. It composes cleanly with other interceptors: interceptors= trust gate, Check trust first rate limiter, Then rate limit audit logger, Then log For Enterprise / MiCA Compliance If you're in the EU and need audit trails for MiCA Article 12 enforcement July 1, 2026 , the compliance tier returns signed attestation receipts at $0.10/query. Links - Observatory: https://dominion-observatory.sgdata.workers.dev https://dominion-observatory.sgdata.workers.dev - GitHub: https://github.com/vdineshk/dominion-observatory https://github.com/vdineshk/dominion-observatory - MCP endpoint: https://dominion-observatory.sgdata.workers.dev/mcp https://dominion-observatory.sgdata.workers.dev/mcp