toolhive-catalog

toolhive-catalog is a registry/catalog repository for listing Model Context Protocol (MCP) servers and reusable skills/workflows. It defines a directory structure and JSON/YAML schemas (e.g., server.json and SKILL.md) for contributors to add container-based (Docker/OCI) or remote (HTTP/HTTPS) MCP server endpoints and skill definitions.

Evaluated Mar 30, 2026 (21d ago)
Repo ↗ DevTools mcp model-context-protocol registry catalog tooling automation
⚙ Agent Friendliness
37
/ 100
Can an agent use this?
🔒 Security
42
/ 100
Is it safe for agents?
⚡ Reliability
15
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
35
Documentation
75
Error Messages
0
Auth Simplicity
80
Rate Limits
0

🔒 Security

TLS Enforcement
40
Auth Strength
45
Scope Granularity
35
Dep. Hygiene
30
Secret Handling
55

Catalog entries include guidance to avoid filesystem mounts (network permissions only) and to mark environment variables as secrets in server.json examples. However, this repo does not itself implement TLS enforcement, auth flows, or secret storage—those concerns apply to the referenced MCP servers and user/runtime configuration. No evidence of security controls like signature verification, dependency scanning, or hardened validation is provided in the README excerpt.

⚡ Reliability

Uptime/SLA
0
Version Stability
30
Breaking Changes
20
Error Recovery
10
AF Security Reliability

Best When

You want to standardize how MCP servers and skills are described so an orchestrator (ToolHive) can integrate them consistently.

Avoid When

You need a direct REST/GraphQL/SDK interface from this repo to call tools; you should use the MCP servers/skills that it references instead.

Use Cases

  • Discovering and reusing MCP server capabilities via a standardized registry format
  • Publishing MCP server metadata (tools list, tiers/status, container image identifiers, remote endpoints) for downstream ToolHive usage
  • Sharing prompt/workflow “skills” that reference specific server tools

Not For

  • Running an MCP server itself (it is a catalog/registry, not an execution service)
  • Providing a production API for querying the registry at runtime (no such API is described)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
No
Webhooks
No

Authentication

Methods: Registry entry publishing (via Git workflows implied, not specified as an API auth mechanism) MCP server authentication is described only as an example in server.json environmentVariables (e.g., API_KEY isRequired/isSecret) but no concrete auth flow is provided here
OAuth: No Scopes: No

This repository does not implement runtime authentication. It provides metadata fields where MCP server auth details may be documented for downstream users.

Pricing

Free tier: No
Requires CC: No

No pricing information is provided; it is a code/catalog repository.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • This is a registry/catalog; there is no described programmatic runtime interface for agents to call.
  • Downstream MCP server behavior is not controlled by this catalog; errors/retries/idempotency depend on each referenced MCP server implementation.
  • Transport and permissions guidance is provided, but the repo does not itself enforce these beyond validation/build steps.

Alternatives

Other MCP registry/catalog approaches (community-maintained lists) Direct integration to individual MCP servers (without a centralized registry)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for toolhive-catalog.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered