Independent ratings for the agentic era

Which tools can your agent actually trust?

Assay scores MCP servers, APIs, and SDKs across agent friendliness, security, and reliability — so agents and developers can choose the right tools.

3933 packages evaluated across 7943 cataloged · 16 categories · avg score 64.1

Top MCP servers Highest rated Free tier Compare

Top Rated

View all →

@modelcontextprotocol/server-everything

Anthropic's official 'everything' MCP server — a comprehensive test server that implements every MCP feature (tools, prompts, resources, sampling) for testing MCP clients and agent integrations.

Developer Tools MCP
96

Anthropic Claude API

Anthropic's Claude LLM API providing text, vision, and tool-use capabilities across Claude 3.5 Sonnet, Claude 3 Opus, and Haiku model variants with up to 200K token context.

AI & Machine Learning
93

@modelcontextprotocol/server-filesystem

Anthropic's official reference MCP server for local filesystem access. Gives agents read/write access to files and directories on the host machine, with configurable path restrictions.

File Management MCP
93

Stripe Billing API

Stripe Billing is the subscription and invoicing layer of the Stripe platform, providing APIs for managing Products, Prices, Subscriptions, Invoices, and Customer billing portals. Used by SaaS companies to automate recurring revenue, proration, metered usage billing, and dunning workflows.

Other MCP
91

Stripe API

The developer's payment platform with APIs for accepting payments, managing subscriptions, handling billing, and fraud prevention, with an official MCP server.

Other MCP
90

GitHub MCP Server

Official GitHub MCP server enabling AI agents to interact with GitHub repositories, issues, pull requests, code search, Actions workflows, and more — built by GitHub.

Developer Tools MCP
90

Recently Evaluated

Browse all →

GitHub Advanced Security API

GitHub Advanced Security (GHAS) exposes a comprehensive REST and GraphQL API surface for three integrated security products: Code Scanning (CodeQL SAST plus third-party SARIF-based scanners), Secret Scanning (detection of 200+ secret types across commits and PRs), and the Dependency Review API / Dependabot Alerts (SCA for known CVEs in package manifests). The Code Scanning API allows querying alerts (with CodeQL rule details, CWE, severity, location, state), uploading SARIF results from any scanner, and managing alert dismissal state. The Secret Scanning API surfaces detected secrets (with secret type, validity status for live/active secrets, commit/PR source), manages alert triage, and exposes push protection bypass events. The Dependency Review API shows vulnerable dependencies introduced by a specific PR diff, and the Dependabot Alerts API exposes all known CVE alerts across a repository with CVSS scores, fix versions, and auto-fix status. All three APIs use the standard GitHub REST auth model (GitHub Apps, OAuth Apps, or PATs) and return well-documented JSON with consistent pagination using link headers. GHAS is included free for public repositories and requires a paid GHAS license for private repositories.

Security
68

Epic Online Services (EOS) API

Epic Online Services (EOS) is Epic Games' cross-platform SDK and REST API suite providing authentication, friends, achievements, stats, leaderboards, matchmaking, lobbies, voice, anti-cheat, and player data for games. Includes the Epic Games Store Web API for catalog and entitlement data. Designed for game developers integrating online services into their own titles.

Developer Tools
44

Elasticsearch REST API

Elasticsearch is a distributed search and analytics engine built on Apache Lucene. Its REST API exposes comprehensive document indexing, full-text search with relevance scoring, structured field filtering, faceted aggregations, and (as of 8.x) native kNN vector search for semantic similarity. Agents can index arbitrary JSON documents, run complex boolean query DSL, execute multi-field aggregations, and perform hybrid dense+sparse retrieval — all over plain HTTPS with no special driver required.

Databases
56

E2B Code Interpreter

Provides secure cloud sandboxes for executing AI-generated code. Each sandbox is an isolated microVM with a full filesystem, network access, and package installation support. Exposes a Jupyter-style code interpreter interface for Python and JavaScript. Agents can upload files, run code, capture stdout/stderr/charts, and download results. Purpose-built for AI code generation use cases.

Developer Tools MCP
84

CrowdStrike Falcon API

CrowdStrike Falcon is the market-leading cloud-native endpoint detection and response (EDR/XDR) platform. Its comprehensive REST API spans 30+ service collections covering: Detections (alerts from the Falcon sensor on endpoints), Incidents (correlated detection chains), Hosts (device inventory, containment, remediation), Threat Intelligence (CrowdStrike Intel API for adversary profiles, indicators, reports), Real Time Response (RTR — live shell execution on endpoints via API), IOC Management (custom indicators of compromise), Prevention Policies (endpoint policy management), Discover (asset inventory and exposed credentials), and Spotlight (vulnerability exposure on endpoints). All API endpoints use OAuth 2.0 client credentials flow. Query operations use FQL (Falcon Query Language) — a CrowdStrike-proprietary filter syntax. Most list operations follow a two-step pattern: query IDs with GET /resource/v1/query, then fetch full entities with POST /resource/v1/entities/GET using those IDs. FalconPy is the official Python SDK. The API is used by MSSP/multi-tenant environments via the Flight Control parent/child CID model. Rate limits are enforced per service collection per OAuth client.

Security MCP
77

OpenSearch MCP Server (Official)

Official OpenSearch MCP server enabling AI agents to interact with OpenSearch clusters — executing search queries, managing indices, performing aggregations, and accessing OpenSearch's open-source fork of Elasticsearch for search and analytics.

Other MCP
78

Categories

All categories →

Developer Tools

IDEs, code editors, CI/CD, version control, debugging

1752 evaluated

Other

Uncategorized packages

837 evaluated

AI & Machine Learning

LLMs, embeddings, training, inference

332 evaluated

Security

Auth, secrets, scanning, compliance

103 evaluated

Productivity

Task management, calendars, notes, automation

72 evaluated

Finance

Payments, accounting, crypto, trading

69 evaluated

Communication

Email, messaging, notifications, chat

45 evaluated

Databases

SQL, NoSQL, vector databases, caching

43 evaluated

Cloud Infrastructure

AWS, GCP, Azure, serverless, hosting

39 evaluated

Stay in the loop

Get weekly updates on new evaluations, score changes, and ecosystem insights.

No spam. Unsubscribe anytime.

How Assay works

1

Discover

Agents continuously discover MCP servers, APIs, and SDKs across GitHub, npm, PyPI, and vendor docs.

2

Evaluate

Each package is scored across three dimensions — Agent Friendliness, Security, and Reliability — with detailed sub-scores for transparency.

3

Query

Agents (and developers) query the directory at runtime to select the right tool for the job — via REST API or MCP server.

Read the scoring methodology →
3933
Packages Evaluated
4010
Need Evaluation
173
Need Re-evaluation
Community Powered