toolhive-registry-server
Provides a standards-compliant MCP Registry Server with a central registry catalog and an Admin API for managing sources/registries/entries. It supports multiple backend data sources (API/Git/File/Managed/Kubernetes) and optional PostgreSQL storage, with OAuth/OIDC-based enterprise auth support.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security is positioned as 'secure by default' with OAuth/OIDC and granular admin roles. TLS enforcement is not explicitly stated in the excerpt (assumed best practice but not confirmed). Specific secret-handling practices, dependency vulnerability posture, and detailed authz checks are not observable from the provided text.
⚡ Reliability
Best When
You need an internal/external governance layer for MCP registries, with OAuth/OIDC security and support for multiple registry data sources (including Git/file and optional DB).
Avoid When
You cannot provide network-level security (HTTPS) or you need a simpler unauthenticated public registry without governance features.
Use Cases
- • Centralized discovery and governance of MCP servers and tool/skill metadata
- • Federating multiple MCP registry backends (upstream, internal Git/File, managed/custom, and Kubernetes discovery) into a unified catalog
- • Enterprise administration of registry sources and published entries with auditability
- • Integrating MCP clients with a single registry endpoint that implements the MCP Registry API v0.1
Not For
- • A lightweight, no-auth internal service with minimal operational overhead (it’s enterprise-oriented and may require DB/OIDC setup)
- • A real-time registry of highly dynamic tool availability where only on-demand sources aren’t sufficient
- • Workloads needing streaming/webhook event delivery rather than pull-based REST APIs
Interface
Authentication
README indicates OAuth/OIDC with roles such as manageSources/manageRegistries/manageEntries for Admin API write operations; exact scope names and token claims are not fully detailed in the provided excerpt.
Pricing
No hosted pricing information provided; appears to be a self-hosted open-source server.
Agent Metadata
Known Gotchas
- ⚠ Admin endpoints require appropriate roles (manageSources/manageRegistries/manageEntries). Agents without auth/roles may receive authorization failures.
- ⚠ Some data sources are on-demand (Managed/Kubernetes) rather than continuously synced, so results may differ from expectations during or immediately after startup.
- ⚠ Pagination behavior for list endpoints is not described in the provided excerpt; agents should not assume cursor-based pagination support without checking the full API reference.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for toolhive-registry-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.