com.leap-labs/discovery-engine
Discovery Engine
Find novel, statistically validated patterns in tabular data — hypothesis-free.
Status
Healthy
Score
70.9
Transport
streamable-http
Tools
14
Production readiness
Verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Critical alerts
1
Production verdicts degrade quickly when critical alerts are active.
Evidence confidence
Confidence score
65.0
Based on 20 recent validations, 26 captured checks, and validation age of 605.9 hours.
Live checks captured
26
More direct checks increase trust in the current verdict.
Validation age
605.9h
Lower age means fresher evidence.
Recommended for
Claude Desktop
Claude Desktop is marked compatible with score 100.
Smithery
Smithery is marked compatible with score 80.
Generic Streamable HTTP
Generic Streamable HTTP is marked compatible with score 100.
Client readiness verdicts
Ready for ChatGPT custom connector
Partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
Confidence: medium (65.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• OKtransport_compliance_probe• Warningstep_up_auth_probe• Missingconnector_replay_probe• Warning — Frozen tool snapshots must survive refresh.request_association_probe• Missing — Roots, sampling, and elicitation should stay request-scoped.
Ready for Claude remote MCP
Ready
No major blockers detected.
Confidence: medium (65.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• OKtransport_compliance_probe• Warning
Unsafe for write actions
Yes
High-risk write, exec, or destructive tools need stronger auth and confirmation semantics.
Confidence: medium (65.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history
Disagreements: none
action_safety_probe• Error
Snapshot churn risk
Medium
The live tool surface changed between recent validations.
Confidence: medium (65.0)
Evidence provenance
Winner: history
Supporting sources: history, live_validation
Disagreements: none
tool_snapshot_probe• Warningconnector_replay_probe• Warning
Why not ready by client
ChatGPT custom connector
Partial
Remediation checklist
- No explicit blockers recorded.
Claude remote MCP
Ready
Remediation checklist
- No explicit blockers recorded.
Write-safe publishing
Blocked
Remediation checklist
- No explicit blockers recorded.
Verdict traces
Production verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Confidence: medium (65.0)
Winning source: live_validation
Triggering alerts
validation_stale• medium • Validation evidence is staletool_snapshot_changed• high • Tool snapshot changed
Client verdict trace table
| Verdict | Status | Checks | Winning source | Conflicts |
|---|---|---|---|---|
openai_connectors |
Partial | initialize, tools_list, transport_compliance_probe, step_up_auth_probe, connector_replay_probe, request_association_probe | live_validation | none |
claude_desktop |
Ready | initialize, tools_list, transport_compliance_probe | live_validation | none |
unsafe_for_write_actions |
Yes | action_safety_probe | live_validation | none |
snapshot_churn_risk |
Medium | tool_snapshot_probe, connector_replay_probe | history | none |
Publishability policy profiles
ChatGPT custom connector publishability
Caution
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
- Search Fetch Only: No
- Write Actions Present: Yes
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Claude remote MCP publishability
Ready
Transport, discovery, and remote-MCP assumptions are satisfied.
- Search Fetch Only: No
- Write Actions Present: Yes
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Compatibility fixtures
ChatGPT custom connector fixture
Degraded
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
- remote_http_endpoint: Passes
- oauth_discovery: Degraded
- frozen_tool_snapshot_refresh: Passes
- request_association: Passes
Anthropic remote MCP fixture
Passes
Remote MCP transport and discovery assumptions are satisfied.
- remote_transport: Passes
- tool_discovery: Passes
- auth_connect: Passes
- safe_write_review: Degraded
Authenticated validation sessions
Latest profile
remote_mcp
Authenticated session used
Public score isolation
Preview endpoint
/v1/verifyCI preview endpoint
/v1/ci/previewPublic server reputation
Validation success 7d
n/a
Validation success 30d
1.0
Mean time to recover
n/a
Breaking diffs 30d
1
Registry drift frequency 30d
0
Snapshot changes 30d
1
Incident & change feed
| Timestamp | Event | Details |
|---|---|---|
| Apr 09, 2026 12:02:00 AM UTC | Latest validation: healthy | Score 70.9 with status healthy. |
| Apr 09, 2026 12:02:00 AM UTC | Score changed | Score delta -1.5 versus the previous run. |
| Apr 09, 2026 12:02:00 AM UTC | Tool snapshot changed | Added 2, removed 0, and changed 0 tool contracts. |
Capabilities
- OAuth:
- DCR/CIMD:
- Prompts:
- Homepage: https://www.leap-labs.com
- Docs: none
- Support: none
- Icon: none
- Remote endpoint: https://disco.leap-labs.com/mcp
- Server card: none
Use-case taxonomy
development database search communication
Security posture
Tools analyzed
14
High-risk tools
8
Destructive tools
0
Exec tools
7
Egress tools
3
Secret tools
10
Bulk-access tools
0
Risk distribution
medium:6, high:6, critical:2
Tool capability & risk inventory
| Tool | Capabilities | Risk | Findings | Notes |
|---|---|---|---|---|
discovery_list_plans |
read admin | Medium | none | No explicit safeguard hints detected. |
discovery_estimate |
read write exec filesystem secrets | High | command execution secret material access filesystem mutation | No explicit safeguard hints detected. |
discovery_upload |
write exec network filesystem secrets | Critical | command execution arbitrary network egress secret material access filesystem mutation | No explicit safeguard hints detected. |
discovery_analyze |
read write exec network filesystem admin secrets | Critical | command execution arbitrary network egress secret material access filesystem mutation admin mutation | No explicit safeguard hints detected. |
discovery_status |
read write exec secrets | High | command execution secret material access | No explicit safeguard hints detected. |
discovery_get_results |
read write exec network admin secrets | High | command execution secret material access admin mutation | No explicit safeguard hints detected. |
discovery_account |
write exec secrets | High | command execution secret material access | No explicit safeguard hints detected. |
discovery_signup |
read write exec admin | High | command execution admin mutation | No explicit safeguard hints detected. |
discovery_signup_verify |
admin | Medium | freeform input surface | No explicit safeguard hints detected. |
discovery_login |
read write secrets | Medium | secret material access | No explicit safeguard hints detected. |
discovery_login_verify |
admin | Medium | freeform input surface | No explicit safeguard hints detected. |
discovery_add_payment_method |
write network secrets | High | arbitrary network egress secret material access | No explicit safeguard hints detected. |
discovery_purchase_credits |
write filesystem secrets | Medium | secret material access filesystem mutation | No explicit safeguard hints detected. |
discovery_subscribe |
read write filesystem secrets | Medium | secret material access filesystem mutation | No explicit safeguard hints detected. |
Write-action governance
Governance status
Error
Safe to publish
Auth boundary
public_or_unclear
Blast radius
High
High-risk tools
8
Confirmation signals
none
Safeguard count
0
Status detail: 8 high-risk tool(s), 7 exec-capable tool(s) are exposed without a clear auth boundary; no safeguards or confirmation signals detected.
| Tool | Risk | Flags | Safeguards |
|---|---|---|---|
discovery_estimate |
High | command execution secret material access filesystem mutation | no |
discovery_upload |
Critical | command execution arbitrary network egress secret material access filesystem mutation | no |
discovery_analyze |
Critical | command execution arbitrary network egress secret material access filesystem mutation admin mutation | no |
discovery_status |
High | command execution secret material access | no |
discovery_get_results |
High | command execution secret material access admin mutation | no |
discovery_account |
High | command execution secret material access | no |
discovery_signup |
High | command execution admin mutation | no |
discovery_add_payment_method |
High | arbitrary network egress secret material access | no |
Action-controls diff
Snapshot changed
yes
Disabled-by-default candidates
none
Manual review candidates
none
New actions
| Action | Risk | Flags |
|---|---|---|
discovery_login | Medium | secret material access |
discovery_login_verify | Medium | freeform input surface |
Changed actions
| Action | Change types | Risk |
|---|---|---|
| No materially changed actions. | ||
Why this score?
Access & Protocol
32/44
Connectivity, auth, and transport expectations for common clients.
Interface Quality
35/56
How well the tool/resource interface communicates and behaves under automation.
Security Posture
22.5/36
How safely the exposed tool surface handles destructive actions, egress, execution, secrets, and risky inputs.
Reliability & Trust
21/24
Operational stability, consistency, and trustworthiness over time.
Discovery & Governance
22.5/28
How well the server is documented, listed, and governed in public registries.
Adoption & Market
6/8
Adoption clues and public evidence that the server is intended for external use.
Algorithmic score breakdown
Auth Operability
2/4
Measures whether auth discovery and protected access behave predictably for clients.
Error Contract Quality
0/4
Grades machine-readable error structure, status alignment, and remediation hints.
Rate-Limit Semantics
2/4
Checks whether quota/throttle responses are deterministic and automation-friendly.
Schema Completeness
3/4
Completeness of tool descriptions, parameter docs, examples, and schema shape.
Backward Compatibility
2/4
Stability score across tool schema/name drift relative to prior validations.
SLO Health
3/4
Availability, latency, and burst-failure profile across recent validation history.
Security Hygiene
3/4
HTTPS posture, endpoint hygiene, and response-surface hardening checks.
Task Success
4/4
Can an agent reliably initialize, enumerate tools, and execute core MCP flows?
Trust Confidence
4/4
Confidence-adjusted reliability score that penalizes low evidence volume.
Abuse/Noise Resilience
4/4
How well the server preserves core behavior in the presence of noisy traffic patterns.
Prompt Contract
2/4
Quality of prompt metadata, argument shape, and prompt discoverability for clients.
Resource Contract
2/4
How completely resources and resource templates describe URIs, types, and usage shape.
Discovery Metadata
4/4
Homepage, docs, icon, repository, support, and license coverage for directory consumers.
Registry Consistency
2/4
Agreement between stored registry metadata, live server-card data, and current validation output.
Installability
4/4
How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.
Session Semantics
4/4
Determinism and state behavior across repeated MCP calls, including sticky-session surprises.
Tool Surface Design
4/4
Naming clarity, schema ergonomics, and parameter complexity across the tool surface.
Result Shape Stability
4/4
Stability of declared output schemas across validations, with penalties for drift or missing shapes.
OAuth Interop
3/4
Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.
Recovery Semantics
0/4
Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.
Maintenance Signal
4/4
Versioning, update recency, and historical validation cadence that indicate active stewardship.
Adoption Signal
3/4
Directory presence and distribution clues that suggest the server is intended for external use.
Freshness Confidence
4/4
Confidence that recent validations are current enough and dense enough to trust operationally.
Transport Fidelity
4/4
Whether declared transport metadata matches the observed endpoint behavior and response formats.
Spec Recency
2/4
How close the server’s claimed MCP protocol version is to the latest known public revision.
Session Resume
3/4
Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.
Step-Up Auth
3/4
Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.
Transport Compliance
2/4
Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.
Utility Coverage
2/4
Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.
Advanced Capability Coverage
3/4
Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.
Connector Publishability
3/4
How ready the server looks for client catalogs and managed connector programs.
Tool Snapshot Churn
3/4
Stability of the tool surface across recent validations, including add/remove and output-shape drift.
Connector Replay
3/4
Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.
Request Association
3/4
Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.
Interactive Flow Safety
4/4
Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.
Action Safety
2/4
Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.
Official Registry Presence
4/4
Whether the server appears directly or indirectly in the official MCP registry.
Provenance Divergence
4/4
How closely official registry metadata, the live server card, and public repo/package signals agree with each other.
Safety Transparency
2/4
Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.
Tool Capability Clarity
3/4
How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.
Destructive Operation Safety
3/4
Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.
Egress / SSRF Resilience
1.5/4
Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.
Execution / Sandbox Safety
0/4
Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.
Data Exfiltration Resilience
3/4
Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.
Least Privilege Scope
2/4
Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.
Secret Handling Hygiene
3/4
Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.
Supply Chain Signal
2.5/4
Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.
Input Sanitization Safety
3/4
Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.
Tool Namespace Clarity
4/4
Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.
Compatibility profiles
OpenAI Connectors
77.8
partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.
Connector URL: https://disco.leap-labs.com/mcp # No OAuth metadata detected. # Server: com.leap-labs/discovery-engine
Claude Desktop
100.0
compatible
No major blockers detected.
{
"mcpServers": {
"discovery-engine": {
"command": "npx",
"args": ["mcp-remote", "https://disco.leap-labs.com/mcp"]
}
}
}
Smithery
80.0
compatible
Machine-readable failure semantics should be present.
smithery mcp add "https://disco.leap-labs.com/mcp"
Generic Streamable HTTP
100.0
compatible
No major blockers detected.
curl -sS https://disco.leap-labs.com/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Actionable remediation
| Severity | Remediation | Why it matters | Recommended action |
|---|---|---|---|
| High | Add confirmation and dry-run semantics for risky actions | High-risk write, delete, exec, or egress tools should communicate safeguards clearly. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Align session and protocol behavior with Streamable HTTP expectations | Clients increasingly rely on MCP-Protocol-Version, session teardown, and expired-session semantics. | Align MCP-Protocol-Version, MCP-Session-Id, DELETE teardown, and expired-session handling with the transport spec.Playbook
|
| High | Associate roots, sampling, and elicitation with active client requests | Modern MCP guidance expects roots, sampling, and elicitation traffic to be tied to an active client request instead of arriving unsolicited on idle sessions. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Expose /.well-known/oauth-protected-resource | Without a protected-resource document, OAuth clients cannot discover auth requirements reliably. | Serve /.well-known/oauth-protected-resource and point it at your authorization server metadata.Playbook
|
| High | Keep connector refreshes backward compatible | Managed connector clients freeze tool snapshots, so removed tools, new required args, and breaking output changes can break published integrations after refresh. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Publish OAuth authorization-server metadata | Clients need authorization-server metadata to discover issuer, endpoints, and DCR support. | Publish /.well-known/oauth-authorization-server from your issuer and include registration_endpoint when supported.Playbook
|
| High | Publish a complete server card | Missing or incomplete server-card metadata weakens discovery, documentation, and trust signals. | Serve /.well-known/mcp/server-card.json and include tools, prompts/resources, homepage, and support links.Playbook
|
| High | Respond to tool snapshot changed | Tools were added, removed, or materially changed between the latest two validations. | Publish a first-class changelog for tool additions, removals, and breaking schema changes.Playbook
|
| Medium | Adopt a current MCP protocol revision | Older protocol revisions reduce compatibility with newer clients and registry programs. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Close connector-publishing gaps | Connector catalogs care about protocol recency, session behavior, auth clarity, and tool-surface stability. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Document minimal scopes and return cleaner auth challenges | Modern clients expect granular scopes and step-up auth signals such as WWW-Authenticate scope hints. | Return granular scopes and WWW-Authenticate challenge hints instead of forcing overly broad auth upfront.Playbook
|
| Medium | Publish OpenID configuration | OIDC metadata improves token validation and client compatibility. | Expose /.well-known/openid-configuration with issuer, jwks_uri, and supported grants.Playbook
|
| Medium | Reduce tool-surface churn | Frequent add/remove or output-shape drift makes published connectors and cached tool snapshots brittle. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Respond to validation evidence is stale | Latest validation is 605.9 hours old. | Trigger a fresh validation run or increase scheduler priority for this server.Playbook
|
| Medium | Support resumable HTTP sessions cleanly | Modern MCP clients increasingly expect resumable session behavior on streamable HTTP transports. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Low | Expose modern utility surfaces like completions, pagination, or tasks | Utility coverage improves interoperability with larger clients and long-lived agent workflows. | Expose completions, pagination, and task metadata where supported so larger clients can plan and resume work safely.Playbook
|
| Low | Publish newer MCP capability signals | Roots, sampling, elicitation, structured outputs, and related metadata improve client understanding and ranking. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
Point loss breakdown
| Component | Current | Points missing |
|---|---|---|
| Recovery Semantics | 0/4 | -4.0 |
| Execution Sandbox Safety | 0/4 | -4.0 |
| Error Contract | 0/4 | -4.0 |
| Egress SSRF Resilience | 1.5/4 | -2.5 |
| Utility Coverage | 2/4 | -2.0 |
| Transport Compliance | 2/4 | -2.0 |
| Spec Recency | 2/4 | -2.0 |
| Safety Transparency | 2/4 | -2.0 |
| Resource Contract | 2/4 | -2.0 |
| Registry Consistency | 2/4 | -2.0 |
| Rate Limit Semantics | 2/4 | -2.0 |
| Prompt Contract | 2/4 | -2.0 |
Validation diff
Score delta
-1.53
Summary changed
no
Tool delta
2
Prompt delta
0
Auth mode changed
no
Write surface expanded
no
Protocol regressed
no
Registry drift changed
no
Regressed checks: connector_replay_probe, tool_snapshot_probe
Improved checks: interactive_flow_probe
| Component | Previous | Latest | Delta |
|---|---|---|---|
backward_compatibility_score | 4.0 | 2.0 | -2.0 |
connector_replay_score | 4.0 | 3.0 | -1.0 |
interactive_flow_safety_score | 3.0 | 4.0 | 1.0 |
tool_snapshot_churn_score | 4.0 | 3.0 | -1.0 |
Tool snapshot diff & changelog
Snapshot changed
yes
Added tools
discovery_login discovery_login_verify
Removed tools
none
Required-argument changes
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument changes detected. | ||
Output-schema drift
| Tool | Previous properties | Latest properties |
|---|---|---|
| No output-schema drift detected. | ||
Connector replay
Status
Warning
Backward compatible
Would break after refresh
Added tools
discovery_login discovery_login_verify
Removed tools
none
Additive output changes
none
Required-argument replay breaks
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument replay breaks detected. | ||
Output-schema replay breaks
| Tool | Removed properties | Added properties |
|---|---|---|
| No output-schema replay breaks detected. | ||
Transport compliance drilldown
Probe status
Warning
Transport
streamable-http
Session header
no
Protocol header
no
Bad protocol response
400
DELETE teardown
n/a
Expired session retry
n/a
Last-Event-ID visible
no
Issues: missing_session_id, missing_protocol_header
Request association
Status
Missing
Advertised capabilities
none
Observed idle methods
none
Violating methods
none
Probe HTTP status
n/a
Issues
none
Utility coverage
Probe status
Missing
Completions
not detected
Completion probe target: none
Pagination
not detected
No nextCursor evidence.
Tasks
Missing
Advertised: no
Benchmark tasks
| Benchmark task | Status | Evidence |
|---|---|---|
| Discover tools | Passes |
|
| Read-only fetch flow | Likely to fail |
|
| OAuth-required connect | Degraded |
|
| Safe write flow with confirmation | Likely to fail |
|
Registry & provenance divergence
Probe status
OK
Direct official match
yes
Drift fields
none
| Field | Registry | Live server card |
|---|---|---|
| Title | n/a | n/a |
| Version | n/a | n/a |
| Homepage | n/a | n/a |
Active alerts
- Validation evidence is stale (medium)
Latest validation is 605.9 hours old. - Tool snapshot changed (high)
Tools were added, removed, or materially changed between the latest two validations.
Aliases & registry graph
| Identifier | Source | Canonical | Score |
|---|---|---|---|
com.leap-labs/discovery-engine |
official_registry | yes | 70.92 |
leap-laboratories/discovery-engine |
smithery_registry | no | 45.62 |
Alias consolidation
Canonical identifier
com.leap-labs/discovery-engine
Duplicate aliases
1
Registry sources
official_registry smithery_registry
Remote URLs
Source disagreements
| Field | What differs | Observed values |
|---|---|---|
| Registry source | Multiple registries or registry sync paths claim this same canonical server. | official_registry smithery_registry |
| Homepage | Registry entries disagree on the primary homepage for this server. | https://www.leap-labs.com https://www.leap-labs.com/ |
| Registry identifier | Different registry-specific identifiers resolve to the same canonical server record here. | com.leap-labs/discovery-engine smithery_registry:03ba25de-2e7a-48cb-91ab-6d6f83fbbc01 |
Install snippets
Openai Connectors
Connector URL: https://disco.leap-labs.com/mcp # No OAuth metadata detected. # Server: com.leap-labs/discovery-engine
Claude Desktop
{
"mcpServers": {
"discovery-engine": {
"command": "npx",
"args": ["mcp-remote", "https://disco.leap-labs.com/mcp"]
}
}
}
Smithery
smithery mcp add "https://disco.leap-labs.com/mcp"
Generic Http
curl -sS https://disco.leap-labs.com/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Agent access & tool surface
Live server tools
discovery_list_plans discovery_estimate discovery_upload discovery_analyze discovery_status discovery_get_results discovery_account discovery_signup
Observed from the latest live validation against https://disco.leap-labs.com/mcp. This is the target server surface, not Verify's own inspection tools.
Live capability counts
14 tools • 0 prompts • 0 resources
Counts come from the latest
tools/list, prompts/list, and resources/list checks.Inspect with Verify
search_servers recommend_servers get_server_report compare_servers
Use Verify itself to search, recommend, compare, and fetch the full report for
com.leap-labs/discovery-engine.Direct machine links
Claims & monitoring
Server ownership
No verified maintainer claim recorded.
Watch subscriptions
0
Teams: none
Alert routing
Active watches
0
Generic webhooks
0
Slack routes
0
Teams routes
0
Email routes
0
| Watch | Team | Channels | Minimum severity |
|---|---|---|---|
| No active watch destinations. | |||
Maintainer analytics
Validation Run Count
20
Average Latency Ms
3782.34
Healthy Run Ratio Recent
1.0
Registry Presence Count
2
Active Alert Count
2
Watcher Count
0
Verified Claim
False
Taxonomy Tags
development, database, search, communication
Score Trend
70.92, 72.45, 72.45, 72.45, 72.45, 71.94, 72.45, 71.94, 71.43, 71.43
Remediation Count
17
High Risk Tool Count
8
Destructive Tool Count
0
Exec Tool Count
7
Maintainer response quality
Score
0
Verified claim
Support contact
Changelog present
Incident notes present
Tool changes documented
Annotation history
Annotation count
0
Maintainer annotations
No maintainer annotations have been recorded yet.
Maintainer rebuttals & expected behavior
No maintainer rebuttals or expected-behavior overrides are recorded yet.
Latest validation evidence
Latest summary
Healthy
Validation profile
remote_mcp
Started
Apr 09, 2026 12:01:57 AM UTC
Latency
3243.5 ms
Failures
oauth_authorization_serverno authorization serveroauth_protected_resourceClient error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404openid_configurationno authorization serverserver_cardClient error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404
Checks
| Check | Status | Latency | Evidence |
|---|---|---|---|
action_safety_probe |
Error | n/a | 8 high-risk, 7 exec-capable tool(s); no clear auth boundary; safeguards=0; confirmation=none. |
advanced_capabilities_probe |
Warning | n/a | Only 3 capability signal(s): prompts, resources, structured outputs. |
connector_publishability_probe |
Warning | n/a | Publishability blockers: action safety, server card. |
connector_replay_probe |
Warning | n/a | Backward compatible with additive changes; added tools=2, additive output changes=0. |
determinism_probe |
OK | 130.3 ms | Check completed |
initialize |
OK | 170.1 ms | Protocol 2025-03-26 |
interactive_flow_probe |
OK | n/a | Check completed |
oauth_authorization_server |
Missing | n/a | no authorization server |
oauth_protected_resource |
Error | 50.8 ms | Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
official_registry_probe |
OK | n/a | Check completed |
openid_configuration |
Missing | n/a | no authorization server |
probe_noise_resilience |
OK | 70.0 ms | Fetched https://disco.leap-labs.com/robots.txt |
prompt_get |
Missing | n/a | not advertised |
prompts_list |
OK | 1795.0 ms | 0 prompt(s) exposed |
protocol_version_probe |
Warning | n/a | Claims 2025-03-26; 2 release(s) behind 2025-11-25. |
provenance_divergence_probe |
OK | n/a | Check completed |
request_association_probe |
Missing | n/a | No request-association capabilities were advertised. |
resource_read |
Missing | n/a | not advertised |
resources_list |
OK | 208.0 ms | 0 resource item(s) exposed |
server_card |
Error | 103.8 ms | Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
session_resume_probe |
Warning | n/a | no session id |
step_up_auth_probe |
Missing | n/a | No OAuth or incremental-scope signals detected. |
tool_snapshot_probe |
Warning | n/a | Check completed |
tools_list |
OK | 218.1 ms | 14 tool(s) exposed |
transport_compliance_probe |
Warning | 173.1 ms | Issues: missing session id, missing protocol header (bad protocol=400). |
utility_coverage_probe |
Missing | 148.1 ms | No completions evidence; no pagination evidence; tasks missing. |
Raw evidence view
Show raw JSON evidence
{
"checks": {
"action_safety_probe": {
"details": {
"auth_present": false,
"confirmation_signals": [],
"safeguard_count": 0,
"summary": {
"bulk_access_tools": 0,
"capability_distribution": {
"admin": 6,
"exec": 7,
"filesystem": 5,
"network": 4,
"read": 8,
"secrets": 10,
"write": 11
},
"destructive_tools": 0,
"egress_tools": 3,
"exec_tools": 7,
"high_risk_tools": 8,
"risk_distribution": {
"critical": 2,
"high": 6,
"low": 0,
"medium": 6
},
"secret_tools": 10,
"tool_count": 14
}
},
"latency_ms": null,
"status": "error"
},
"advanced_capabilities_probe": {
"details": {
"capabilities": {
"completions": false,
"elicitation": false,
"prompts": true,
"resource_links": false,
"resources": true,
"roots": false,
"sampling": false,
"structured_outputs": true
},
"enabled": [
"prompts",
"resources",
"structured_outputs"
],
"enabled_count": 3,
"initialize_capability_keys": [
"experimental",
"prompts",
"resources",
"tools"
]
},
"latency_ms": null,
"status": "warning"
},
"connector_publishability_probe": {
"details": {
"blockers": [
"action_safety",
"server_card"
],
"criteria": {
"action_safety": false,
"auth_flow": true,
"connector_replay": true,
"initialize": true,
"protocol_version": true,
"remote_transport": true,
"request_association": true,
"server_card": false,
"session_resume": true,
"step_up_auth": true,
"tool_surface": true,
"tools_list": true,
"transport_compliance": true
},
"high_risk_tools": 8,
"tool_count": 14,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "warning"
},
"connector_replay_probe": {
"details": {
"added_tools": [
"discovery_login",
"discovery_login_verify"
],
"additive_output_changes": [],
"backward_compatible": true,
"output_breaks": [],
"removed_tools": [],
"required_arg_breaks": [],
"would_break_after_refresh": false
},
"latency_ms": null,
"status": "warning"
},
"determinism_probe": {
"details": {
"attempts": 2,
"baseline_signature": "7e17f5611f0f98c7f29ccd018ce69d219402170fc2d27cf80521ad170f3eb32d",
"errors": [],
"matches": 2,
"stable_ratio": 1.0,
"successful": 2
},
"latency_ms": 130.28,
"status": "ok"
},
"initialize": {
"details": {
"headers": {
"content-type": "text/event-stream",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"http_status": 200,
"payload": {
"id": 1,
"jsonrpc": "2.0",
"result": {
"capabilities": {
"experimental": {},
"prompts": {
"listChanged": false
},
"resources": {
"listChanged": false,
"subscribe": false
},
"tools": {
"listChanged": false
}
},
"instructions": "Not another AI data analyst. Disco is a discovery pipeline that finds novel, statistically validated patterns in tabular data \u2014 feature interactions, subgroup effects, and conditional relationships you wouldn't think to look for. When displaying results, render interactive visualizations following the Disco style guide at https://disco.leap-labs.com/visualization-spec",
"protocolVersion": "2025-03-26",
"serverInfo": {
"name": "Disco",
"version": "1.26.0"
}
}
},
"url": "https://disco.leap-labs.com/mcp"
},
"latency_ms": 170.12,
"status": "ok"
},
"interactive_flow_probe": {
"details": {
"oauth_supported": false,
"prompt_available": false,
"risk_hits": [],
"safe_hits": [
"sign in",
"login"
]
},
"latency_ms": null,
"status": "ok"
},
"oauth_authorization_server": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"oauth_protected_resource": {
"details": {
"error": "Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://disco.leap-labs.com/.well-known/oauth-protected-resource"
},
"latency_ms": 50.76,
"status": "error"
},
"official_registry_probe": {
"details": {
"direct_match": true,
"official_peer_count": 1,
"registry_identifier": "com.leap-labs/discovery-engine",
"registry_source": "official_registry"
},
"latency_ms": null,
"status": "ok"
},
"openid_configuration": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"probe_noise_resilience": {
"details": {
"headers": {
"content-type": "text/plain;charset=UTF-8",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"http_status": 404,
"url": "https://disco.leap-labs.com/robots.txt"
},
"latency_ms": 70.03,
"status": "ok"
},
"prompt_get": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"prompts_list": {
"details": {
"headers": {
"content-type": "text/event-stream",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"http_status": 200,
"payload": {
"id": 3,
"jsonrpc": "2.0",
"result": {
"prompts": []
}
},
"url": "https://disco.leap-labs.com/mcp"
},
"latency_ms": 1795.03,
"status": "ok"
},
"protocol_version_probe": {
"details": {
"claimed_version": "2025-03-26",
"lag_days": 244,
"latest_known_version": "2025-11-25",
"releases_behind": 2,
"validator_protocol_version": "2025-03-26"
},
"latency_ms": null,
"status": "warning"
},
"provenance_divergence_probe": {
"details": {
"direct_official_match": true,
"drift_fields": [],
"metadata_document_count": 2,
"registry_homepage": null,
"registry_repository": null,
"registry_title": null,
"registry_version": null,
"server_card_homepage": null,
"server_card_repository": null,
"server_card_title": null,
"server_card_version": null
},
"latency_ms": null,
"status": "ok"
},
"request_association_probe": {
"details": {
"reason": "no_request_association_capabilities_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resource_read": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resources_list": {
"details": {
"headers": {
"content-type": "text/event-stream",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"http_status": 200,
"payload": {
"id": 5,
"jsonrpc": "2.0",
"result": {
"resources": []
}
},
"url": "https://disco.leap-labs.com/mcp"
},
"latency_ms": 208.04,
"status": "ok"
},
"server_card": {
"details": {
"error": "Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://disco.leap-labs.com/.well-known/mcp/server-card.json"
},
"latency_ms": 103.81,
"status": "error"
},
"session_resume_probe": {
"details": {
"protocol_version": "2025-03-26",
"reason": "no_session_id",
"resume_expected": true,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "warning"
},
"step_up_auth_probe": {
"details": {
"auth_required_checks": [],
"broad_scopes": [],
"challenge_headers": [],
"minimal_scope_documented": false,
"oauth_present": false,
"scope_specificity_ratio": 0.0,
"step_up_signals": [],
"supported_scopes": []
},
"latency_ms": null,
"status": "missing"
},
"tool_snapshot_probe": {
"details": {
"added": [
"discovery_login",
"discovery_login_verify"
],
"changed_outputs": [],
"current_tool_count": 14,
"previous_tool_count": 12,
"removed": [],
"similarity": 0.8571
},
"latency_ms": null,
"status": "warning"
},
"tools_list": {
"details": {
"headers": {
"content-type": "text/event-stream",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"http_status": 200,
"payload": {
"id": 2,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"annotations": {
"readOnlyHint": true
},
"description": "List available Disco plans with pricing.\n\n No authentication required. Returns all available subscription tiers\n with credit allowances and pricing. Use this to help users choose a plan.\n ",
"inputSchema": {
"properties": {},
"title": "discovery_list_plansArguments",
"type": "object"
},
"name": "discovery_list_plans",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_list_plansOutput",
"type": "object"
}
},
{
"annotations": {
"readOnlyHint": true
},
"description": "Estimate cost, time, and credit requirements before running an analysis.\n\n Returns credit cost, estimated duration in seconds, whether you have\n sufficient credits, and whether a free public alternative exists. Always call\n this before discovery_analyze for private runs.\n\n Args:\n file_size_mb: Size of the dataset in megabytes.\n num_columns: Number of columns in the dataset.\n num_rows: Number of rows (optional, improves time estimate).\n analysis_depth: Search depth (1=fast, higher=deeper). Default 1.\n visibility: \"public\" (free, results published) or \"private\" (costs credits).\n use_llms: Slower and more expensive, but you get smarter pre-processing, summary page, literature context and pattern novelty assessment. Only applies to private runs \u2014 public runs always use LLMs. Default false.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"analysis_depth": {
"default": 2,
"title": "Analysis Depth",
"type": "integer"
},
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"file_size_mb": {
"title": "File Size Mb",
"type": "number"
},
"num_columns": {
"title": "Num Columns",
"type": "integer"
},
"num_rows": {
"anyOf": [
{
"type": "integer"
},
{
"type": "null"
}
],
"default": null,
"title": "Num Rows"
},
"use_llms": {
"default": false,
"title": "Use Llms",
"type": "boolean"
},
"visibility": {
"default": "public",
"title": "Visibility",
"type": "string"
}
},
"required": [
"file_size_mb",
"num_columns"
],
"title": "discovery_estimateArguments",
"type": "object"
},
"name": "discovery_estimate",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_estimateOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": false
},
"description": "Upload a dataset file and return a file reference for use with discovery_analyze.\n\n Call this before discovery_analyze. Pass the returned result directly to\n discovery_analyze as the file_ref argument.\n\n Provide exactly one of: file_url, file_path, or file_content.\n\n Args:\n file_url: A publicly accessible http/https URL. The server downloads it directly.\n Best option for remote datasets.\n file_path: Absolute path to a local file. Only works when running the MCP server\n locally (not the hosted version). Streams the file directly \u2014 no size limit.\n file_content: File contents, base64-encoded. For small files when a URL or path\n isn't available. Limited by the model's context window.\n file_name: Filename with extension (e.g. \"data.csv\"), for format detection.\n Only used with file_content. Default: \"data.csv\".\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"file_content": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "File Content"
},
"file_name": {
"default": "data.csv",
"title": "File Name",
"type": "string"
},
"file_path": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "File Path"
},
"file_url": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "File Url"
}
},
"title": "discovery_uploadArguments",
"type": "object"
},
"name": "discovery_upload",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_uploadOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": true,
"idempotentHint": false
},
"description": "Run Disco on tabular data to find novel, statistically validated patterns.\n\n This is NOT another data analyst \u2014 it's a discovery pipeline that systematically\n searches for feature interactions, subgroup effects, and conditional relationships\n nobody thought to look for, then validates each on hold-out data with FDR-corrected\n p-values and checks novelty against academic literature.\n\n This is a long-running operation (3-15 minutes). Returns a run_id immediately.\n Use discovery_status to poll and discovery_get_results to fetch completed results.\n\n Use this when you need to go beyond answering questions about data and start\n finding things nobody thought to ask. Do NOT use this for summary statistics,\n visualization, or SQL queries.\n\n Public runs are free but results are published. Private runs cost credits.\n Call discovery_estimate first to check cost. Private report URLs require\n sign-in \u2014 tell the user to sign in at the dashboard with the same email\n address used to create the account (email code, no password needed).\n\n Call discovery_upload first to upload your file, then pass the returned file_ref here.\n\n Args:\n target_column: The column to analyze \u2014 what drives it, beyond what's obvious.\n file_ref: The file reference returned by discovery_upload.\n analysis_depth: Search depth (1=fast, higher=deeper). Default 1.\n visibility: \"public\" (free) or \"private\" (costs credits). Default \"public\".\n title: Optional title for the analysis.\n description: Optional description of the dataset.\n excluded_columns: Optional JSON array of column names to exclude from analysis.\n column_descriptions: Optional JSON object mapping column names to descriptions. Significantly improves pattern explanations \u2014 always provide if column names are non-obvious (e.g. {\"col_7\": \"patient age\", \"feat_a\": \"blood pressure\"}).\n author: Optional author name for the report.\n source_url: Optional source URL for the dataset.\n use_llms: Slower and more expensive, but you get smarter pre-processing, summary page, literature context and pattern novelty assessment. Only applies to private runs \u2014 public runs always use LLMs. Default false.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"analysis_depth": {
"default": 2,
"title": "Analysis Depth",
"type": "integer"
},
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"author": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Author"
},
"column_descriptions": {
"anyOf": [
{
"type": "string"
},
{
"additionalProperties": true,
"type": "object"
},
{
"type": "null"
}
],
"default": null,
"title": "Column Descriptions"
},
"description": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Description"
},
"excluded_columns": {
"anyOf": [
{
"type": "string"
},
{
"items": {},
"type": "array"
},
{
"type": "null"
}
],
"default": null,
"title": "Excluded Columns"
},
"file_ref": {
"anyOf": [
{
"type": "string"
},
{
"additionalProperties": true,
"type": "object"
},
{
"type": "null"
}
],
"default": null,
"title": "File Ref"
},
"source_url": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Source Url"
},
"target_column": {
"title": "Target Column",
"type": "string"
},
"title": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Title"
},
"use_llms": {
"default": false,
"title": "Use Llms",
"type": "boolean"
},
"visibility": {
"default": "public",
"title": "Visibility",
"type": "string"
}
},
"required": [
"target_column"
],
"title": "discovery_analyzeArguments",
"type": "object"
},
"name": "discovery_analyze",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_analyzeOutput",
"type": "object"
}
},
{
"annotations": {
"readOnlyHint": true
},
"description": "Check the status of a Disco run.\n\n Returns current status and progress details:\n - status: \"pending\" | \"processing\" | \"completed\" | \"failed\"\n - job_status: underlying job queue status\n - queue_position: position in queue when pending (1 = next up)\n - current_step: active pipeline step (preprocessing, training, interpreting, reporting)\n - estimated_seconds: estimated total processing time in seconds\n - estimated_wait_seconds: estimated queue wait time in seconds (pending only)\n\n Poll this after calling discovery_analyze \u2014 runs typically take 3\u201315 minutes.\n Use discovery_get_results to fetch full results once status is \"completed\".\n\n Args:\n run_id: The run ID returned by discovery_analyze.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"run_id": {
"title": "Run Id",
"type": "string"
}
},
"required": [
"run_id"
],
"title": "discovery_statusArguments",
"type": "object"
},
"name": "discovery_status",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_statusOutput",
"type": "object"
}
},
{
"annotations": {
"readOnlyHint": true
},
"description": "Fetch the full results of a completed Disco run.\n\n Returns discovered patterns (with conditions, p-values, novelty scores,\n citations), feature importance scores, a summary with key insights, column\n statistics, and suggestions for what to explore next.\n\n The response includes a `dashboard_urls` object with direct links to each\n page of the interactive report \u2014 use these to direct the user to the most\n relevant view:\n - **summary**: AI-generated overview with key insights, novel findings, and plain-language explanation of the most important findings\n - **patterns**: Full list of discovered patterns with conditions, effect sizes, p-values, novelty scores, citations, and interactive visualisations\n - **features**: Feature importances, feature statistics and distribution plots, and correlation matrix\n - **territory**: Interactive 3D map showing how patterns select different regions of the data\n\n Only call this after discovery_status returns \"completed\".\n\n Args:\n run_id: The run ID returned by discovery_analyze.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"run_id": {
"title": "Run Id",
"type": "string"
}
},
"required": [
"run_id"
],
"title": "discovery_get_resultsArguments",
"type": "object"
},
"name": "discovery_get_results",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_get_resultsOutput",
"type": "object"
}
},
{
"annotations": {
"readOnlyHint": true
},
"description": "Check your Disco account status.\n\n Returns current plan, available credits (subscription + purchased), and\n payment method status. Use this to verify you have sufficient credits\n before running a private analysis.\n\n Args:\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
}
},
"title": "discovery_accountArguments",
"type": "object"
},
"name": "discovery_account",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_accountOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true
},
"description": "Create a Disco account and get an API key.\n\n Provide an email address to start the signup flow. If email verification\n is required, returns {\"status\": \"verification_required\"} \u2014 the user will\n receive a 6-digit code by email, then call discovery_signup_verify to\n complete signup and receive the API key. The free tier (10 credits/month,\n unlimited public runs) is active immediately. No authentication required.\n\n Returns 409 if the email is already registered.\n\n Args:\n email: Email address for the new account.\n name: Display name (optional \u2014 defaults to email local part).\n ",
"inputSchema": {
"properties": {
"email": {
"title": "Email",
"type": "string"
},
"name": {
"default": "",
"title": "Name",
"type": "string"
}
},
"required": [
"email"
],
"title": "discovery_signupArguments",
"type": "object"
},
"name": "discovery_signup",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_signupOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true
},
"description": "Complete Disco signup using an email verification code.\n\n Call this after discovery_signup returns {\"status\": \"verification_required\"}.\n The user receives a 6-digit code by email \u2014 pass it here along with the\n same email address used in discovery_signup. Returns an API key on success.\n\n Args:\n email: Email address used in the discovery_signup call.\n code: 6-digit verification code from the email.\n ",
"inputSchema": {
"properties": {
"code": {
"title": "Code",
"type": "string"
},
"email": {
"title": "Email",
"type": "string"
}
},
"required": [
"email",
"code"
],
"title": "discovery_signup_verifyArguments",
"type": "object"
},
"name": "discovery_signup_verify",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_signup_verifyOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true
},
"description": "Get a new API key for an existing Disco account.\n\n Sends a 6-digit verification code to the email address. Call\n discovery_login_verify with the code to receive a new API key.\n Use this when you need an API key for an account that already exists\n (e.g. the key was lost or this is a new agent session).\n\n Returns 404 if no account exists with this email \u2014 use discovery_signup instead.\n\n Args:\n email: Email address of the existing account.\n ",
"inputSchema": {
"properties": {
"email": {
"title": "Email",
"type": "string"
}
},
"required": [
"email"
],
"title": "discovery_loginArguments",
"type": "object"
},
"name": "discovery_login",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_loginOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true
},
"description": "Complete login and receive a new API key.\n\n Call this after discovery_login returns {\"status\": \"verification_required\"}.\n The user receives a 6-digit code by email \u2014 pass it here along with the\n same email address. Returns a new API key on success.\n\n Args:\n email: Email address used in the discovery_login call.\n code: 6-digit verification code from the email.\n ",
"inputSchema": {
"properties": {
"code": {
"title": "Code",
"type": "string"
},
"email": {
"title": "Email",
"type": "string"
}
},
"required": [
"email",
"code"
],
"title": "discovery_login_verifyArguments",
"type": "object"
},
"name": "discovery_login_verify",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_login_verifyOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true
},
"description": "Attach a Stripe payment method to your Disco account.\n\n The payment method must be tokenized via Stripe's API first \u2014 card details\n never touch Disco's servers. Required before purchasing credits\n or subscribing to a paid plan.\n\n To tokenize a card, call Stripe's API directly:\n POST https://api.stripe.com/v1/payment_methods\n with the stripe_publishable_key from your account info.\n\n Args:\n payment_method_id: Stripe payment method ID (pm_...) from Stripe's API.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"payment_method_id": {
"title": "Payment Method Id",
"type": "string"
}
},
"required": [
"payment_method_id"
],
"title": "discovery_add_payment_methodArguments",
"type": "object"
},
"name": "discovery_add_payment_method",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_add_payment_methodOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": true,
"idempotentHint": false
},
"description": "Purchase Disco credit packs using a stored payment method.\n\n Credits cost $0.10 each, sold in packs of 100 ($10/pack). Credits are used\n for private analyses (public analyses are free). Requires a payment method\n on file \u2014 use discovery_add_payment_method first.\n\n Args:\n packs: Number of 100-credit packs to purchase. Default 1.\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"packs": {
"default": 1,
"title": "Packs",
"type": "integer"
}
},
"title": "discovery_purchase_creditsArguments",
"type": "object"
},
"name": "discovery_purchase_credits",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_purchase_creditsOutput",
"type": "object"
}
},
{
"annotations": {
"destructiveHint": true,
"idempotentHint": true
},
"description": "Subscribe to or change your Disco plan.\n\n Available plans:\n - \"free_tier\": Explorer \u2014 free, 10 credits/month\n - \"tier_1\": Researcher \u2014 $49/month, 50 credits/month\n - \"tier_2\": Team \u2014 $199/month, 200 credits/month\n\n Paid plans require a payment method on file. Credits roll over on paid plans.\n\n Args:\n plan: Plan tier ID (\"free_tier\", \"tier_1\", or \"tier_2\").\n api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.\n ",
"inputSchema": {
"properties": {
"api_key": {
"anyOf": [
{
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"title": "Api Key"
},
"plan": {
"title": "Plan",
"type": "string"
}
},
"required": [
"plan"
],
"title": "discovery_subscribeArguments",
"type": "object"
},
"name": "discovery_subscribe",
"outputSchema": {
"properties": {
"result": {
"title": "Result",
"type": "string"
}
},
"required": [
"result"
],
"title": "discovery_subscribeOutput",
"type": "object"
}
}
]
}
},
"url": "https://disco.leap-labs.com/mcp"
},
"latency_ms": 218.07,
"status": "ok"
},
"transport_compliance_probe": {
"details": {
"bad_protocol_error": null,
"bad_protocol_headers": {
"content-type": "application/json",
"strict-transport-security": "max-age=63072000; includeSubDomains; preload"
},
"bad_protocol_payload": {
"error": {
"code": -32600,
"message": "Bad Request: Unsupported protocol version: 1999-99-99. Supported versions: 2024-11-05, 2025-03-26, 2025-06-18, 2025-11-25"
},
"id": "server-error",
"jsonrpc": "2.0"
},
"bad_protocol_status_code": 400,
"delete_error": null,
"delete_status_code": null,
"expired_session_error": null,
"expired_session_status_code": null,
"issues": [
"missing_session_id",
"missing_protocol_header"
],
"last_event_id_visible": false,
"protocol_header_present": false,
"requested_protocol_version": "2025-03-26",
"session_id_present": false,
"transport": "streamable-http"
},
"latency_ms": 173.1,
"status": "warning"
},
"utility_coverage_probe": {
"details": {
"completions": {
"advertised": false,
"live_probe": "not_executed",
"sample_target": null
},
"initialize_capability_keys": [
"experimental",
"prompts",
"resources",
"tools"
],
"pagination": {
"metadata_signal": false,
"next_cursor_methods": [],
"supported": false
},
"tasks": {
"advertised": false,
"http_status": 200,
"probe_status": "missing"
}
},
"latency_ms": 148.12,
"status": "missing"
}
},
"failures": {
"oauth_authorization_server": {
"reason": "no_authorization_server"
},
"oauth_protected_resource": {
"error": "Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://disco.leap-labs.com/.well-known/oauth-protected-resource"
},
"openid_configuration": {
"reason": "no_authorization_server"
},
"server_card": {
"error": "Client error '404 Not Found' for url 'https://disco.leap-labs.com/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://disco.leap-labs.com/.well-known/mcp/server-card.json"
}
},
"remote_url": "https://disco.leap-labs.com/mcp",
"server_card_payload": null,
"server_identifier": "com.leap-labs/discovery-engine"
}
Known versions
1.0.0
Validation history
7 day score delta
+0.0
30 day score delta
-1.0
Recent healthy ratio
100%
Freshness
605.9h
| Timestamp | Status | Score | Latency | Tools |
|---|---|---|---|---|
| Apr 09, 2026 12:02:00 AM UTC | Healthy | 70.9 | 3243.5 ms | 14 |
| Apr 07, 2026 11:59:40 PM UTC | Healthy | 72.5 | 3927.0 ms | 12 |
| Apr 06, 2026 11:57:36 PM UTC | Healthy | 72.5 | 1549.8 ms | 12 |
| Apr 05, 2026 11:55:01 PM UTC | Healthy | 72.5 | 1555.8 ms | 12 |
| Apr 04, 2026 11:53:20 PM UTC | Healthy | 72.5 | 4141.3 ms | 12 |
| Apr 03, 2026 11:52:35 PM UTC | Healthy | 71.9 | 3957.1 ms | 12 |
| Apr 02, 2026 11:51:12 PM UTC | Healthy | 72.5 | 6931.7 ms | 12 |
| Apr 01, 2026 11:37:26 PM UTC | Healthy | 71.9 | 4270.4 ms | 12 |
Validation timeline
| Validated | Summary | Score | Protocol | Auth mode | Tools | High-risk tools | Changes |
|---|---|---|---|---|---|---|---|
| Apr 09, 2026 12:02:00 AM UTC | Healthy | 70.9 | 2025-03-26 | public | 14 | 8 | tool_snapshot_changed |
| Apr 07, 2026 11:59:40 PM UTC | Healthy | 72.5 | 2025-03-26 | public | 12 | 8 | none |
| Apr 06, 2026 11:57:36 PM UTC | Healthy | 72.5 | 2025-03-26 | public | 12 | 8 | none |
| Apr 05, 2026 11:55:01 PM UTC | Healthy | 72.5 | 2025-03-26 | public | 12 | 8 | none |
| Apr 04, 2026 11:53:20 PM UTC | Healthy | 72.5 | 2025-03-26 | public | 12 | 8 | none |
| Apr 03, 2026 11:52:35 PM UTC | Healthy | 71.9 | 2025-03-26 | public | 12 | 8 | none |
| Apr 02, 2026 11:51:12 PM UTC | Healthy | 72.5 | 2025-03-26 | public | 12 | 8 | none |
| Apr 01, 2026 11:37:26 PM UTC | Healthy | 71.9 | 2025-03-26 | public | 12 | 8 | none |
| Mar 31, 2026 11:32:02 PM UTC | Healthy | 71.4 | 2025-03-26 | public | 12 | 8 | none |
| Mar 30, 2026 11:24:20 PM UTC | Healthy | 71.4 | 2025-03-26 | public | 12 | 8 | none |
| Mar 29, 2026 11:16:36 PM UTC | Healthy | 71.4 | 2025-03-26 | public | 12 | 8 | none |
| Mar 28, 2026 09:07:12 PM UTC | Healthy | 71.4 | 2025-03-26 | public | 12 | 8 | none |
Recent validation runs
| Started | Status | Summary | Latency | Checks |
|---|---|---|---|---|
| Apr 09, 2026 12:01:57 AM UTC | Completed | Healthy | 3243.5 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 07, 2026 11:59:36 PM UTC | Completed | Healthy | 3927.0 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 06, 2026 11:57:34 PM UTC | Completed | Healthy | 1549.8 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 05, 2026 11:55:00 PM UTC | Completed | Healthy | 1555.8 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 04, 2026 11:53:16 PM UTC | Completed | Healthy | 4141.3 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 03, 2026 11:52:31 PM UTC | Completed | Healthy | 3957.1 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 02, 2026 11:51:05 PM UTC | Completed | Healthy | 6931.7 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 01, 2026 11:37:22 PM UTC | Completed | Healthy | 4270.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Mar 31, 2026 11:32:00 PM UTC | Completed | Healthy | 1840.7 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Mar 30, 2026 11:24:16 PM UTC | Completed | Healthy | 3654.8 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |