ai.byteray/byteray-mcp
ByteRay AI
Hunt zero-days by talking to binaries. 40+ tools. Hosted, OAuth + SSO, invite: hi@byteray.ai
Status
Healthy
Score
69.2
Transport
streamable-http
Tools
39
Production readiness
Verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Critical alerts
3
Production verdicts degrade quickly when critical alerts are active.
Evidence confidence
Confidence score
55.0
Based on 12 recent validations, 26 captured checks, and validation age of 552.5 hours.
Live checks captured
26
More direct checks increase trust in the current verdict.
Validation age
552.5h
Lower age means fresher evidence.
Recommended for
Claude Desktop
Claude Desktop is marked compatible with score 100.
Smithery
Smithery is marked compatible with score 80.
Generic Streamable HTTP
Generic Streamable HTTP is marked compatible with score 100.
Client readiness verdicts
Ready for ChatGPT custom connector
Partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• OKtransport_compliance_probe• Warningstep_up_auth_probe• Missingconnector_replay_probe• Missing — Frozen tool snapshots must survive refresh.request_association_probe• Missing — Roots, sampling, and elicitation should stay request-scoped.
Ready for Claude remote MCP
Ready
No major blockers detected.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• OKtransport_compliance_probe• Warning
Unsafe for write actions
Yes
High-risk write, exec, or destructive tools need stronger auth and confirmation semantics.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history
Disagreements: none
action_safety_probe• Error
Snapshot churn risk
Medium
The live tool surface changed between recent validations.
Confidence: medium (55.0)
Evidence provenance
Winner: history
Supporting sources: history, live_validation
Disagreements: none
tool_snapshot_probe• Missingconnector_replay_probe• Missing
Why not ready by client
ChatGPT custom connector
Partial
Remediation checklist
- No explicit blockers recorded.
Claude remote MCP
Ready
Remediation checklist
- No explicit blockers recorded.
Write-safe publishing
Blocked
Remediation checklist
- No explicit blockers recorded.
Verdict traces
Production verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Confidence: medium (55.0)
Winning source: live_validation
Triggering alerts
validation_stale• medium • Validation evidence is staletool_snapshot_changed• high • Tool snapshot changedauth_mode_changed• high • Auth mode changedwrite_action_surface_expanded• high • Write-action surface expanded
Client verdict trace table
| Verdict | Status | Checks | Winning source | Conflicts |
|---|---|---|---|---|
openai_connectors |
Partial | initialize, tools_list, transport_compliance_probe, step_up_auth_probe, connector_replay_probe, request_association_probe | live_validation | none |
claude_desktop |
Ready | initialize, tools_list, transport_compliance_probe | live_validation | none |
unsafe_for_write_actions |
Yes | action_safety_probe | live_validation | none |
snapshot_churn_risk |
Medium | tool_snapshot_probe, connector_replay_probe | history | none |
Publishability policy profiles
ChatGPT custom connector publishability
Caution
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
- Search Fetch Only: No
- Write Actions Present: Yes
- Oauth Configured: No
- Admin Refresh Required: Yes
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Claude remote MCP publishability
Ready
Transport, discovery, and remote-MCP assumptions are satisfied.
- Search Fetch Only: No
- Write Actions Present: Yes
- Oauth Configured: No
- Admin Refresh Required: Yes
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Compatibility fixtures
ChatGPT custom connector fixture
Degraded
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
- remote_http_endpoint: Passes
- oauth_discovery: Degraded
- frozen_tool_snapshot_refresh: Passes
- request_association: Passes
Anthropic remote MCP fixture
Passes
Remote MCP transport and discovery assumptions are satisfied.
- remote_transport: Passes
- tool_discovery: Passes
- auth_connect: Passes
- safe_write_review: Degraded
Authenticated validation sessions
Latest profile
remote_mcp
Authenticated session used
Public score isolation
Preview endpoint
/v1/verifyCI preview endpoint
/v1/ci/previewPublic server reputation
Validation success 7d
n/a
Validation success 30d
0.08
Mean time to recover
93.86h
Breaking diffs 30d
1
Registry drift frequency 30d
0
Snapshot changes 30d
1
Incident & change feed
| Timestamp | Event | Details |
|---|---|---|
| Apr 11, 2026 05:25:41 AM UTC | Latest validation: healthy | Score 69.2 with status healthy. |
| Apr 11, 2026 05:25:41 AM UTC | Validation summary changed | Summary moved from failing to healthy. |
| Apr 11, 2026 05:25:41 AM UTC | Score changed | Score delta +19.9 versus the previous run. |
| Apr 11, 2026 05:25:41 AM UTC | Tool snapshot changed | Added 25, removed 0, and changed 0 tool contracts. |
| Apr 11, 2026 05:25:41 AM UTC | Auth mode changed | Auth mode moved from unknown to public. |
| Apr 10, 2026 08:07:48 PM UTC | Score changed | Score delta +0.0 versus the previous run. |
| Apr 10, 2026 10:55:54 AM UTC | Score changed | Score delta +0.0 versus the previous run. |
Capabilities
- OAuth:
- DCR/CIMD:
- Prompts:
- Homepage: https://byteray.ai
- Docs: none
- Support: none
- Icon: none
- Remote endpoint: https://mcp.byteray.ai/mcp
- Server card: none
Use-case taxonomy
development search web security
Security posture
Tools analyzed
39
High-risk tools
6
Destructive tools
0
Exec tools
1
Egress tools
0
Secret tools
38
Bulk-access tools
5
Risk distribution
medium:33, high:6
Tool capability & risk inventory
| Tool | Capabilities | Risk | Findings | Notes |
|---|---|---|---|---|
ask_ai |
read write network secrets | Medium | secret material access | No explicit safeguard hints detected. |
check_sanitization |
read write filesystem secrets | Medium | secret material access filesystem mutation | No explicit safeguard hints detected. |
find_attack_surface |
filesystem secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_binary_info |
read write network secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_call_tree |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_code_blocks |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_control_flow |
read write secrets export | High | bulk data access secret material access | No explicit safeguard hints detected. |
get_file_hash |
read write filesystem secrets | Medium | secret material access filesystem mutation | No explicit safeguard hints detected. |
get_function_detail |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_references_from |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_references_to |
read write secrets | Medium | secret material access | No explicit safeguard hints detected. |
get_strings |
read write secrets export | Medium | bulk data access secret material access | Safeguards hinted in metadata. |
get_variables |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
goto_address |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
inspect_address |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
list_exports |
read secrets export | High | bulk data access secret material access | No explicit safeguard hints detected. |
list_functions |
read write secrets export | Medium | bulk data access secret material access | Safeguards hinted in metadata. |
list_imports |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
list_sections |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
list_segments |
read write filesystem admin secrets | High | secret material access filesystem mutation admin mutation | No explicit safeguard hints detected. |
list_symbols |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
navigate_cfg |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
open_binary |
write filesystem secrets | High | secret material access freeform input surface filesystem mutation | No explicit safeguard hints detected. |
read_assembly |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
read_block |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
read_lifted_il |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
read_memory |
read secrets export | High | bulk data access secret material access | No explicit safeguard hints detected. |
read_pseudocode |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
read_ssa_form |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
resolve_name |
secrets | Medium | secret material access | No explicit safeguard hints detected. |
search_bytes |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
search_constants |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
search_strings |
read write secrets | Medium | secret material access | No explicit safeguard hints detected. |
trace_data_flow |
read exec secrets | High | command execution secret material access | No explicit safeguard hints detected. |
trace_ssa_step |
read secrets | Medium | secret material access | No explicit safeguard hints detected. |
trace_variable |
secrets | Medium | secret material access | No explicit safeguard hints detected. |
upload_binary |
read write filesystem | Medium | freeform input surface filesystem mutation | No explicit safeguard hints detected. |
what_calls |
secrets | Medium | secret material access | No explicit safeguard hints detected. |
who_calls |
write admin secrets | Medium | secret material access admin mutation | No explicit safeguard hints detected. |
Write-action governance
Governance status
Error
Safe to publish
Auth boundary
public_or_unclear
Blast radius
High
High-risk tools
6
Confirmation signals
none
Safeguard count
2
Status detail: 6 high-risk tool(s), 1 exec-capable tool(s) are exposed without a clear auth boundary; 2 safeguard(s) and 0 confirmation signal(s) detected.
| Tool | Risk | Flags | Safeguards |
|---|---|---|---|
get_control_flow |
High | bulk data access secret material access | no |
list_exports |
High | bulk data access secret material access | no |
list_segments |
High | secret material access filesystem mutation admin mutation | no |
open_binary |
High | secret material access freeform input surface filesystem mutation | no |
read_memory |
High | bulk data access secret material access | no |
trace_data_flow |
High | command execution secret material access | no |
Action-controls diff
Snapshot changed
yes
Disabled-by-default candidates
get_control_flow list_exports list_segments open_binary
Manual review candidates
get_control_flow list_exports list_segments open_binary
New actions
| Action | Risk | Flags |
|---|---|---|
ask_ai | Medium | secret material access |
check_sanitization | Medium | secret material access filesystem mutation |
find_attack_surface | Medium | secret material access |
get_binary_info | Medium | secret material access |
get_call_tree | Medium | secret material access |
get_code_blocks | Medium | secret material access |
get_control_flow | High | bulk data access secret material access |
get_file_hash | Medium | secret material access filesystem mutation |
get_function_detail | Medium | secret material access |
get_references_from | Medium | secret material access |
get_references_to | Medium | secret material access |
get_strings | Medium | bulk data access secret material access |
get_variables | Medium | secret material access |
goto_address | Medium | secret material access |
inspect_address | Medium | secret material access |
list_exports | High | bulk data access secret material access |
list_functions | Medium | bulk data access secret material access |
list_imports | Medium | secret material access |
list_sections | Medium | secret material access |
list_segments | High | secret material access filesystem mutation admin mutation |
list_symbols | Medium | secret material access |
navigate_cfg | Medium | secret material access |
open_binary | High | secret material access freeform input surface filesystem mutation |
read_assembly | Medium | secret material access |
read_block | Medium | secret material access |
Changed actions
| Action | Change types | Risk |
|---|---|---|
| No materially changed actions. | ||
Why this score?
Access & Protocol
32/44
Connectivity, auth, and transport expectations for common clients.
Interface Quality
32/56
How well the tool/resource interface communicates and behaves under automation.
Security Posture
27.4/36
How safely the exposed tool surface handles destructive actions, egress, execution, secrets, and risky inputs.
Reliability & Trust
16.82/24
Operational stability, consistency, and trustworthiness over time.
Discovery & Governance
21.5/28
How well the server is documented, listed, and governed in public registries.
Adoption & Market
6/8
Adoption clues and public evidence that the server is intended for external use.
Algorithmic score breakdown
Auth Operability
2/4
Measures whether auth discovery and protected access behave predictably for clients.
Error Contract Quality
0/4
Grades machine-readable error structure, status alignment, and remediation hints.
Rate-Limit Semantics
2/4
Checks whether quota/throttle responses are deterministic and automation-friendly.
Schema Completeness
2/4
Completeness of tool descriptions, parameter docs, examples, and schema shape.
Backward Compatibility
1.5/4
Stability score across tool schema/name drift relative to prior validations.
SLO Health
2/4
Availability, latency, and burst-failure profile across recent validation history.
Security Hygiene
4/4
HTTPS posture, endpoint hygiene, and response-surface hardening checks.
Task Success
4/4
Can an agent reliably initialize, enumerate tools, and execute core MCP flows?
Trust Confidence
1.3/4
Confidence-adjusted reliability score that penalizes low evidence volume.
Abuse/Noise Resilience
4/4
How well the server preserves core behavior in the presence of noisy traffic patterns.
Prompt Contract
2/4
Quality of prompt metadata, argument shape, and prompt discoverability for clients.
Resource Contract
2/4
How completely resources and resource templates describe URIs, types, and usage shape.
Discovery Metadata
4/4
Homepage, docs, icon, repository, support, and license coverage for directory consumers.
Registry Consistency
2/4
Agreement between stored registry metadata, live server-card data, and current validation output.
Installability
3/4
How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.
Session Semantics
4/4
Determinism and state behavior across repeated MCP calls, including sticky-session surprises.
Tool Surface Design
3/4
Naming clarity, schema ergonomics, and parameter complexity across the tool surface.
Result Shape Stability
2/4
Stability of declared output schemas across validations, with penalties for drift or missing shapes.
OAuth Interop
3/4
Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.
Recovery Semantics
0/4
Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.
Maintenance Signal
3/4
Versioning, update recency, and historical validation cadence that indicate active stewardship.
Adoption Signal
3/4
Directory presence and distribution clues that suggest the server is intended for external use.
Freshness Confidence
4/4
Confidence that recent validations are current enough and dense enough to trust operationally.
Transport Fidelity
4/4
Whether declared transport metadata matches the observed endpoint behavior and response formats.
Spec Recency
3/4
How close the server’s claimed MCP protocol version is to the latest known public revision.
Session Resume
3/4
Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.
Step-Up Auth
3/4
Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.
Transport Compliance
2/4
Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.
Utility Coverage
2/4
Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.
Advanced Capability Coverage
3/4
Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.
Connector Publishability
3/4
How ready the server looks for client catalogs and managed connector programs.
Tool Snapshot Churn
3/4
Stability of the tool surface across recent validations, including add/remove and output-shape drift.
Connector Replay
3/4
Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.
Request Association
3/4
Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.
Interactive Flow Safety
3/4
Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.
Action Safety
2/4
Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.
Official Registry Presence
4/4
Whether the server appears directly or indirectly in the official MCP registry.
Provenance Divergence
4/4
How closely official registry metadata, the live server card, and public repo/package signals agree with each other.
Safety Transparency
2/4
Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.
Tool Capability Clarity
4/4
How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.
Destructive Operation Safety
3/4
Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.
Egress / SSRF Resilience
3/4
Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.
Execution / Sandbox Safety
2/4
Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.
Data Exfiltration Resilience
3.7/4
Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.
Least Privilege Scope
2/4
Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.
Secret Handling Hygiene
3.7/4
Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.
Supply Chain Signal
2.5/4
Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.
Input Sanitization Safety
3/4
Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.
Tool Namespace Clarity
4/4
Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.
Compatibility profiles
OpenAI Connectors
77.8
partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
Connector URL: https://mcp.byteray.ai/mcp # No OAuth metadata detected. # Server: ai.byteray/byteray-mcp
Claude Desktop
100.0
compatible
No major blockers detected.
{
"mcpServers": {
"byteray-mcp": {
"command": "npx",
"args": ["mcp-remote", "https://mcp.byteray.ai/mcp"]
}
}
}
Smithery
80.0
compatible
Machine-readable failure semantics should be present.
smithery mcp add "https://mcp.byteray.ai/mcp"
Generic Streamable HTTP
100.0
compatible
No major blockers detected.
curl -sS https://mcp.byteray.ai/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Actionable remediation
| Severity | Remediation | Why it matters | Recommended action |
|---|---|---|---|
| High | Add confirmation and dry-run semantics for risky actions | High-risk write, delete, exec, or egress tools should communicate safeguards clearly. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Align session and protocol behavior with Streamable HTTP expectations | Clients increasingly rely on MCP-Protocol-Version, session teardown, and expired-session semantics. | Align MCP-Protocol-Version, MCP-Session-Id, DELETE teardown, and expired-session handling with the transport spec.Playbook
|
| High | Associate roots, sampling, and elicitation with active client requests | Modern MCP guidance expects roots, sampling, and elicitation traffic to be tied to an active client request instead of arriving unsolicited on idle sessions. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Expose /.well-known/oauth-protected-resource | Without a protected-resource document, OAuth clients cannot discover auth requirements reliably. | Serve /.well-known/oauth-protected-resource and point it at your authorization server metadata.Playbook
|
| High | Keep connector refreshes backward compatible | Managed connector clients freeze tool snapshots, so removed tools, new required args, and breaking output changes can break published integrations after refresh. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Publish OAuth authorization-server metadata | Clients need authorization-server metadata to discover issuer, endpoints, and DCR support. | Publish /.well-known/oauth-authorization-server from your issuer and include registration_endpoint when supported.Playbook
|
| High | Publish a complete server card | Missing or incomplete server-card metadata weakens discovery, documentation, and trust signals. | Serve /.well-known/mcp/server-card.json and include tools, prompts/resources, homepage, and support links.Playbook
|
| High | Respond to auth mode changed | Auth mode changed from unknown to public. | Document the new auth posture and confirm protected-resource and challenge metadata still match reality.Playbook
|
| High | Respond to tool snapshot changed | Tools were added, removed, or materially changed between the latest two validations. | Publish a first-class changelog for tool additions, removals, and breaking schema changes.Playbook
|
| High | Respond to write-action surface expanded | The number of high-risk write, delete, exec, or bulk-access tools increased on the latest run. | Review the newly exposed write and destructive actions before publishing them broadly.Playbook
|
| High | Stop asking users to paste secrets directly | Public MCP servers should prefer OAuth or browser-based auth guidance over in-band secret collection. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Adopt a current MCP protocol revision | Older protocol revisions reduce compatibility with newer clients and registry programs. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Close connector-publishing gaps | Connector catalogs care about protocol recency, session behavior, auth clarity, and tool-surface stability. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Document minimal scopes and return cleaner auth challenges | Modern clients expect granular scopes and step-up auth signals such as WWW-Authenticate scope hints. | Return granular scopes and WWW-Authenticate challenge hints instead of forcing overly broad auth upfront.Playbook
|
| Medium | Publish OpenID configuration | OIDC metadata improves token validation and client compatibility. | Expose /.well-known/openid-configuration with issuer, jwks_uri, and supported grants.Playbook
|
| Medium | Reduce tool-surface churn | Frequent add/remove or output-shape drift makes published connectors and cached tool snapshots brittle. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Respond to validation evidence is stale | Latest validation is 552.5 hours old. | Trigger a fresh validation run or increase scheduler priority for this server.Playbook
|
| Medium | Support resumable HTTP sessions cleanly | Modern MCP clients increasingly expect resumable session behavior on streamable HTTP transports. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Low | Expose modern utility surfaces like completions, pagination, or tasks | Utility coverage improves interoperability with larger clients and long-lived agent workflows. | Expose completions, pagination, and task metadata where supported so larger clients can plan and resume work safely.Playbook
|
| Low | Publish newer MCP capability signals | Roots, sampling, elicitation, structured outputs, and related metadata improve client understanding and ranking. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
Point loss breakdown
| Component | Current | Points missing |
|---|---|---|
| Recovery Semantics | 0/4 | -4.0 |
| Error Contract | 0/4 | -4.0 |
| Trust Confidence | 1.3/4 | -2.7 |
| Backward Compatibility | 1.5/4 | -2.5 |
| Utility Coverage | 2/4 | -2.0 |
| Transport Compliance | 2/4 | -2.0 |
| SLO Health | 2/4 | -2.0 |
| Schema Completeness | 2/4 | -2.0 |
| Safety Transparency | 2/4 | -2.0 |
| Result Shape Stability | 2/4 | -2.0 |
| Resource Contract | 2/4 | -2.0 |
| Registry Consistency | 2/4 | -2.0 |
Validation diff
Score delta
19.9
Summary changed
yes
Tool delta
39
Prompt delta
0
Auth mode changed
yes
Write surface expanded
yes
Protocol regressed
no
Registry drift changed
no
Regressed checks: action_safety_probe
Improved checks: connector_publishability_probe, determinism_probe, initialize, prompts_list, resources_list, tools_list, transport_compliance_probe
| Component | Previous | Latest | Delta |
|---|---|---|---|
session_semantics_score | 4.0 | 4.0 | |
tool_capability_clarity_score | 4.0 | 4.0 | |
tool_namespace_clarity_score | 4.0 | 4.0 | |
input_sanitization_safety_score | 3.0 | 3.0 | |
oauth_interop_score | 3.0 | 3.0 | |
tool_snapshot_churn_score | 3.0 | 3.0 | |
tool_surface_design_score | 3.0 | 3.0 | |
backward_compatibility_score | 4.0 | 1.5 | -2.5 |
Tool snapshot diff & changelog
Snapshot changed
yes
Added tools
ask_ai check_sanitization find_attack_surface get_binary_info get_call_tree get_code_blocks get_control_flow get_file_hash get_function_detail get_references_from get_references_to get_strings get_variables goto_address inspect_address list_exports list_functions list_imports list_sections list_segments list_symbols navigate_cfg open_binary read_assembly read_block
Removed tools
none
Required-argument changes
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument changes detected. | ||
Output-schema drift
| Tool | Previous properties | Latest properties |
|---|---|---|
| No output-schema drift detected. | ||
Connector replay
Status
Missing
Backward compatible
Would break after refresh
Added tools
none
Removed tools
none
Additive output changes
none
Required-argument replay breaks
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument replay breaks detected. | ||
Output-schema replay breaks
| Tool | Removed properties | Added properties |
|---|---|---|
| No output-schema replay breaks detected. | ||
Transport compliance drilldown
Probe status
Warning
Transport
streamable-http
Session header
no
Protocol header
no
Bad protocol response
400
DELETE teardown
n/a
Expired session retry
n/a
Last-Event-ID visible
no
Issues: missing_session_id, missing_protocol_header
Request association
Status
Missing
Advertised capabilities
none
Observed idle methods
none
Violating methods
none
Probe HTTP status
n/a
Issues
none
Utility coverage
Probe status
Missing
Completions
not detected
Completion probe target: none
Pagination
not detected
No nextCursor evidence.
Tasks
Missing
Advertised: no
Benchmark tasks
| Benchmark task | Status | Evidence |
|---|---|---|
| Discover tools | Passes |
|
| Read-only fetch flow | Likely to fail |
|
| OAuth-required connect | Degraded |
|
| Safe write flow with confirmation | Likely to fail |
|
Registry & provenance divergence
Probe status
OK
Direct official match
yes
Drift fields
none
| Field | Registry | Live server card |
|---|---|---|
| Title | n/a | n/a |
| Version | n/a | n/a |
| Homepage | n/a | n/a |
Active alerts
- Validation evidence is stale (medium)
Latest validation is 552.5 hours old. - Tool snapshot changed (high)
Tools were added, removed, or materially changed between the latest two validations. - Auth mode changed (high)
Auth mode changed from unknown to public. - Write-action surface expanded (high)
The number of high-risk write, delete, exec, or bulk-access tools increased on the latest run.
Aliases & registry graph
| Identifier | Source | Canonical | Score |
|---|---|---|---|
ai.byteray/byteray-mcp |
official_registry | yes | 69.24 |
Alias consolidation
Canonical identifier
ai.byteray/byteray-mcp
Duplicate aliases
0
Registry sources
official_registry
Remote URLs
Homepages
Source disagreements
| Field | What differs | Observed values |
|---|---|---|
| No source disagreements detected. | ||
Install snippets
Openai Connectors
Connector URL: https://mcp.byteray.ai/mcp # No OAuth metadata detected. # Server: ai.byteray/byteray-mcp
Claude Desktop
{
"mcpServers": {
"byteray-mcp": {
"command": "npx",
"args": ["mcp-remote", "https://mcp.byteray.ai/mcp"]
}
}
}
Smithery
smithery mcp add "https://mcp.byteray.ai/mcp"
Generic Http
curl -sS https://mcp.byteray.ai/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Agent access & tool surface
Live server tools
ask_ai check_sanitization find_attack_surface get_binary_info get_call_tree get_code_blocks get_control_flow get_file_hash
Observed from the latest live validation against https://mcp.byteray.ai/mcp. This is the target server surface, not Verify's own inspection tools.
Live capability counts
39 tools • 0 prompts • 0 resources
Counts come from the latest
tools/list, prompts/list, and resources/list checks.Inspect with Verify
search_servers recommend_servers get_server_report compare_servers
Use Verify itself to search, recommend, compare, and fetch the full report for
ai.byteray/byteray-mcp.Direct machine links
Claims & monitoring
Server ownership
No verified maintainer claim recorded.
Watch subscriptions
0
Teams: none
Alert routing
Active watches
0
Generic webhooks
0
Slack routes
0
Teams routes
0
Email routes
0
| Watch | Team | Channels | Minimum severity |
|---|---|---|---|
| No active watch destinations. | |||
Maintainer analytics
Validation Run Count
12
Average Latency Ms
2600.45
Healthy Run Ratio Recent
0.1
Registry Presence Count
1
Active Alert Count
4
Watcher Count
0
Verified Claim
False
Taxonomy Tags
development, search, web, security
Score Trend
69.24, 49.34, 49.3, 49.26, 49.22, 49.48, 49.46, 48.16, 48.05, 47.93
Remediation Count
20
High Risk Tool Count
6
Destructive Tool Count
0
Exec Tool Count
1
Maintainer response quality
Score
0
Verified claim
Support contact
Changelog present
Incident notes present
Tool changes documented
Annotation history
Annotation count
0
Maintainer annotations
No maintainer annotations have been recorded yet.
Maintainer rebuttals & expected behavior
No maintainer rebuttals or expected-behavior overrides are recorded yet.
Latest validation evidence
Latest summary
Healthy
Validation profile
remote_mcp
Started
Apr 11, 2026 05:25:39 AM UTC
Latency
1923.6 ms
Failures
oauth_authorization_serverno authorization serveroauth_protected_resourceClient error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404openid_configurationno authorization serverserver_cardClient error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404
Checks
| Check | Status | Latency | Evidence |
|---|---|---|---|
action_safety_probe |
Error | n/a | 6 high-risk, 1 exec-capable tool(s); no clear auth boundary; safeguards=2; confirmation=none. |
advanced_capabilities_probe |
Warning | n/a | Only 2 capability signal(s): prompts, resources. |
connector_publishability_probe |
Warning | n/a | Publishability blockers: action safety, server card. |
connector_replay_probe |
Missing | n/a | No connector replay evidence recorded. |
determinism_probe |
OK | 103.2 ms | Check completed |
initialize |
OK | 298.9 ms | Protocol 2025-06-18 |
interactive_flow_probe |
Missing | n/a | Check completed |
oauth_authorization_server |
Missing | n/a | no authorization server |
oauth_protected_resource |
Error | 272.6 ms | Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
official_registry_probe |
OK | n/a | Check completed |
openid_configuration |
Missing | n/a | no authorization server |
probe_noise_resilience |
OK | 267.0 ms | Fetched https://mcp.byteray.ai/robots.txt |
prompt_get |
Missing | n/a | not advertised |
prompts_list |
OK | 101.1 ms | 0 prompt(s) exposed |
protocol_version_probe |
Warning | n/a | Claims 2025-06-18; 1 release(s) behind 2025-11-25. |
provenance_divergence_probe |
OK | n/a | Check completed |
request_association_probe |
Missing | n/a | No request-association capabilities were advertised. |
resource_read |
Missing | n/a | not advertised |
resources_list |
OK | 102.7 ms | 0 resource item(s) exposed |
server_card |
Error | 355.1 ms | Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
session_resume_probe |
Warning | n/a | no session id |
step_up_auth_probe |
Missing | n/a | No OAuth or incremental-scope signals detected. |
tool_snapshot_probe |
Missing | n/a | no historical snapshot |
tools_list |
OK | 103.2 ms | 39 tool(s) exposed |
transport_compliance_probe |
Warning | 94.5 ms | Issues: missing session id, missing protocol header (bad protocol=400). |
utility_coverage_probe |
Missing | 101.8 ms | No completions evidence; no pagination evidence; tasks missing. |
Raw evidence view
Show raw JSON evidence
{
"checks": {
"action_safety_probe": {
"details": {
"auth_present": false,
"confirmation_signals": [],
"safeguard_count": 2,
"summary": {
"bulk_access_tools": 5,
"capability_distribution": {
"admin": 2,
"exec": 1,
"export": 5,
"filesystem": 6,
"network": 2,
"read": 33,
"secrets": 38,
"write": 13
},
"destructive_tools": 0,
"egress_tools": 0,
"exec_tools": 1,
"high_risk_tools": 6,
"risk_distribution": {
"critical": 0,
"high": 6,
"low": 0,
"medium": 33
},
"secret_tools": 38,
"tool_count": 39
}
},
"latency_ms": null,
"status": "error"
},
"advanced_capabilities_probe": {
"details": {
"capabilities": {
"completions": false,
"elicitation": false,
"prompts": true,
"resource_links": false,
"resources": true,
"roots": false,
"sampling": false,
"structured_outputs": false
},
"enabled": [
"prompts",
"resources"
],
"enabled_count": 2,
"initialize_capability_keys": [
"tools"
]
},
"latency_ms": null,
"status": "warning"
},
"connector_publishability_probe": {
"details": {
"blockers": [
"action_safety",
"server_card"
],
"criteria": {
"action_safety": false,
"auth_flow": true,
"connector_replay": true,
"initialize": true,
"protocol_version": true,
"remote_transport": true,
"request_association": true,
"server_card": false,
"session_resume": true,
"step_up_auth": true,
"tool_surface": true,
"tools_list": true,
"transport_compliance": true
},
"high_risk_tools": 6,
"tool_count": 39,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "warning"
},
"connector_replay_probe": {
"details": {
"reason": "no_historical_snapshot"
},
"latency_ms": null,
"status": "missing"
},
"determinism_probe": {
"details": {
"attempts": 2,
"baseline_signature": "aab3078bbe086c9b9af4aed7cee36e2d8eac03bc17c8ac84f5973376b6ca67bd",
"errors": [],
"matches": 2,
"stable_ratio": 1.0,
"successful": 2
},
"latency_ms": 103.25,
"status": "ok"
},
"initialize": {
"details": {
"headers": {
"content-type": "application/json"
},
"http_status": 200,
"payload": {
"id": 1,
"jsonrpc": "2.0",
"result": {
"capabilities": {
"tools": {}
},
"instructions": "Binary vulnerability analysis server. Call open_binary first, then use the returned session_id for all other tools.",
"protocolVersion": "2025-06-18",
"serverInfo": {
"name": "byteray-mcp",
"version": "0.1.0"
}
}
},
"url": "https://mcp.byteray.ai/mcp"
},
"latency_ms": 298.94,
"status": "ok"
},
"interactive_flow_probe": {
"details": {
"oauth_supported": false,
"prompt_available": false,
"risk_hits": [],
"safe_hits": []
},
"latency_ms": null,
"status": "missing"
},
"oauth_authorization_server": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"oauth_protected_resource": {
"details": {
"error": "Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://mcp.byteray.ai/.well-known/oauth-protected-resource"
},
"latency_ms": 272.63,
"status": "error"
},
"official_registry_probe": {
"details": {
"direct_match": true,
"official_peer_count": 1,
"registry_identifier": "ai.byteray/byteray-mcp",
"registry_source": "official_registry"
},
"latency_ms": null,
"status": "ok"
},
"openid_configuration": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"probe_noise_resilience": {
"details": {
"headers": {
"content-type": "text/plain; charset=utf-8"
},
"http_status": 200,
"url": "https://mcp.byteray.ai/robots.txt"
},
"latency_ms": 267.03,
"status": "ok"
},
"prompt_get": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"prompts_list": {
"details": {
"headers": {
"content-type": "application/json"
},
"http_status": 200,
"payload": {
"id": 3,
"jsonrpc": "2.0",
"result": {
"prompts": []
}
},
"url": "https://mcp.byteray.ai/mcp"
},
"latency_ms": 101.08,
"status": "ok"
},
"protocol_version_probe": {
"details": {
"claimed_version": "2025-06-18",
"lag_days": 160,
"latest_known_version": "2025-11-25",
"releases_behind": 1,
"validator_protocol_version": "2025-03-26"
},
"latency_ms": null,
"status": "warning"
},
"provenance_divergence_probe": {
"details": {
"direct_official_match": true,
"drift_fields": [],
"metadata_document_count": 2,
"registry_homepage": null,
"registry_repository": null,
"registry_title": null,
"registry_version": null,
"server_card_homepage": null,
"server_card_repository": null,
"server_card_title": null,
"server_card_version": null
},
"latency_ms": null,
"status": "ok"
},
"request_association_probe": {
"details": {
"reason": "no_request_association_capabilities_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resource_read": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resources_list": {
"details": {
"headers": {
"content-type": "application/json"
},
"http_status": 200,
"payload": {
"id": 5,
"jsonrpc": "2.0",
"result": {
"resources": []
}
},
"url": "https://mcp.byteray.ai/mcp"
},
"latency_ms": 102.69,
"status": "ok"
},
"server_card": {
"details": {
"error": "Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://mcp.byteray.ai/.well-known/mcp/server-card.json"
},
"latency_ms": 355.08,
"status": "error"
},
"session_resume_probe": {
"details": {
"protocol_version": "2025-06-18",
"reason": "no_session_id",
"resume_expected": true,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "warning"
},
"step_up_auth_probe": {
"details": {
"auth_required_checks": [],
"broad_scopes": [],
"challenge_headers": [],
"minimal_scope_documented": false,
"oauth_present": false,
"scope_specificity_ratio": 0.0,
"step_up_signals": [],
"supported_scopes": []
},
"latency_ms": null,
"status": "missing"
},
"tool_snapshot_probe": {
"details": {
"current_tool_count": 39,
"reason": "no_historical_snapshot"
},
"latency_ms": null,
"status": "missing"
},
"tools_list": {
"details": {
"headers": {
"content-type": "application/json"
},
"http_status": 200,
"payload": {
"id": 2,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"description": "Returns session context for the binary (metadata, security flags, findings count). By default only returns context so the calling LLM can reason about it directly. Set use_ai=true to additionally call the Anthropic API for a threat-model analysis (requires ANTHROPIC_API_KEY; costs extra tokens).",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"question": {
"description": "Your question about the binary or analysis",
"type": "string"
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"use_ai": {
"description": "Set to true to call the Anthropic API for AI analysis. Default false\nreturns session context only (recommended when an LLM is already driving\nthe conversation, to avoid burning extra API tokens).",
"type": [
"boolean",
"null"
]
}
},
"required": [
"session_id",
"question"
],
"title": "AskAiArgs",
"type": "object"
},
"name": "ask_ai"
},
{
"description": "Analyze code around an address for sanitization and validation patterns. Detects bounded copy functions (strncpy, snprintf), input validation (isalnum, isdigit), encoding/escaping, parameterized queries, path canonicalization, numeric conversion, bounds checks (sizeof comparisons), null termination, and return value checking. Returns confidence level and evidence list.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address within the code to check for sanitization patterns",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"context_blocks": {
"description": "Number of surrounding basic blocks to include in the analysis (default 2)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "CheckSanitizationArgs",
"type": "object"
},
"name": "check_sanitization"
},
{
"description": "Scan the binary for potential source and sink functions. Categorizes them by vulnerability type (command injection, buffer overflow, format string, path traversal, etc.). Includes firmware-specific sources/sinks. Returns suggestions for where to focus analysis.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "find_attack_surface"
},
{
"description": "Get cached triage data for an already-opened binary. Includes security posture (PIE, NX, canary, RELRO), compiler hints, firmware detection (VxWorks, UEFI, bare-metal).",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "get_binary_info"
},
{
"description": "Build a multi-level call tree. \"callers\" walks upward (who calls this function, and who calls them). \"callees\" walks downward (what does this function call, and what do they call). Use to answer \"how does main reach system?\" or \"what vulnerable functions does this handler call?\".",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Function address to start from",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"depth": {
"description": "How many levels deep to traverse (default 3, max 5)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"direction": {
"description": "Direction: \"callers\" (who calls this?) or \"callees\" (what does this call?)",
"type": [
"string",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "CallTreeArgs",
"type": "object"
},
"name": "get_call_tree"
},
{
"description": "Get basic blocks of a function: start/end addresses, block size, outgoing edges (branch targets), incoming edges.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "get_code_blocks"
},
{
"description": "Get a control flow graph diagram (Mermaid or DOT format) for a function. Shows how execution flows through blocks, branches, and loops.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Function address",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"format": {
"description": "Output format: \"mermaid\" or \"dot\" (default \"mermaid\")",
"type": [
"string",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "ControlFlowArgs",
"type": "object"
},
"name": "get_control_flow"
},
{
"description": "Compute and return file hashes: SHA-256, SHA-1, MD5. Also returns file size.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "get_file_hash"
},
{
"description": "Detailed info for one function: name, address, size, type signature, parameters, stack frame layout, calling convention, whether it can return, whether it is a thunk.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "get_function_detail"
},
{
"description": "Find all code and data references FROM an address. Answers \"what does this instruction reference?\"",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "get_references_from"
},
{
"description": "Find all code and data references TO an address. Answers \"who reads/writes/calls this?\"",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "get_references_to"
},
{
"description": "Get all strings found in the binary with addresses and types. Supports filter, min_length, offset/limit for pagination.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"filter": {
"description": "Filter string (substring match)",
"type": [
"string",
"null"
]
},
"limit": {
"description": "Max results",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"min_length": {
"description": "Minimum string length (default 4)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"offset": {
"description": "Pagination offset",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "GetStringsArgs",
"type": "object"
},
"name": "get_strings"
},
{
"description": "Get all variables for a function: parameters, local stack variables, register variables.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "get_variables"
},
{
"description": "Navigate to an address and show what is there (section, function, symbol) plus the code at that location. Combines inspect_address and code viewing in one call. The \"goto\" operation for reverse engineers.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address to navigate to",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"view": {
"description": "Code view: \"pseudocode\" (default), \"assembly\", or \"ssa\"",
"type": [
"string",
"null"
]
}
},
"required": [
"session_id",
"address"
],
"title": "GotoAddressArgs",
"type": "object"
},
"name": "goto_address"
},
{
"description": "Inspect what exists at a given address: section, segment, function, symbol, string, data variable.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "inspect_address"
},
{
"description": "List all exported symbols with addresses.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "list_exports"
},
{
"description": "List all functions with name, address, size, parameter count. Supports filter (name substring), offset/limit for pagination.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"filter": {
"description": "Optional name filter (substring match)",
"type": [
"string",
"null"
]
},
"limit": {
"description": "Max results to return (default 200)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"offset": {
"description": "Pagination offset (default 0)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "ListFunctionsArgs",
"type": "object"
},
"name": "list_functions"
},
{
"description": "List all imported functions with library names and addresses. Shows what external APIs the binary uses.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "list_imports"
},
{
"description": "List binary sections: name, address range, size, semantics.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "list_sections"
},
{
"description": "List memory segments: address range, file offset, data length, read/write/execute permissions.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID from open_binary",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "SessionArgs",
"type": "object"
},
"name": "list_segments"
},
{
"description": "List all symbols, optionally filtered by type: function, import, data, external.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID",
"type": "string"
},
"type": {
"description": "Symbol type filter: \"function\", \"import\", \"data\", \"external\"",
"type": [
"string",
"null"
]
}
},
"required": [
"session_id"
],
"title": "SymbolsArgs",
"type": "object"
},
"name": "list_symbols"
},
{
"description": "Navigate the control flow graph one step at a time. \"forward\" shows the current block plus all successor blocks (where execution goes next). \"backward\" shows the current block plus all predecessor blocks (where execution came from). Each block includes code in the chosen view. Use this for interactive CFG walking instead of loading the full graph.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address within the basic block to navigate from",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"direction": {
"description": "Navigation direction: \"forward\" (where does execution go?) or \"backward\" (where did execution come from?)",
"type": [
"string",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"view": {
"description": "Code view: \"pseudocode\" (default), \"assembly\", or \"ssa\"",
"type": [
"string",
"null"
]
}
},
"required": [
"session_id",
"address"
],
"title": "NavigateCfgArgs",
"type": "object"
},
"name": "navigate_cfg"
},
{
"description": "Open a binary file for analysis. If the binary was uploaded through Claude's web interface, provide content_base64 with the base64-encoded file bytes -- the server will save it locally and open it. Returns session ID, triage summary, file hashes, and suggests next analysis steps.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"content_base64": {
"description": "Optional: base64-encoded binary file content. Provide this when the file\nis not on the server's filesystem (e.g. uploaded through Claude's web\ninterface). The server will decode and save it locally before analysis.",
"type": [
"string",
"null"
]
},
"path": {
"description": "File system path to the binary, OR just the filename when providing content_base64",
"type": "string"
}
},
"required": [
"path"
],
"title": "OpenBinaryArgs",
"type": "object"
},
"name": "open_binary"
},
{
"description": "Read raw assembly code at an address or for an entire function. Returns instructions with addresses, hex bytes, and mnemonics.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Function or start address",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"length": {
"description": "Number of instructions (omit for full function)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AssemblyArgs",
"type": "object"
},
"name": "read_assembly"
},
{
"description": "Read code for a specific basic block (not the whole function). Shows the block containing the given address plus N neighbor blocks. Use this for large functions where read_pseudocode returns too much.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address within the target basic block",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"context_blocks": {
"description": "Number of neighbor blocks to include (default 1)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"view": {
"description": "Code view: \"pseudocode\" (default), \"assembly\", or \"ssa\"",
"type": [
"string",
"null"
]
}
},
"required": [
"session_id",
"address"
],
"title": "ReadBlockArgs",
"type": "object"
},
"name": "read_block"
},
{
"description": "Read low-level intermediate representation for a function. Closer to assembly but architecture-independent. Useful for understanding exact register and flag operations.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "read_lifted_il"
},
{
"description": "Read raw bytes at a virtual address. Returns hex dump.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Virtual address to read from",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"length": {
"description": "Number of bytes to read (default 64, max 4096)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "ReadMemoryArgs",
"type": "object"
},
"name": "read_memory"
},
{
"description": "Read decompiled C-like pseudocode for a function. The most human-readable view of what the code does.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "read_pseudocode"
},
{
"description": "Read SSA (Static Single Assignment) form for a function. Each variable version is unique, enabling precise tracking of where values are defined and used. Best for tracing data flow.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "read_ssa_form"
},
{
"description": "Look up a function or symbol by name. Returns all matching addresses. Tries exact match first, then substring. Use this when you see a name like \"system\" or \"vulnerable_cmd\" and need its address.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"name": {
"description": "Symbol or function name to look up (exact or substring match)",
"type": "string"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"name"
],
"title": "ResolveNameArgs",
"type": "object"
},
"name": "resolve_name"
},
{
"description": "Search for a byte pattern (hex string like \"48 8b 05\") in the binary. Returns all matching addresses.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"pattern": {
"description": "Hex byte pattern (e.g. \"48 8b 05\" or \"488b05\")",
"type": "string"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"pattern"
],
"title": "SearchBytesArgs",
"type": "object"
},
"name": "search_bytes"
},
{
"description": "Find all uses of a specific numeric constant value across the binary.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID",
"type": "string"
},
"value": {
"description": "Numeric constant value to find",
"format": "uint64",
"minimum": 0,
"type": "integer"
}
},
"required": [
"session_id",
"value"
],
"title": "SearchConstantsArgs",
"type": "object"
},
"name": "search_constants"
},
{
"description": "Search for a text pattern in disassembly output. Returns matching locations.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"session_id": {
"description": "Session ID",
"type": "string"
},
"text": {
"description": "Text to search for in disassembly",
"type": "string"
}
},
"required": [
"session_id",
"text"
],
"title": "SearchStringsArgs",
"type": "object"
},
"name": "search_strings"
},
{
"description": "Run forward taint analysis on a SINGLE function. Tracks how data flows from sources to sinks within that function. Accepts optional custom sources/sinks. Completes in seconds.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"function_address": {
"description": "Function address for targeted taint analysis",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"sinks": {
"description": "Custom sink function names (uses defaults if omitted)",
"items": {
"type": "string"
},
"type": [
"array",
"null"
]
},
"sources": {
"description": "Custom source function names (uses defaults if omitted)",
"items": {
"type": "string"
},
"type": [
"array",
"null"
]
}
},
"required": [
"session_id",
"function_address"
],
"title": "TraceDataFlowArgs",
"type": "object"
},
"name": "trace_data_flow"
},
{
"description": "Trace a variable's SSA def-use chain incrementally -- returns N operations (default 5) at a time. Use \"forward\" to see where data flows TO (from definition toward sinks) or \"backward\" to see where data came FROM (from usage toward sources). Use from_index to continue from a previous result. Each step shows SSA text, variables read/written, and flags for source/sink/sanitizer functions. Returns has_more=true with next_index when more operations exist.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address inside the function containing the variable",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"direction": {
"description": "Trace direction: \"forward\" (where does data go?) or \"backward\" (where did data come from?)",
"type": [
"string",
"null"
]
},
"from_index": {
"description": "Resume from this operation index (0 = start, use next_index from previous call to continue)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"max_steps": {
"description": "Maximum operations to return per call (default 5, max 20)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"variable_name": {
"description": "Variable name (or SSA name like \"buf#3\") to trace",
"type": "string"
}
},
"required": [
"session_id",
"address",
"variable_name"
],
"title": "TraceSsaStepArgs",
"type": "object"
},
"name": "trace_ssa_step"
},
{
"description": "Trace a variable through SSA def-use chains within a function. Given a variable name, returns where it is defined and every place it is used.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Function address containing the variable",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
},
"variable_name": {
"description": "Variable name to trace",
"type": "string"
}
},
"required": [
"session_id",
"address",
"variable_name"
],
"title": "TraceVariableArgs",
"type": "object"
},
"name": "trace_variable"
},
{
"description": "Upload a binary file for analysis. Use this when the binary is not already on the server's filesystem (e.g. when uploading through Claude's web interface). Send the file content as base64 and receive a local path that you can pass to open_binary.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"content_base64": {
"description": "Base64-encoded binary file content",
"type": "string"
},
"filename": {
"description": "Original filename of the binary (e.g. \"firmware.bin\")",
"type": "string"
}
},
"required": [
"filename",
"content_base64"
],
"title": "UploadBinaryArgs",
"type": "object"
},
"name": "upload_binary"
},
{
"description": "Find all functions called by a given function. Shows the call tree downward.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Address (decimal or hex string like \"0x401000\")",
"format": "uint64",
"minimum": 0,
"type": "integer"
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id",
"address"
],
"title": "AddressArgs",
"type": "object"
},
"name": "what_calls"
},
{
"description": "Find all functions that call a given function. Essential for tracing how user input reaches dangerous functions.",
"inputSchema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"properties": {
"address": {
"description": "Function address (optional if name is provided)",
"format": "uint64",
"minimum": 0,
"type": [
"integer",
"null"
]
},
"function_name": {
"description": "Function name (optional if address is provided)",
"type": [
"string",
"null"
]
},
"session_id": {
"description": "Session ID",
"type": "string"
}
},
"required": [
"session_id"
],
"title": "WhoCallsArgs",
"type": "object"
},
"name": "who_calls"
}
]
}
},
"url": "https://mcp.byteray.ai/mcp"
},
"latency_ms": 103.19,
"status": "ok"
},
"transport_compliance_probe": {
"details": {
"bad_protocol_error": null,
"bad_protocol_headers": {},
"bad_protocol_payload": {},
"bad_protocol_status_code": 400,
"delete_error": null,
"delete_status_code": null,
"expired_session_error": null,
"expired_session_status_code": null,
"issues": [
"missing_session_id",
"missing_protocol_header"
],
"last_event_id_visible": false,
"protocol_header_present": false,
"requested_protocol_version": "2025-06-18",
"session_id_present": false,
"transport": "streamable-http"
},
"latency_ms": 94.47,
"status": "warning"
},
"utility_coverage_probe": {
"details": {
"completions": {
"advertised": false,
"live_probe": "not_executed",
"sample_target": null
},
"initialize_capability_keys": [
"tools"
],
"pagination": {
"metadata_signal": false,
"next_cursor_methods": [],
"supported": false
},
"tasks": {
"advertised": false,
"http_status": 200,
"probe_status": "missing"
}
},
"latency_ms": 101.79,
"status": "missing"
}
},
"failures": {
"oauth_authorization_server": {
"reason": "no_authorization_server"
},
"oauth_protected_resource": {
"error": "Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://mcp.byteray.ai/.well-known/oauth-protected-resource"
},
"openid_configuration": {
"reason": "no_authorization_server"
},
"server_card": {
"error": "Client error '404 Not Found' for url 'https://mcp.byteray.ai/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://mcp.byteray.ai/.well-known/mcp/server-card.json"
}
},
"remote_url": "https://mcp.byteray.ai/mcp",
"server_card_payload": null,
"server_identifier": "ai.byteray/byteray-mcp"
}
Known versions
1.1.0
Validation history
7 day score delta
+0.0
30 day score delta
n/a
Recent healthy ratio
10%
Freshness
552.5h
| Timestamp | Status | Score | Latency | Tools |
|---|---|---|---|---|
| Apr 11, 2026 05:25:41 AM UTC | Healthy | 69.2 | 1923.6 ms | 39 |
| Apr 10, 2026 08:07:48 PM UTC | Failing | 49.3 | 2752.3 ms | 0 |
| Apr 10, 2026 10:55:54 AM UTC | Failing | 49.3 | 2100.9 ms | 0 |
| Apr 10, 2026 02:10:32 AM UTC | Failing | 49.3 | 2250.0 ms | 0 |
| Apr 09, 2026 04:45:59 PM UTC | Failing | 49.2 | 4627.6 ms | 0 |
| Apr 09, 2026 07:40:38 AM UTC | Failing | 49.5 | 2363.6 ms | 0 |
| Apr 08, 2026 11:40:07 PM UTC | Failing | 49.5 | 2425.5 ms | 0 |
| Apr 08, 2026 03:39:22 PM UTC | Failing | 48.2 | 3239.2 ms | 0 |
Validation timeline
| Validated | Summary | Score | Protocol | Auth mode | Tools | High-risk tools | Changes |
|---|---|---|---|---|---|---|---|
| Apr 11, 2026 05:25:41 AM UTC | Healthy | 69.2 | 2025-06-18 | public | 39 | 6 | summary_changed auth_mode_changed write_surface_expanded tool_snapshot_changed |
| Apr 10, 2026 08:07:48 PM UTC | Failing | 49.3 | unknown | unknown | 0 | 0 | none |
| Apr 10, 2026 10:55:54 AM UTC | Failing | 49.3 | unknown | unknown | 0 | 0 | none |
| Apr 10, 2026 02:10:32 AM UTC | Failing | 49.3 | unknown | unknown | 0 | 0 | none |
| Apr 09, 2026 04:45:59 PM UTC | Failing | 49.2 | unknown | unknown | 0 | 0 | none |
| Apr 09, 2026 07:40:38 AM UTC | Failing | 49.5 | unknown | unknown | 0 | 0 | none |
| Apr 08, 2026 11:40:07 PM UTC | Failing | 49.5 | unknown | unknown | 0 | 0 | none |
| Apr 08, 2026 03:39:22 PM UTC | Failing | 48.2 | unknown | unknown | 0 | 0 | none |
| Apr 08, 2026 07:38:44 AM UTC | Failing | 48.0 | unknown | unknown | 0 | 0 | none |
| Apr 07, 2026 11:37:55 PM UTC | Failing | 47.9 | unknown | unknown | 0 | 0 | none |
| Apr 07, 2026 03:37:13 PM UTC | Failing | 47.9 | unknown | unknown | 0 | 0 | none |
| Apr 07, 2026 07:34:22 AM UTC | Failing | 47.7 | unknown | unknown | 0 | 0 | none |
Recent validation runs
| Started | Status | Summary | Latency | Checks |
|---|---|---|---|---|
| Apr 11, 2026 05:25:39 AM UTC | Completed | Healthy | 1923.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 10, 2026 08:07:45 PM UTC | Completed | Failing | 2752.3 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 10, 2026 10:55:52 AM UTC | Completed | Failing | 2100.9 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 10, 2026 02:10:30 AM UTC | Completed | Failing | 2250.0 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 09, 2026 04:45:54 PM UTC | Completed | Failing | 4627.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 09, 2026 07:40:36 AM UTC | Completed | Failing | 2363.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 08, 2026 11:40:04 PM UTC | Completed | Failing | 2425.5 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 08, 2026 03:39:19 PM UTC | Completed | Failing | 3239.2 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 08, 2026 07:38:42 AM UTC | Completed | Failing | 1929.0 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 07, 2026 11:37:52 PM UTC | Completed | Failing | 2650.2 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |