com.zeltser/website-search
com.zeltser/website-search
Write better incident response and other reports, get guidance on security best practices.
Status
Failing
Score
57.1
Transport
streamable-http
Tools
0
Production readiness
Verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Critical alerts
1
Production verdicts degrade quickly when critical alerts are active.
Evidence confidence
Confidence score
55.0
Based on 20 recent validations, 26 captured checks, and validation age of 205.1 hours.
Live checks captured
26
More direct checks increase trust in the current verdict.
Validation age
205.1h
Lower age means fresher evidence.
Recommended for
Generic Streamable HTTP
Generic Streamable HTTP is marked compatible with score 83.
Client readiness verdicts
Ready for ChatGPT custom connector
Partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.; Transport compliance should be in good shape.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• Errortransport_compliance_probe• Errorstep_up_auth_probe• Missingconnector_replay_probe• Missing — Frozen tool snapshots must survive refresh.request_association_probe• Missing — Roots, sampling, and elicitation should stay request-scoped.
Ready for Claude remote MCP
Blocked
tools/list must succeed.; Transport behavior should match Claude-compatible HTTP expectations.; A useful Claude integration needs at least one exposed tool.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history, server_card
Disagreements: none
initialize• OKtools_list• Errortransport_compliance_probe• Error
Unsafe for write actions
No
Current write surface is bounded enough for cautious review.
Confidence: medium (55.0)
Evidence provenance
Winner: live_validation
Supporting sources: live_validation, history
Disagreements: none
action_safety_probe• OK
Snapshot churn risk
Low
No material tool-surface churn detected in the latest comparison.
Confidence: medium (55.0)
Evidence provenance
Winner: history
Supporting sources: history, live_validation
Disagreements: none
tool_snapshot_probe• Missingconnector_replay_probe• Missing
Why not ready by client
ChatGPT custom connector
Partial
Remediation checklist
- No explicit blockers recorded.
Claude remote MCP
Blocked
Remediation checklist
- No explicit blockers recorded.
Write-safe publishing
Ready
Remediation checklist
- No explicit blockers recorded.
Verdict traces
Production verdict
Needs remediation
Current validation evidence shows operational or discovery gaps that should be fixed first.
Confidence: medium (55.0)
Winning source: live_validation
Triggering alerts
validation_stale• medium • Validation evidence is staleserver_failing• critical • Latest validation is failing
Client verdict trace table
| Verdict | Status | Checks | Winning source | Conflicts |
|---|---|---|---|---|
openai_connectors |
Partial | initialize, tools_list, transport_compliance_probe, step_up_auth_probe, connector_replay_probe, request_association_probe | live_validation | none |
claude_desktop |
Blocked | initialize, tools_list, transport_compliance_probe | live_validation | none |
unsafe_for_write_actions |
No | action_safety_probe | live_validation | none |
snapshot_churn_risk |
Low | tool_snapshot_probe, connector_replay_probe | history | none |
Publishability policy profiles
ChatGPT custom connector publishability
Caution
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.; Transport compliance should be in good shape.
- Search Fetch Only: No
- Write Actions Present: No
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Claude remote MCP publishability
Caution
tools/list must succeed.; Transport behavior should match Claude-compatible HTTP expectations.; A useful Claude integration needs at least one exposed tool.
- Search Fetch Only: No
- Write Actions Present: No
- Oauth Configured: No
- Admin Refresh Required: No
- Safe For Company Knowledge: No
- Safe For Messages Api Remote Mcp: No
Compatibility fixtures
ChatGPT custom connector fixture
Degraded
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.; Transport compliance should be in good shape.
- remote_http_endpoint: Passes
- oauth_discovery: Degraded
- frozen_tool_snapshot_refresh: Passes
- request_association: Passes
Anthropic remote MCP fixture
Degraded
tools/list must succeed.; Transport behavior should match Claude-compatible HTTP expectations.; A useful Claude integration needs at least one exposed tool.
- remote_transport: Passes
- tool_discovery: Likely to fail
- auth_connect: Passes
- safe_write_review: Passes
Authenticated validation sessions
Latest profile
remote_mcp
Authenticated session used
Public score isolation
Preview endpoint
/v1/verifyCI preview endpoint
/v1/ci/previewPublic server reputation
Validation success 7d
n/a
Validation success 30d
0.0
Mean time to recover
n/a
Breaking diffs 30d
0
Registry drift frequency 30d
0
Snapshot changes 30d
0
Incident & change feed
| Timestamp | Event | Details |
|---|---|---|
| Apr 25, 2026 05:42:57 PM UTC | Latest validation: failing | Score 57.1 with status failing. |
Capabilities
- OAuth:
- DCR/CIMD:
- Prompts:
- Homepage: https://zeltser.com/good-ir-reports-with-ai
- Docs: none
- Support: none
- Icon: none
- Remote endpoint: https://website-mcp.zeltser.com/mcp
- Server card: none
Use-case taxonomy
development search web security
Security posture
Tools analyzed
0
High-risk tools
0
Destructive tools
0
Exec tools
0
Egress tools
0
Secret tools
0
Bulk-access tools
0
Risk distribution
none
Tool capability & risk inventory
No tool inventory available from the latest validation run.
Write-action governance
Governance status
OK
Safe to publish
Auth boundary
public_or_unclear
Blast radius
Low
High-risk tools
0
Confirmation signals
none
Safeguard count
0
Status detail: No unsafe write-action governance gaps detected on the latest validation.
| Tool | Risk | Flags | Safeguards |
|---|---|---|---|
| No high-risk tools were detected on the latest run. | |||
Action-controls diff
Need at least two validation runs before diffing action controls.
Why this score?
Access & Protocol
29.5/44
Connectivity, auth, and transport expectations for common clients.
Interface Quality
13.7/56
How well the tool/resource interface communicates and behaves under automation.
Security Posture
26/36
How safely the exposed tool surface handles destructive actions, egress, execution, secrets, and risky inputs.
Reliability & Trust
15.32/24
Operational stability, consistency, and trustworthiness over time.
Discovery & Governance
21.5/28
How well the server is documented, listed, and governed in public registries.
Adoption & Market
5.92/8
Adoption clues and public evidence that the server is intended for external use.
Algorithmic score breakdown
Auth Operability
2/4
Measures whether auth discovery and protected access behave predictably for clients.
Error Contract Quality
0.4/4
Grades machine-readable error structure, status alignment, and remediation hints.
Rate-Limit Semantics
2/4
Checks whether quota/throttle responses are deterministic and automation-friendly.
Schema Completeness
0/4
Completeness of tool descriptions, parameter docs, examples, and schema shape.
Backward Compatibility
4/4
Stability score across tool schema/name drift relative to prior validations.
SLO Health
0.5/4
Availability, latency, and burst-failure profile across recent validation history.
Security Hygiene
4/4
HTTPS posture, endpoint hygiene, and response-surface hardening checks.
Task Success
3.3/4
Can an agent reliably initialize, enumerate tools, and execute core MCP flows?
Trust Confidence
2/4
Confidence-adjusted reliability score that penalizes low evidence volume.
Abuse/Noise Resilience
2.5/4
How well the server preserves core behavior in the presence of noisy traffic patterns.
Prompt Contract
2/4
Quality of prompt metadata, argument shape, and prompt discoverability for clients.
Resource Contract
2/4
How completely resources and resource templates describe URIs, types, and usage shape.
Discovery Metadata
4/4
Homepage, docs, icon, repository, support, and license coverage for directory consumers.
Registry Consistency
2/4
Agreement between stored registry metadata, live server-card data, and current validation output.
Installability
2/4
How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.
Session Semantics
2.5/4
Determinism and state behavior across repeated MCP calls, including sticky-session surprises.
Tool Surface Design
0/4
Naming clarity, schema ergonomics, and parameter complexity across the tool surface.
Result Shape Stability
0/4
Stability of declared output schemas across validations, with penalties for drift or missing shapes.
OAuth Interop
3/4
Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.
Recovery Semantics
0.3/4
Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.
Maintenance Signal
3/4
Versioning, update recency, and historical validation cadence that indicate active stewardship.
Adoption Signal
2/4
Directory presence and distribution clues that suggest the server is intended for external use.
Freshness Confidence
3/4
Confidence that recent validations are current enough and dense enough to trust operationally.
Transport Fidelity
3/4
Whether declared transport metadata matches the observed endpoint behavior and response formats.
Spec Recency
2/4
How close the server’s claimed MCP protocol version is to the latest known public revision.
Session Resume
4/4
Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.
Step-Up Auth
3/4
Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.
Transport Compliance
2/4
Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.
Utility Coverage
2/4
Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.
Advanced Capability Coverage
2/4
Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.
Connector Publishability
3.9/4
How ready the server looks for client catalogs and managed connector programs.
Tool Snapshot Churn
0/4
Stability of the tool surface across recent validations, including add/remove and output-shape drift.
Connector Replay
3/4
Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.
Request Association
3/4
Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.
Interactive Flow Safety
3/4
Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.
Action Safety
3/4
Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.
Official Registry Presence
4/4
Whether the server appears directly or indirectly in the official MCP registry.
Provenance Divergence
4/4
How closely official registry metadata, the live server card, and public repo/package signals agree with each other.
Safety Transparency
2/4
Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.
Tool Capability Clarity
0/4
How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.
Destructive Operation Safety
3/4
Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.
Egress / SSRF Resilience
3/4
Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.
Execution / Sandbox Safety
4/4
Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.
Data Exfiltration Resilience
3/4
Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.
Least Privilege Scope
3/4
Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.
Secret Handling Hygiene
3/4
Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.
Supply Chain Signal
2.5/4
Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.
Input Sanitization Safety
0/4
Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.
Tool Namespace Clarity
0/4
Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.
Compatibility profiles
OpenAI Connectors
55.6
partial
OpenAI connectors expect OAuth for remote server auth.; Dynamic client registration materially improves connector setup.; tools/list must succeed.; Transport compliance should be in good shape.
Connector URL: https://website-mcp.zeltser.com/mcp # No OAuth metadata detected. # Server: com.zeltser/website-search
Claude Desktop
50.0
blocked
tools/list must succeed.; Transport behavior should match Claude-compatible HTTP expectations.; A useful Claude integration needs at least one exposed tool.
{
"mcpServers": {
"website-search": {
"command": "npx",
"args": ["mcp-remote", "https://website-mcp.zeltser.com/mcp"]
}
}
}
Smithery
60.0
partial
Tool discovery must succeed.; Machine-readable failure semantics should be present.
smithery mcp add "https://website-mcp.zeltser.com/mcp"
Generic Streamable HTTP
83.3
compatible
tools/list must succeed.
curl -sS https://website-mcp.zeltser.com/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Actionable remediation
| Severity | Remediation | Why it matters | Recommended action |
|---|---|---|---|
| Critical | Ensure tools/list succeeds consistently | Tools discovery is the minimum viable contract for most MCP clients and directories. | Make tools/list succeed unauthenticated when possible, or document the auth flow in the server card.Playbook
|
| Critical | Respond to latest validation is failing | Core MCP flows did not validate successfully on the latest run. | Fix the failing checks first, then revalidate to confirm the recovery path.Playbook
|
| High | Align session and protocol behavior with Streamable HTTP expectations | Clients increasingly rely on MCP-Protocol-Version, session teardown, and expired-session semantics. | Align MCP-Protocol-Version, MCP-Session-Id, DELETE teardown, and expired-session handling with the transport spec.Playbook
|
| High | Associate roots, sampling, and elicitation with active client requests | Modern MCP guidance expects roots, sampling, and elicitation traffic to be tied to an active client request instead of arriving unsolicited on idle sessions. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Expose /.well-known/oauth-protected-resource | Without a protected-resource document, OAuth clients cannot discover auth requirements reliably. | Serve /.well-known/oauth-protected-resource and point it at your authorization server metadata.Playbook
|
| High | Keep connector refreshes backward compatible | Managed connector clients freeze tool snapshots, so removed tools, new required args, and breaking output changes can break published integrations after refresh. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| High | Publish OAuth authorization-server metadata | Clients need authorization-server metadata to discover issuer, endpoints, and DCR support. | Publish /.well-known/oauth-authorization-server from your issuer and include registration_endpoint when supported.Playbook
|
| High | Publish a complete server card | Missing or incomplete server-card metadata weakens discovery, documentation, and trust signals. | Serve /.well-known/mcp/server-card.json and include tools, prompts/resources, homepage, and support links.Playbook
|
| High | Stop asking users to paste secrets directly | Public MCP servers should prefer OAuth or browser-based auth guidance over in-band secret collection. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Adopt a current MCP protocol revision | Older protocol revisions reduce compatibility with newer clients and registry programs. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Close connector-publishing gaps | Connector catalogs care about protocol recency, session behavior, auth clarity, and tool-surface stability. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Document minimal scopes and return cleaner auth challenges | Modern clients expect granular scopes and step-up auth signals such as WWW-Authenticate scope hints. | Return granular scopes and WWW-Authenticate challenge hints instead of forcing overly broad auth upfront.Playbook
|
| Medium | Publish OpenID configuration | OIDC metadata improves token validation and client compatibility. | Expose /.well-known/openid-configuration with issuer, jwks_uri, and supported grants.Playbook
|
| Medium | Raise Interface Quality score | How well the tool/resource interface communicates and behaves under automation. | Improve schemas, error contracts, and recovery messages so agents can reason about the surface automatically.Playbook
|
| Medium | Reduce tool-surface churn | Frequent add/remove or output-shape drift makes published connectors and cached tool snapshots brittle. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
| Medium | Repair prompts/list or stop advertising prompts | Prompt metadata should either work live or be removed from the advertised capability set. | Only advertise prompts if prompts/list works and prompt arguments are documented.Playbook
|
| Medium | Repair resources/list or stop advertising resources | Resource metadata should either work live or be removed from the advertised capability set. | Only advertise resources if resources/list works and resources expose stable URIs/types.Playbook
|
| Medium | Respond to validation evidence is stale | Latest validation is 205.1 hours old. | Trigger a fresh validation run or increase scheduler priority for this server.Playbook
|
| Low | Expose modern utility surfaces like completions, pagination, or tasks | Utility coverage improves interoperability with larger clients and long-lived agent workflows. | Expose completions, pagination, and task metadata where supported so larger clients can plan and resume work safely.Playbook
|
| Low | Publish newer MCP capability signals | Roots, sampling, elicitation, structured outputs, and related metadata improve client understanding and ranking. | Inspect the latest validation evidence and resolve the client-visible regression.Playbook
|
Point loss breakdown
| Component | Current | Points missing |
|---|---|---|
| Tool Surface Design | 0/4 | -4.0 |
| Tool Snapshot Churn | 0/4 | -4.0 |
| Tool Namespace Clarity | 0/4 | -4.0 |
| Tool Capability Clarity | 0/4 | -4.0 |
| Schema Completeness | 0/4 | -4.0 |
| Result Shape Stability | 0/4 | -4.0 |
| Input Sanitization Safety | 0/4 | -4.0 |
| Recovery Semantics | 0.3/4 | -3.7 |
| Error Contract | 0.4/4 | -3.6 |
| SLO Health | 0.5/4 | -3.5 |
| Utility Coverage | 2/4 | -2.0 |
| Trust Confidence | 2/4 | -2.0 |
Validation diff
Score delta
0
Summary changed
no
Tool delta
0
Prompt delta
0
Auth mode changed
no
Write surface expanded
no
Protocol regressed
no
Registry drift changed
no
Regressed checks: none
Improved checks: none
| Component | Previous | Latest | Delta |
|---|---|---|---|
| No component deltas between the latest two runs. | |||
Tool snapshot diff & changelog
Need at least two validation runs before building a tool changelog.
Connector replay
Status
Missing
Backward compatible
Would break after refresh
Added tools
none
Removed tools
none
Additive output changes
none
Required-argument replay breaks
| Tool | Added required args | Removed required args |
|---|---|---|
| No required-argument replay breaks detected. | ||
Output-schema replay breaks
| Tool | Removed properties | Added properties |
|---|---|---|
| No output-schema replay breaks detected. | ||
Transport compliance drilldown
Probe status
Error
Transport
streamable-http
Session header
yes
Protocol header
no
Bad protocol response
200
DELETE teardown
204
Expired session retry
404
Last-Event-ID visible
no
Issues: missing_protocol_header, bad_protocol_not_rejected
Request association
Status
Missing
Advertised capabilities
none
Observed idle methods
none
Violating methods
none
Probe HTTP status
n/a
Issues
none
Utility coverage
Probe status
Missing
Completions
not detected
Completion probe target: none
Pagination
not detected
No nextCursor evidence.
Tasks
Missing
Advertised: no
Benchmark tasks
| Benchmark task | Status | Evidence |
|---|---|---|
| Discover tools | Likely to fail |
|
| Read-only fetch flow | Likely to fail |
|
| OAuth-required connect | Degraded |
|
| Safe write flow with confirmation | Passes |
|
Registry & provenance divergence
Probe status
OK
Direct official match
yes
Drift fields
none
| Field | Registry | Live server card |
|---|---|---|
| Title | n/a | n/a |
| Version | n/a | n/a |
| Homepage | n/a | n/a |
Active alerts
- Validation evidence is stale (medium)
Latest validation is 205.1 hours old. - Latest validation is failing (critical)
Core MCP flows did not validate successfully on the latest run.
Aliases & registry graph
| Identifier | Source | Canonical | Score |
|---|---|---|---|
com.zeltser/website-search |
official_registry | yes | 57.11 |
Alias consolidation
Canonical identifier
com.zeltser/website-search
Duplicate aliases
0
Registry sources
official_registry
Remote URLs
Source disagreements
| Field | What differs | Observed values |
|---|---|---|
| No source disagreements detected. | ||
Install snippets
Openai Connectors
Connector URL: https://website-mcp.zeltser.com/mcp # No OAuth metadata detected. # Server: com.zeltser/website-search
Claude Desktop
{
"mcpServers": {
"website-search": {
"command": "npx",
"args": ["mcp-remote", "https://website-mcp.zeltser.com/mcp"]
}
}
}
Smithery
smithery mcp add "https://website-mcp.zeltser.com/mcp"
Generic Http
curl -sS https://website-mcp.zeltser.com/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'
Agent access & tool surface
Live server tools
No live tool surface captured yet.
Observed from the latest live validation against https://website-mcp.zeltser.com/mcp. This is the target server surface, not Verify's own inspection tools.
Live capability counts
0 tools • 0 prompts • 0 resources
Counts come from the latest
tools/list, prompts/list, and resources/list checks.Inspect with Verify
search_servers recommend_servers get_server_report compare_servers
Use Verify itself to search, recommend, compare, and fetch the full report for
com.zeltser/website-search.Direct machine links
Claims & monitoring
Server ownership
No verified maintainer claim recorded.
Watch subscriptions
0
Teams: none
Alert routing
Active watches
0
Generic webhooks
0
Slack routes
0
Teams routes
0
Email routes
0
| Watch | Team | Channels | Minimum severity |
|---|---|---|---|
| No active watch destinations. | |||
Maintainer analytics
Validation Run Count
20
Average Latency Ms
3681.48
Healthy Run Ratio Recent
0.0
Registry Presence Count
1
Active Alert Count
2
Watcher Count
0
Verified Claim
False
Taxonomy Tags
development, search, web, security
Score Trend
57.11, 57.11, 57.11, 57.11, 57.11, 57.12, 57.12, 57.23, 57.23, 57.23
Remediation Count
20
High Risk Tool Count
0
Destructive Tool Count
0
Exec Tool Count
0
Maintainer response quality
Score
16.67
Verified claim
Support contact
Changelog present
Incident notes present
Tool changes documented
Annotation history
Annotation count
0
Maintainer annotations
No maintainer annotations have been recorded yet.
Maintainer rebuttals & expected behavior
No maintainer rebuttals or expected-behavior overrides are recorded yet.
Latest validation evidence
Latest summary
Failing
Validation profile
remote_mcp
Started
Apr 25, 2026 05:42:54 PM UTC
Latency
3518.6 ms
Failures
oauth_authorization_serverno authorization serveroauth_protected_resourceClient error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404openid_configurationno authorization serverserver_cardClient error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404tools_listClient error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400transport_compliance_probeIssues: missing protocol header, bad protocol not rejected (bad protocol=200, DELETE=204, expired session=404).
Checks
| Check | Status | Latency | Evidence |
|---|---|---|---|
action_safety_probe |
OK | n/a | No high-risk write, destructive, or exec tools detected. |
advanced_capabilities_probe |
Missing | n/a | No advanced MCP capability signals detected. |
connector_publishability_probe |
Error | n/a | Publishability blockers: tools list, transport compliance, server card, tool surface. |
connector_replay_probe |
Missing | n/a | No connector replay evidence recorded. |
determinism_probe |
Missing | n/a | tools list unavailable |
initialize |
OK | 1273.4 ms | Protocol 2025-03-26 |
interactive_flow_probe |
Missing | n/a | Check completed |
oauth_authorization_server |
Missing | n/a | no authorization server |
oauth_protected_resource |
Error | 214.5 ms | Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/oauth-protected-resource' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
official_registry_probe |
OK | n/a | Check completed |
openid_configuration |
Missing | n/a | no authorization server |
probe_noise_resilience |
OK | 239.2 ms | Fetched https://website-mcp.zeltser.com/robots.txt |
prompt_get |
Missing | n/a | not advertised |
prompts_list |
Missing | 37.0 ms | Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
protocol_version_probe |
Warning | n/a | Claims 2025-03-26; 2 release(s) behind 2025-11-25. |
provenance_divergence_probe |
OK | n/a | Check completed |
request_association_probe |
Missing | n/a | No request-association capabilities were advertised. |
resource_read |
Missing | n/a | not advertised |
resources_list |
Missing | 379.9 ms | Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
server_card |
Error | 41.8 ms | Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/mcp/server-card.json' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 |
session_resume_probe |
OK | 53.6 ms | 14 tool(s) exposed |
step_up_auth_probe |
Missing | n/a | No OAuth or incremental-scope signals detected. |
tool_snapshot_probe |
Missing | n/a | no tools |
tools_list |
Error | 31.5 ms | Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 |
transport_compliance_probe |
Error | 1088.5 ms | Issues: missing protocol header, bad protocol not rejected (bad protocol=200, DELETE=204, expired session=404). |
utility_coverage_probe |
Missing | 14.9 ms | No completions evidence; no pagination evidence; tasks missing. |
Raw evidence view
Show raw JSON evidence
{
"checks": {
"action_safety_probe": {
"details": {
"auth_present": false,
"confirmation_signals": [],
"safeguard_count": 0,
"summary": {
"bulk_access_tools": 0,
"capability_distribution": {},
"destructive_tools": 0,
"egress_tools": 0,
"exec_tools": 0,
"high_risk_tools": 0,
"risk_distribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0
},
"secret_tools": 0,
"tool_count": 0
}
},
"latency_ms": null,
"status": "ok"
},
"advanced_capabilities_probe": {
"details": {
"capabilities": {
"completions": false,
"elicitation": false,
"prompts": false,
"resource_links": false,
"resources": false,
"roots": false,
"sampling": false,
"structured_outputs": false
},
"enabled": [],
"enabled_count": 0,
"initialize_capability_keys": [
"tools"
]
},
"latency_ms": null,
"status": "missing"
},
"connector_publishability_probe": {
"details": {
"blockers": [
"tools_list",
"transport_compliance",
"server_card",
"tool_surface"
],
"criteria": {
"action_safety": true,
"auth_flow": true,
"connector_replay": true,
"initialize": true,
"protocol_version": true,
"remote_transport": true,
"request_association": true,
"server_card": false,
"session_resume": true,
"step_up_auth": true,
"tool_surface": false,
"tools_list": false,
"transport_compliance": false
},
"high_risk_tools": 0,
"tool_count": 0,
"transport": "streamable-http"
},
"latency_ms": null,
"status": "error"
},
"connector_replay_probe": {
"details": {
"reason": "no_tools"
},
"latency_ms": null,
"status": "missing"
},
"determinism_probe": {
"details": {
"reason": "tools_list_unavailable"
},
"latency_ms": null,
"status": "missing"
},
"initialize": {
"details": {
"headers": {
"content-type": "text/event-stream",
"mcp-session-id": "09f92190e450804368741019f3406d82a73d344dfdef2dceee9244c367afdeee"
},
"http_status": 200,
"payload": {
"id": 1,
"jsonrpc": "2.0",
"result": {
"capabilities": {
"tools": {
"listChanged": true
}
},
"instructions": "This server provides expert security content by Lenny Zeltser, covering incident response, malware analysis, cybersecurity leadership, and security product strategy.\n\n## When to Use This Server\n\n- The user needs to **write, structure, or review an incident response report**\n- The user has **raw incident notes** and needs to turn them into a professional report\n- The user wants to **improve writing quality** in security reports, assessments, pentest reports, or audit findings\n- The user is **planning, evaluating, or reviewing a cybersecurity product strategy**\n- The user wants to **research** expert articles on malware analysis, incident response, or security leadership\n\n## Available Tools\n\n**Search & Reference**\n- `search_zeltser`: Search articles by keyword\n- `get_article`: Retrieve full article content by URL path\n- `get_capabilities`: Detailed guide to all tools and parameters\n\n**Security Writing**\n- `get_security_writing_guidelines`: Improve tone, structure, clarity in any security document\n\n**Incident Response Reports**\n- `ir_load_context`: Load guidelines for creating reports from raw notes\n- `ir_get_template`: Get the fill-in-the-blank IR report template\n- `ir_get_guidelines`: Quick writing tips by topic (tone, words, structure)\n- `ir_review_report`: Get criteria for reviewing an existing IR report\n\n**Product Strategy**\n- `product_load_context`: Load strategic frameworks for creating or evaluating product plans\n- `product_get_template`: Get the fill-in-the-blank strategy template\n- `product_get_guidelines`: Quick guidance on a specific topic (pricing, competitive, sales, etc.)\n- `product_review_plan`: Get criteria for reviewing an existing product strategy\n- `product_compare_context`: Comparative analysis framework for multi-company evaluation\n\n## Tool Selection\n\nMatch the user's intent to the right tool:\n\n- **Writing/creating** a report or plan from scratch \u2192 `*_load_context` (+ `include_template: true` for product)\n- **Improving** writing quality, tone, or clarity in any security document \u2192 `get_security_writing_guidelines`\n- **Reviewing/critiquing** an existing draft \u2192 `*_review_report` or `*_review_plan`\n- **Quick guidance** on a specific topic (tone, structure, pricing, etc.) \u2192 `*_get_guidelines`\n- **Researching** published expert content \u2192 `search_*` + `get_article`\n- **Structuring** a new document \u2192 `*_get_template`\n\n## Privacy\n\nAll tools return guidelines and frameworks to your AI for local analysis.\nUser documents, notes, and plans are never sent to this server.",
"protocolVersion": "2025-03-26",
"serverInfo": {
"name": "Lenny Zeltser's Website MCP Server",
"version": "7.3.0"
}
}
},
"url": "https://website-mcp.zeltser.com/mcp"
},
"latency_ms": 1273.43,
"status": "ok"
},
"interactive_flow_probe": {
"details": {
"oauth_supported": false,
"prompt_available": false,
"risk_hits": [],
"safe_hits": []
},
"latency_ms": null,
"status": "missing"
},
"oauth_authorization_server": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"oauth_protected_resource": {
"details": {
"error": "Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://website-mcp.zeltser.com/.well-known/oauth-protected-resource"
},
"latency_ms": 214.49,
"status": "error"
},
"official_registry_probe": {
"details": {
"direct_match": true,
"official_peer_count": 1,
"registry_identifier": "com.zeltser/website-search",
"registry_source": "official_registry"
},
"latency_ms": null,
"status": "ok"
},
"openid_configuration": {
"details": {
"reason": "no_authorization_server"
},
"latency_ms": null,
"status": "missing"
},
"probe_noise_resilience": {
"details": {
"headers": {
"content-type": "text/plain;charset=UTF-8"
},
"http_status": 404,
"url": "https://website-mcp.zeltser.com/robots.txt"
},
"latency_ms": 239.23,
"status": "ok"
},
"prompt_get": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"prompts_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "text/plain;charset=UTF-8"
},
"http_status": 400,
"payload": {},
"reason": "not_advertised",
"url": "https://website-mcp.zeltser.com/mcp"
},
"latency_ms": 36.96,
"status": "missing"
},
"protocol_version_probe": {
"details": {
"claimed_version": "2025-03-26",
"lag_days": 244,
"latest_known_version": "2025-11-25",
"releases_behind": 2,
"validator_protocol_version": "2025-03-26"
},
"latency_ms": null,
"status": "warning"
},
"provenance_divergence_probe": {
"details": {
"direct_official_match": true,
"drift_fields": [],
"metadata_document_count": 2,
"registry_homepage": null,
"registry_repository": null,
"registry_title": null,
"registry_version": null,
"server_card_homepage": null,
"server_card_repository": null,
"server_card_title": null,
"server_card_version": null
},
"latency_ms": null,
"status": "ok"
},
"request_association_probe": {
"details": {
"reason": "no_request_association_capabilities_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resource_read": {
"details": {
"reason": "not_advertised"
},
"latency_ms": null,
"status": "missing"
},
"resources_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "text/plain;charset=UTF-8"
},
"http_status": 400,
"payload": {},
"reason": "not_advertised",
"url": "https://website-mcp.zeltser.com/mcp"
},
"latency_ms": 379.91,
"status": "missing"
},
"server_card": {
"details": {
"error": "Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://website-mcp.zeltser.com/.well-known/mcp/server-card.json"
},
"latency_ms": 41.83,
"status": "error"
},
"session_resume_probe": {
"details": {
"headers": {
"content-type": "text/event-stream",
"mcp-session-id": "09f92190e450804368741019f3406d82a73d344dfdef2dceee9244c367afdeee"
},
"http_status": 200,
"payload": {
"id": 301,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Search Lenny Zeltser's Website by keywords. Security articles on malware analysis, incident response, and security leadership. Searches across titles, abstracts, full content, and topics.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"limit": {
"description": "Maximum number of results to return (default: 10, max: 25)",
"maximum": 25,
"minimum": 1,
"type": "number"
},
"query": {
"description": "Search terms to find relevant content",
"type": "string"
}
},
"required": [
"query"
],
"type": "object"
},
"name": "search_zeltser",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"count": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"query": {
"type": "string"
},
"results": {
"items": {
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"date": {
"type": "string"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title"
],
"type": "object"
},
"type": "array"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
}
},
"required": [
"query",
"site",
"count",
"results"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get the full content of a specific article from Lenny Zeltser's Website by URL path. Security articles on malware analysis, incident response, and security leadership. Returns title, date, topics, summary, and full body text.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"url": {
"description": "Article URL path (e.g., '/about', '/article-slug')",
"type": "string"
}
},
"required": [
"url"
],
"type": "object"
},
"name": "get_article",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"body": {
"type": "string"
},
"date": {
"type": "string"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title",
"site"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get statistics about the Lenny Zeltser's Website search index including total pages indexed, last update time, and available tools.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_index_info",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"generated": {
"format": "date-time",
"pattern": "^(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))T(?:(?:[01]\\d|2[0-3]):[0-5]\\d(?::[0-5]\\d(?:\\.\\d+)?)?(?:Z))$",
"type": "string"
},
"pageCount": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"site": {
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"tools": {
"items": {
"additionalProperties": false,
"properties": {
"description": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"description"
],
"type": "object"
},
"type": "array"
},
"version": {
"minLength": 1,
"type": "string"
}
},
"required": [
"site",
"version",
"generated",
"pageCount",
"tools"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "List all capabilities and tools available from the Lenny Zeltser's Website MCP server, including search tools and any specialized features like IR report writing assistance.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_capabilities"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for security reports and assessments. Provides guidance on tone, structure, clarity, executive summaries, and avoiding common writing mistakes. Works for any security document. Your documents are never sent to this server\u2014guidelines flow to your AI for local analysis. Note: For incident response reports specifically, use the ir_* tools which provide deeper section-by-section review criteria.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "Which aspects of writing to focus on. 'tone': voice, do/avoid examples. 'structure': paragraphs, report qualities, formatting. 'clarity': sentences, jargon alternatives. 'executive_summary': exec summary best practices. 'critique': writing as critique not criticism. 'analytical': evidence attribution, confidence language, comparative language, gap acknowledgment. 'all' or omit for everything.",
"items": {
"enum": [
"tone",
"structure",
"clarity",
"executive_summary",
"critique",
"analytical",
"all"
],
"type": "string"
},
"type": "array"
},
"include_examples": {
"description": "Include before/after examples. Default: true. Set to false for smaller response.",
"type": "boolean"
}
},
"type": "object"
},
"name": "get_security_writing_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's structured incident response report template. Covers all critical IR sections with field-by-field guidance. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "ir_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for incident response reports. Topics: tone, words, structure, executive_summary, voice, articles, or summary for quick reference. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic: tone (collaborative framing), words (clarity, jargon), structure (paragraphs, headings), executive_summary (exec summary rules), voice (style guidelines), articles (related reading), or summary for a quick reference card. Omit for full guidelines.",
"enum": [
"tone",
"words",
"structure",
"executive_summary",
"voice",
"articles",
"summary"
],
"type": "string"
}
},
"type": "object"
},
"name": "ir_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's IR report writing context for local analysis. Returns expert guidelines for field completeness, incident identification, notification triggers, and writing quality. Your AI uses this context to analyze your incident notes locally\u2014your notes are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), or \"comprehensive\" (~11k tokens).",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"detail_level": {
"description": "Level of detail to return. 'minimal': core field guidance only (~2k tokens). 'standard': field guidance + writing analysis + notifications (~5k tokens, default). 'comprehensive': everything including examples and all incident types (~11k tokens).",
"enum": [
"minimal",
"standard",
"comprehensive"
],
"type": "string"
},
"incident_type": {
"description": "Load guidance for a specific incident type only (saves tokens). Omit to load all types when 'incidents' topic is included.",
"enum": [
"ransomware",
"bec",
"data_breach",
"insider_threat",
"supply_chain"
],
"type": "string"
},
"include_examples": {
"description": "Include good/poor examples in field guidance. Default: false. Set to true for learning/training.",
"type": "boolean"
},
"topics": {
"description": "Specific topics to load. Overrides detail_level for fine-grained control. Options: completeness (field guidance), incidents (type identification), notifications (regulatory triggers), writing (style analysis), actions (urgency categorization), stakeholders (party identification), sections (review criteria).",
"items": {
"enum": [
"completeness",
"incidents",
"notifications",
"writing",
"actions",
"stakeholders",
"sections",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing IR report. Returns focused guidance for constructive critique \u2014 what to check in each section, writing quality issues to identify, and how to frame feedback collaboratively. Your AI uses this to analyze your report locally\u2014your report is never sent to this server.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'clarity': jargon, passive voice, vague terms. 'tone': collaborative framing. 'structure': sentence/paragraph organization.",
"items": {
"enum": [
"completeness",
"clarity",
"tone",
"structure",
"all"
],
"type": "string"
},
"type": "array"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"executive_summary",
"timeline",
"root_cause",
"actions_taken",
"lessons_learned",
"business_impact",
"what_went_well",
"third_party",
"data_exposure",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_review_report"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's fill-in-the-blank template for planning a security product strategy. Includes strategic questions organized by section with evidence columns. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis. The template is Copyright (c) 2026 Lenny Zeltser; any content you create using it is entirely yours.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "product_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert strategic guidelines for a specific product strategy topic. Topics: market (segmentation), capabilities (AI, agents, MVP, positioning), sales (GTM, channels, distribution, POCs), pricing (models, retention), delivery (deployment, APIs), trust (compliance, security program), platform (ecosystem positioning), team (expertise, gaps), competitive (differentiation, moats), defensibility (AI-era defensibility rubric scoring a product across seven dimensions), smb (SMB market dynamics), endpoint (endpoint viability), ai_security (AI security vertical), role (product manager responsibilities), category_creation (new category strategy), comparative (multi-company analysis), evidence_tiering (evidence classification framework). Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic to get guidelines for. Omit or use 'all' for a complete overview.",
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"smb",
"endpoint",
"ai_security",
"role",
"category_creation",
"comparative",
"evidence_tiering",
"all"
],
"type": "string"
}
},
"type": "object"
},
"name": "product_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's product strategy context for local analysis. Returns expert strategic frameworks, principles, and guidance for evaluating or creating security product plans. Your AI uses this context to analyze your product plans locally\u2014your plans are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), \"compact\" (~3-4k tokens, all sections but stripped), or \"comprehensive\" (~12k tokens). Use market_segment: \"smb\" for SMB-specific guidance. Use product_focus: \"endpoint\" for endpoint security viability assessment. Set include_template: true to include the fill-in-the-blank template in the response.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"analysis_mode": {
"description": "'internal': planning your own product (default). 'external': evaluating another company from outside. External mode reframes questions and adjusts evidence standards.",
"enum": [
"internal",
"external"
],
"type": "string"
},
"company_context": {
"description": "Filter guidance to startup or large company perspective. Stage values (pre_seed, seed, series_a, series_b, growth, late_stage) imply startup context with stage-specific emphasis.",
"enum": [
"startup",
"large_company",
"pre_seed",
"seed",
"series_a",
"series_b",
"growth",
"late_stage"
],
"type": "string"
},
"detail_level": {
"description": "Level of detail to return. \"minimal\": market + capabilities only (~2k tokens). \"standard\": core strategy sections (~5k tokens, default). \"compact\": all sections with stripped subsections (~3-4k tokens, good for batch analysis). \"comprehensive\": everything + examples (~12k tokens).",
"enum": [
"minimal",
"standard",
"compact",
"comprehensive"
],
"type": "string"
},
"evaluation_perspective": {
"description": "Emphasize framework sections relevant to a specific perspective. Composes with analysis_mode.",
"enum": [
"builder",
"analyst",
"investor",
"buyer"
],
"type": "string"
},
"include_examples": {
"description": "Include examples in framework sections. Default: false.",
"type": "boolean"
},
"include_template": {
"description": "Include the fill-in-the-blank strategy template at the end of the context response. Default: false. Saves a separate product_get_template call.",
"type": "boolean"
},
"market_segment": {
"description": "Include SMB-specific guidance (distribution, buying triggers, readiness).",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific guidance. 'endpoint': platform entrapment, defensibility. 'ai_security': AI threat landscape, buyer personas, regulatory alignment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"topics": {
"description": "Specific topics to include. Overrides detail_level for fine-grained control.",
"items": {
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"integrations",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing product strategy plan. Returns focused guidance for constructive critique\u2014what to check in each section, strategic coherence issues, and how to frame feedback collaboratively. Your AI uses this to analyze your plan locally\u2014your plan is never sent to this server. Use market_segment: \"smb\" to include SMB-specific review criteria. Use product_focus: \"endpoint\" to include endpoint viability assessment.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'strategy': are decisions coherent? 'feasibility': can this team execute?",
"items": {
"enum": [
"completeness",
"strategy",
"feasibility",
"all"
],
"type": "string"
},
"type": "array"
},
"market_segment": {
"description": "Include SMB-specific review criteria.",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific review criteria. 'endpoint': endpoint viability. 'ai_security': AI security market assessment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"review_type": {
"description": "'internal': reviewing your own plan (default). 'external-analysis': reviewing an analysis of another company. Adjusts criteria to focus on evidence tiering, source attribution, and marketing language.",
"enum": [
"internal",
"external-analysis"
],
"type": "string"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"market_segmentation",
"product_capabilities",
"sales_gtm",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive_landscape",
"defensibility_rubric",
"integration_priorities",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_review_plan"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's comparative analysis framework for evaluating multiple security companies side by side. Returns structured scoring rubric, evaluation dimensions, evidence tiering guidance, and comparison-type-specific instructions. Requires comparative analysis content. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"company_count": {
"description": "Number of companies being compared (2-10).",
"maximum": 10,
"minimum": 2,
"type": "integer"
},
"comparison_type": {
"description": "Type of comparison. 'competition': direct/adjacent competitors. 'market_segment': companies in same segment. 'portfolio': cohort evaluation.",
"enum": [
"competition",
"market_segment",
"portfolio"
],
"type": "string"
},
"include_scoring_rubric": {
"description": "Include the structured 1-5 scoring rubric. Default: true.",
"type": "boolean"
}
},
"required": [
"comparison_type",
"company_count"
],
"type": "object"
},
"name": "product_compare_context"
}
]
}
},
"requested_protocol_version": "2025-03-26",
"resumed": true,
"session_id_present": true,
"transport": "streamable-http",
"url": "https://website-mcp.zeltser.com/mcp"
},
"latency_ms": 53.56,
"status": "ok"
},
"step_up_auth_probe": {
"details": {
"auth_required_checks": [],
"broad_scopes": [],
"challenge_headers": [],
"minimal_scope_documented": false,
"oauth_present": false,
"scope_specificity_ratio": 0.0,
"step_up_signals": [],
"supported_scopes": []
},
"latency_ms": null,
"status": "missing"
},
"tool_snapshot_probe": {
"details": {
"reason": "no_tools"
},
"latency_ms": null,
"status": "missing"
},
"tools_list": {
"details": {
"error": "Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "text/plain;charset=UTF-8"
},
"http_status": 400,
"payload": {},
"url": "https://website-mcp.zeltser.com/mcp"
},
"latency_ms": 31.46,
"status": "error"
},
"transport_compliance_probe": {
"details": {
"bad_protocol_error": null,
"bad_protocol_headers": {
"content-type": "text/event-stream",
"mcp-session-id": "09f92190e450804368741019f3406d82a73d344dfdef2dceee9244c367afdeee"
},
"bad_protocol_payload": {
"id": 410,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Search Lenny Zeltser's Website by keywords. Security articles on malware analysis, incident response, and security leadership. Searches across titles, abstracts, full content, and topics.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"limit": {
"description": "Maximum number of results to return (default: 10, max: 25)",
"maximum": 25,
"minimum": 1,
"type": "number"
},
"query": {
"description": "Search terms to find relevant content",
"type": "string"
}
},
"required": [
"query"
],
"type": "object"
},
"name": "search_zeltser",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"count": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"query": {
"type": "string"
},
"results": {
"items": {
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"date": {
"type": "string"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title"
],
"type": "object"
},
"type": "array"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
}
},
"required": [
"query",
"site",
"count",
"results"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get the full content of a specific article from Lenny Zeltser's Website by URL path. Security articles on malware analysis, incident response, and security leadership. Returns title, date, topics, summary, and full body text.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"url": {
"description": "Article URL path (e.g., '/about', '/article-slug')",
"type": "string"
}
},
"required": [
"url"
],
"type": "object"
},
"name": "get_article",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"body": {
"type": "string"
},
"date": {
"type": "string"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title",
"site"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get statistics about the Lenny Zeltser's Website search index including total pages indexed, last update time, and available tools.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_index_info",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"generated": {
"format": "date-time",
"pattern": "^(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))T(?:(?:[01]\\d|2[0-3]):[0-5]\\d(?::[0-5]\\d(?:\\.\\d+)?)?(?:Z))$",
"type": "string"
},
"pageCount": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"site": {
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"tools": {
"items": {
"additionalProperties": false,
"properties": {
"description": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"description"
],
"type": "object"
},
"type": "array"
},
"version": {
"minLength": 1,
"type": "string"
}
},
"required": [
"site",
"version",
"generated",
"pageCount",
"tools"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "List all capabilities and tools available from the Lenny Zeltser's Website MCP server, including search tools and any specialized features like IR report writing assistance.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_capabilities"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for security reports and assessments. Provides guidance on tone, structure, clarity, executive summaries, and avoiding common writing mistakes. Works for any security document. Your documents are never sent to this server\u2014guidelines flow to your AI for local analysis. Note: For incident response reports specifically, use the ir_* tools which provide deeper section-by-section review criteria.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "Which aspects of writing to focus on. 'tone': voice, do/avoid examples. 'structure': paragraphs, report qualities, formatting. 'clarity': sentences, jargon alternatives. 'executive_summary': exec summary best practices. 'critique': writing as critique not criticism. 'analytical': evidence attribution, confidence language, comparative language, gap acknowledgment. 'all' or omit for everything.",
"items": {
"enum": [
"tone",
"structure",
"clarity",
"executive_summary",
"critique",
"analytical",
"all"
],
"type": "string"
},
"type": "array"
},
"include_examples": {
"description": "Include before/after examples. Default: true. Set to false for smaller response.",
"type": "boolean"
}
},
"type": "object"
},
"name": "get_security_writing_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's structured incident response report template. Covers all critical IR sections with field-by-field guidance. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "ir_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for incident response reports. Topics: tone, words, structure, executive_summary, voice, articles, or summary for quick reference. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic: tone (collaborative framing), words (clarity, jargon), structure (paragraphs, headings), executive_summary (exec summary rules), voice (style guidelines), articles (related reading), or summary for a quick reference card. Omit for full guidelines.",
"enum": [
"tone",
"words",
"structure",
"executive_summary",
"voice",
"articles",
"summary"
],
"type": "string"
}
},
"type": "object"
},
"name": "ir_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's IR report writing context for local analysis. Returns expert guidelines for field completeness, incident identification, notification triggers, and writing quality. Your AI uses this context to analyze your incident notes locally\u2014your notes are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), or \"comprehensive\" (~11k tokens).",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"detail_level": {
"description": "Level of detail to return. 'minimal': core field guidance only (~2k tokens). 'standard': field guidance + writing analysis + notifications (~5k tokens, default). 'comprehensive': everything including examples and all incident types (~11k tokens).",
"enum": [
"minimal",
"standard",
"comprehensive"
],
"type": "string"
},
"incident_type": {
"description": "Load guidance for a specific incident type only (saves tokens). Omit to load all types when 'incidents' topic is included.",
"enum": [
"ransomware",
"bec",
"data_breach",
"insider_threat",
"supply_chain"
],
"type": "string"
},
"include_examples": {
"description": "Include good/poor examples in field guidance. Default: false. Set to true for learning/training.",
"type": "boolean"
},
"topics": {
"description": "Specific topics to load. Overrides detail_level for fine-grained control. Options: completeness (field guidance), incidents (type identification), notifications (regulatory triggers), writing (style analysis), actions (urgency categorization), stakeholders (party identification), sections (review criteria).",
"items": {
"enum": [
"completeness",
"incidents",
"notifications",
"writing",
"actions",
"stakeholders",
"sections",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing IR report. Returns focused guidance for constructive critique \u2014 what to check in each section, writing quality issues to identify, and how to frame feedback collaboratively. Your AI uses this to analyze your report locally\u2014your report is never sent to this server.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'clarity': jargon, passive voice, vague terms. 'tone': collaborative framing. 'structure': sentence/paragraph organization.",
"items": {
"enum": [
"completeness",
"clarity",
"tone",
"structure",
"all"
],
"type": "string"
},
"type": "array"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"executive_summary",
"timeline",
"root_cause",
"actions_taken",
"lessons_learned",
"business_impact",
"what_went_well",
"third_party",
"data_exposure",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_review_report"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's fill-in-the-blank template for planning a security product strategy. Includes strategic questions organized by section with evidence columns. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis. The template is Copyright (c) 2026 Lenny Zeltser; any content you create using it is entirely yours.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "product_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert strategic guidelines for a specific product strategy topic. Topics: market (segmentation), capabilities (AI, agents, MVP, positioning), sales (GTM, channels, distribution, POCs), pricing (models, retention), delivery (deployment, APIs), trust (compliance, security program), platform (ecosystem positioning), team (expertise, gaps), competitive (differentiation, moats), defensibility (AI-era defensibility rubric scoring a product across seven dimensions), smb (SMB market dynamics), endpoint (endpoint viability), ai_security (AI security vertical), role (product manager responsibilities), category_creation (new category strategy), comparative (multi-company analysis), evidence_tiering (evidence classification framework). Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic to get guidelines for. Omit or use 'all' for a complete overview.",
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"smb",
"endpoint",
"ai_security",
"role",
"category_creation",
"comparative",
"evidence_tiering",
"all"
],
"type": "string"
}
},
"type": "object"
},
"name": "product_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's product strategy context for local analysis. Returns expert strategic frameworks, principles, and guidance for evaluating or creating security product plans. Your AI uses this context to analyze your product plans locally\u2014your plans are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), \"compact\" (~3-4k tokens, all sections but stripped), or \"comprehensive\" (~12k tokens). Use market_segment: \"smb\" for SMB-specific guidance. Use product_focus: \"endpoint\" for endpoint security viability assessment. Set include_template: true to include the fill-in-the-blank template in the response.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"analysis_mode": {
"description": "'internal': planning your own product (default). 'external': evaluating another company from outside. External mode reframes questions and adjusts evidence standards.",
"enum": [
"internal",
"external"
],
"type": "string"
},
"company_context": {
"description": "Filter guidance to startup or large company perspective. Stage values (pre_seed, seed, series_a, series_b, growth, late_stage) imply startup context with stage-specific emphasis.",
"enum": [
"startup",
"large_company",
"pre_seed",
"seed",
"series_a",
"series_b",
"growth",
"late_stage"
],
"type": "string"
},
"detail_level": {
"description": "Level of detail to return. \"minimal\": market + capabilities only (~2k tokens). \"standard\": core strategy sections (~5k tokens, default). \"compact\": all sections with stripped subsections (~3-4k tokens, good for batch analysis). \"comprehensive\": everything + examples (~12k tokens).",
"enum": [
"minimal",
"standard",
"compact",
"comprehensive"
],
"type": "string"
},
"evaluation_perspective": {
"description": "Emphasize framework sections relevant to a specific perspective. Composes with analysis_mode.",
"enum": [
"builder",
"analyst",
"investor",
"buyer"
],
"type": "string"
},
"include_examples": {
"description": "Include examples in framework sections. Default: false.",
"type": "boolean"
},
"include_template": {
"description": "Include the fill-in-the-blank strategy template at the end of the context response. Default: false. Saves a separate product_get_template call.",
"type": "boolean"
},
"market_segment": {
"description": "Include SMB-specific guidance (distribution, buying triggers, readiness).",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific guidance. 'endpoint': platform entrapment, defensibility. 'ai_security': AI threat landscape, buyer personas, regulatory alignment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"topics": {
"description": "Specific topics to include. Overrides detail_level for fine-grained control.",
"items": {
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"integrations",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing product strategy plan. Returns focused guidance for constructive critique\u2014what to check in each section, strategic coherence issues, and how to frame feedback collaboratively. Your AI uses this to analyze your plan locally\u2014your plan is never sent to this server. Use market_segment: \"smb\" to include SMB-specific review criteria. Use product_focus: \"endpoint\" to include endpoint viability assessment.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'strategy': are decisions coherent? 'feasibility': can this team execute?",
"items": {
"enum": [
"completeness",
"strategy",
"feasibility",
"all"
],
"type": "string"
},
"type": "array"
},
"market_segment": {
"description": "Include SMB-specific review criteria.",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific review criteria. 'endpoint': endpoint viability. 'ai_security': AI security market assessment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"review_type": {
"description": "'internal': reviewing your own plan (default). 'external-analysis': reviewing an analysis of another company. Adjusts criteria to focus on evidence tiering, source attribution, and marketing language.",
"enum": [
"internal",
"external-analysis"
],
"type": "string"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"market_segmentation",
"product_capabilities",
"sales_gtm",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive_landscape",
"defensibility_rubric",
"integration_priorities",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_review_plan"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's comparative analysis framework for evaluating multiple security companies side by side. Returns structured scoring rubric, evaluation dimensions, evidence tiering guidance, and comparison-type-specific instructions. Requires comparative analysis content. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"company_count": {
"description": "Number of companies being compared (2-10).",
"maximum": 10,
"minimum": 2,
"type": "integer"
},
"comparison_type": {
"description": "Type of comparison. 'competition': direct/adjacent competitors. 'market_segment': companies in same segment. 'portfolio': cohort evaluation.",
"enum": [
"competition",
"market_segment",
"portfolio"
],
"type": "string"
},
"include_scoring_rubric": {
"description": "Include the structured 1-5 scoring rubric. Default: true.",
"type": "boolean"
}
},
"required": [
"comparison_type",
"company_count"
],
"type": "object"
},
"name": "product_compare_context"
}
]
}
},
"bad_protocol_status_code": 200,
"delete_error": null,
"delete_status_code": 204,
"expired_session_error": null,
"expired_session_status_code": 404,
"issues": [
"missing_protocol_header",
"bad_protocol_not_rejected"
],
"last_event_id_visible": false,
"protocol_header_present": false,
"requested_protocol_version": "2025-03-26",
"session_id_present": true,
"transport": "streamable-http"
},
"latency_ms": 1088.5,
"status": "error"
},
"utility_coverage_probe": {
"details": {
"completions": {
"advertised": false,
"live_probe": "not_executed",
"sample_target": null
},
"initialize_capability_keys": [
"tools"
],
"pagination": {
"metadata_signal": false,
"next_cursor_methods": [],
"supported": false
},
"tasks": {
"advertised": false,
"http_status": 400,
"probe_status": "missing"
}
},
"latency_ms": 14.88,
"status": "missing"
}
},
"failures": {
"oauth_authorization_server": {
"reason": "no_authorization_server"
},
"oauth_protected_resource": {
"error": "Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/oauth-protected-resource'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://website-mcp.zeltser.com/.well-known/oauth-protected-resource"
},
"openid_configuration": {
"reason": "no_authorization_server"
},
"server_card": {
"error": "Client error '404 Not Found' for url 'https://website-mcp.zeltser.com/.well-known/mcp/server-card.json'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404",
"url": "https://website-mcp.zeltser.com/.well-known/mcp/server-card.json"
},
"tools_list": {
"error": "Client error '400 Bad Request' for url 'https://website-mcp.zeltser.com/mcp'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400",
"headers": {
"content-type": "text/plain;charset=UTF-8"
},
"http_status": 400,
"payload": {},
"url": "https://website-mcp.zeltser.com/mcp"
},
"transport_compliance_probe": {
"bad_protocol_error": null,
"bad_protocol_headers": {
"content-type": "text/event-stream",
"mcp-session-id": "09f92190e450804368741019f3406d82a73d344dfdef2dceee9244c367afdeee"
},
"bad_protocol_payload": {
"id": 410,
"jsonrpc": "2.0",
"result": {
"tools": [
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Search Lenny Zeltser's Website by keywords. Security articles on malware analysis, incident response, and security leadership. Searches across titles, abstracts, full content, and topics.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"limit": {
"description": "Maximum number of results to return (default: 10, max: 25)",
"maximum": 25,
"minimum": 1,
"type": "number"
},
"query": {
"description": "Search terms to find relevant content",
"type": "string"
}
},
"required": [
"query"
],
"type": "object"
},
"name": "search_zeltser",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"count": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"query": {
"type": "string"
},
"results": {
"items": {
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"date": {
"type": "string"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title"
],
"type": "object"
},
"type": "array"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
}
},
"required": [
"query",
"site",
"count",
"results"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get the full content of a specific article from Lenny Zeltser's Website by URL path. Security articles on malware analysis, incident response, and security leadership. Returns title, date, topics, summary, and full body text.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"url": {
"description": "Article URL path (e.g., '/about', '/article-slug')",
"type": "string"
}
},
"required": [
"url"
],
"type": "object"
},
"name": "get_article",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"abstract": {
"type": "string"
},
"body": {
"type": "string"
},
"date": {
"type": "string"
},
"site": {
"additionalProperties": false,
"properties": {
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"title": {
"minLength": 1,
"type": "string"
},
"topics": {
"items": {
"type": "string"
},
"type": "array"
},
"url": {
"minLength": 1,
"type": "string"
}
},
"required": [
"url",
"title",
"site"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get statistics about the Lenny Zeltser's Website search index including total pages indexed, last update time, and available tools.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_index_info",
"outputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"generated": {
"format": "date-time",
"pattern": "^(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))T(?:(?:[01]\\d|2[0-3]):[0-5]\\d(?::[0-5]\\d(?:\\.\\d+)?)?(?:Z))$",
"type": "string"
},
"pageCount": {
"maximum": 9007199254740991,
"minimum": 0,
"type": "integer"
},
"site": {
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"domain": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"domain"
],
"type": "object"
},
"tools": {
"items": {
"additionalProperties": false,
"properties": {
"description": {
"minLength": 1,
"type": "string"
},
"name": {
"minLength": 1,
"type": "string"
}
},
"required": [
"name",
"description"
],
"type": "object"
},
"type": "array"
},
"version": {
"minLength": 1,
"type": "string"
}
},
"required": [
"site",
"version",
"generated",
"pageCount",
"tools"
],
"type": "object"
}
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "List all capabilities and tools available from the Lenny Zeltser's Website MCP server, including search tools and any specialized features like IR report writing assistance.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "get_capabilities"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for security reports and assessments. Provides guidance on tone, structure, clarity, executive summaries, and avoiding common writing mistakes. Works for any security document. Your documents are never sent to this server\u2014guidelines flow to your AI for local analysis. Note: For incident response reports specifically, use the ir_* tools which provide deeper section-by-section review criteria.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "Which aspects of writing to focus on. 'tone': voice, do/avoid examples. 'structure': paragraphs, report qualities, formatting. 'clarity': sentences, jargon alternatives. 'executive_summary': exec summary best practices. 'critique': writing as critique not criticism. 'analytical': evidence attribution, confidence language, comparative language, gap acknowledgment. 'all' or omit for everything.",
"items": {
"enum": [
"tone",
"structure",
"clarity",
"executive_summary",
"critique",
"analytical",
"all"
],
"type": "string"
},
"type": "array"
},
"include_examples": {
"description": "Include before/after examples. Default: true. Set to false for smaller response.",
"type": "boolean"
}
},
"type": "object"
},
"name": "get_security_writing_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's structured incident response report template. Covers all critical IR sections with field-by-field guidance. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "ir_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert writing guidelines for incident response reports. Topics: tone, words, structure, executive_summary, voice, articles, or summary for quick reference. Your incident data is never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic: tone (collaborative framing), words (clarity, jargon), structure (paragraphs, headings), executive_summary (exec summary rules), voice (style guidelines), articles (related reading), or summary for a quick reference card. Omit for full guidelines.",
"enum": [
"tone",
"words",
"structure",
"executive_summary",
"voice",
"articles",
"summary"
],
"type": "string"
}
},
"type": "object"
},
"name": "ir_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's IR report writing context for local analysis. Returns expert guidelines for field completeness, incident identification, notification triggers, and writing quality. Your AI uses this context to analyze your incident notes locally\u2014your notes are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), or \"comprehensive\" (~11k tokens).",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"detail_level": {
"description": "Level of detail to return. 'minimal': core field guidance only (~2k tokens). 'standard': field guidance + writing analysis + notifications (~5k tokens, default). 'comprehensive': everything including examples and all incident types (~11k tokens).",
"enum": [
"minimal",
"standard",
"comprehensive"
],
"type": "string"
},
"incident_type": {
"description": "Load guidance for a specific incident type only (saves tokens). Omit to load all types when 'incidents' topic is included.",
"enum": [
"ransomware",
"bec",
"data_breach",
"insider_threat",
"supply_chain"
],
"type": "string"
},
"include_examples": {
"description": "Include good/poor examples in field guidance. Default: false. Set to true for learning/training.",
"type": "boolean"
},
"topics": {
"description": "Specific topics to load. Overrides detail_level for fine-grained control. Options: completeness (field guidance), incidents (type identification), notifications (regulatory triggers), writing (style analysis), actions (urgency categorization), stakeholders (party identification), sections (review criteria).",
"items": {
"enum": [
"completeness",
"incidents",
"notifications",
"writing",
"actions",
"stakeholders",
"sections",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing IR report. Returns focused guidance for constructive critique \u2014 what to check in each section, writing quality issues to identify, and how to frame feedback collaboratively. Your AI uses this to analyze your report locally\u2014your report is never sent to this server.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'clarity': jargon, passive voice, vague terms. 'tone': collaborative framing. 'structure': sentence/paragraph organization.",
"items": {
"enum": [
"completeness",
"clarity",
"tone",
"structure",
"all"
],
"type": "string"
},
"type": "array"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"executive_summary",
"timeline",
"root_cause",
"actions_taken",
"lessons_learned",
"business_impact",
"what_went_well",
"third_party",
"data_exposure",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "ir_review_report"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's fill-in-the-blank template for planning a security product strategy. Includes strategic questions organized by section with evidence columns. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis. The template is Copyright (c) 2026 Lenny Zeltser; any content you create using it is entirely yours.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {},
"type": "object"
},
"name": "product_get_template"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert strategic guidelines for a specific product strategy topic. Topics: market (segmentation), capabilities (AI, agents, MVP, positioning), sales (GTM, channels, distribution, POCs), pricing (models, retention), delivery (deployment, APIs), trust (compliance, security program), platform (ecosystem positioning), team (expertise, gaps), competitive (differentiation, moats), defensibility (AI-era defensibility rubric scoring a product across seven dimensions), smb (SMB market dynamics), endpoint (endpoint viability), ai_security (AI security vertical), role (product manager responsibilities), category_creation (new category strategy), comparative (multi-company analysis), evidence_tiering (evidence classification framework). Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"topic": {
"description": "Specific topic to get guidelines for. Omit or use 'all' for a complete overview.",
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"smb",
"endpoint",
"ai_security",
"role",
"category_creation",
"comparative",
"evidence_tiering",
"all"
],
"type": "string"
}
},
"type": "object"
},
"name": "product_get_guidelines"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's product strategy context for local analysis. Returns expert strategic frameworks, principles, and guidance for evaluating or creating security product plans. Your AI uses this context to analyze your product plans locally\u2014your plans are never sent to this server. Use detail_level to control response size: \"minimal\" (~2k tokens), \"standard\" (~5k tokens), \"compact\" (~3-4k tokens, all sections but stripped), or \"comprehensive\" (~12k tokens). Use market_segment: \"smb\" for SMB-specific guidance. Use product_focus: \"endpoint\" for endpoint security viability assessment. Set include_template: true to include the fill-in-the-blank template in the response.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"analysis_mode": {
"description": "'internal': planning your own product (default). 'external': evaluating another company from outside. External mode reframes questions and adjusts evidence standards.",
"enum": [
"internal",
"external"
],
"type": "string"
},
"company_context": {
"description": "Filter guidance to startup or large company perspective. Stage values (pre_seed, seed, series_a, series_b, growth, late_stage) imply startup context with stage-specific emphasis.",
"enum": [
"startup",
"large_company",
"pre_seed",
"seed",
"series_a",
"series_b",
"growth",
"late_stage"
],
"type": "string"
},
"detail_level": {
"description": "Level of detail to return. \"minimal\": market + capabilities only (~2k tokens). \"standard\": core strategy sections (~5k tokens, default). \"compact\": all sections with stripped subsections (~3-4k tokens, good for batch analysis). \"comprehensive\": everything + examples (~12k tokens).",
"enum": [
"minimal",
"standard",
"compact",
"comprehensive"
],
"type": "string"
},
"evaluation_perspective": {
"description": "Emphasize framework sections relevant to a specific perspective. Composes with analysis_mode.",
"enum": [
"builder",
"analyst",
"investor",
"buyer"
],
"type": "string"
},
"include_examples": {
"description": "Include examples in framework sections. Default: false.",
"type": "boolean"
},
"include_template": {
"description": "Include the fill-in-the-blank strategy template at the end of the context response. Default: false. Saves a separate product_get_template call.",
"type": "boolean"
},
"market_segment": {
"description": "Include SMB-specific guidance (distribution, buying triggers, readiness).",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific guidance. 'endpoint': platform entrapment, defensibility. 'ai_security': AI threat landscape, buyer personas, regulatory alignment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"topics": {
"description": "Specific topics to include. Overrides detail_level for fine-grained control.",
"items": {
"enum": [
"market",
"capabilities",
"sales",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive",
"defensibility",
"integrations",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_load_context"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Get Lenny Zeltser's expert criteria for reviewing an existing product strategy plan. Returns focused guidance for constructive critique\u2014what to check in each section, strategic coherence issues, and how to frame feedback collaboratively. Your AI uses this to analyze your plan locally\u2014your plan is never sent to this server. Use market_segment: \"smb\" to include SMB-specific review criteria. Use product_focus: \"endpoint\" to include endpoint viability assessment.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"focus": {
"description": "What aspects to focus on. 'completeness': is everything covered? 'strategy': are decisions coherent? 'feasibility': can this team execute?",
"items": {
"enum": [
"completeness",
"strategy",
"feasibility",
"all"
],
"type": "string"
},
"type": "array"
},
"market_segment": {
"description": "Include SMB-specific review criteria.",
"enum": [
"smb"
],
"type": "string"
},
"product_focus": {
"description": "Include vertical-specific review criteria. 'endpoint': endpoint viability. 'ai_security': AI security market assessment.",
"enum": [
"endpoint",
"ai_security"
],
"type": "string"
},
"review_type": {
"description": "'internal': reviewing your own plan (default). 'external-analysis': reviewing an analysis of another company. Adjusts criteria to focus on evidence tiering, source attribution, and marketing language.",
"enum": [
"internal",
"external-analysis"
],
"type": "string"
},
"sections": {
"description": "Specific sections to get review criteria for. Omit or use 'all' for complete review criteria.",
"items": {
"enum": [
"market_segmentation",
"product_capabilities",
"sales_gtm",
"pricing",
"delivery",
"trust",
"platform",
"team",
"competitive_landscape",
"defensibility_rubric",
"integration_priorities",
"all"
],
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"name": "product_review_plan"
},
{
"annotations": {
"destructiveHint": false,
"idempotentHint": true,
"openWorldHint": false,
"readOnlyHint": true
},
"description": "Load Lenny Zeltser's comparative analysis framework for evaluating multiple security companies side by side. Returns structured scoring rubric, evaluation dimensions, evidence tiering guidance, and comparison-type-specific instructions. Requires comparative analysis content. Your product plans are never sent to this server\u2014guidelines flow to your AI for local analysis.",
"execution": {
"taskSupport": "forbidden"
},
"inputSchema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"company_count": {
"description": "Number of companies being compared (2-10).",
"maximum": 10,
"minimum": 2,
"type": "integer"
},
"comparison_type": {
"description": "Type of comparison. 'competition': direct/adjacent competitors. 'market_segment': companies in same segment. 'portfolio': cohort evaluation.",
"enum": [
"competition",
"market_segment",
"portfolio"
],
"type": "string"
},
"include_scoring_rubric": {
"description": "Include the structured 1-5 scoring rubric. Default: true.",
"type": "boolean"
}
},
"required": [
"comparison_type",
"company_count"
],
"type": "object"
},
"name": "product_compare_context"
}
]
}
},
"bad_protocol_status_code": 200,
"delete_error": null,
"delete_status_code": 204,
"expired_session_error": null,
"expired_session_status_code": 404,
"issues": [
"missing_protocol_header",
"bad_protocol_not_rejected"
],
"last_event_id_visible": false,
"protocol_header_present": false,
"requested_protocol_version": "2025-03-26",
"session_id_present": true,
"transport": "streamable-http"
}
},
"remote_url": "https://website-mcp.zeltser.com/mcp",
"server_card_payload": null,
"server_identifier": "com.zeltser/website-search"
}
Known versions
5.5.0
Validation history
7 day score delta
+0.0
30 day score delta
n/a
Recent healthy ratio
0%
Freshness
205.1h
| Timestamp | Status | Score | Latency | Tools |
|---|---|---|---|---|
| Apr 25, 2026 05:42:57 PM UTC | Failing | 57.1 | 3518.6 ms | 0 |
| Apr 24, 2026 10:34:21 PM UTC | Failing | 57.1 | 2775.4 ms | 0 |
| Apr 24, 2026 03:25:14 AM UTC | Failing | 57.1 | 3463.4 ms | 0 |
| Apr 23, 2026 08:20:21 AM UTC | Failing | 57.1 | 2385.8 ms | 0 |
| Apr 22, 2026 02:06:46 PM UTC | Failing | 57.1 | 13170.2 ms | 0 |
| Apr 21, 2026 08:01:48 PM UTC | Failing | 57.1 | 3759.4 ms | 0 |
| Apr 21, 2026 12:55:44 AM UTC | Failing | 57.1 | 4228.3 ms | 0 |
| Apr 20, 2026 06:50:07 AM UTC | Failing | 57.2 | 3029.6 ms | 0 |
Validation timeline
| Validated | Summary | Score | Protocol | Auth mode | Tools | High-risk tools | Changes |
|---|---|---|---|---|---|---|---|
| Apr 25, 2026 05:42:57 PM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 24, 2026 10:34:21 PM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 24, 2026 03:25:14 AM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 23, 2026 08:20:21 AM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 22, 2026 02:06:46 PM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 21, 2026 08:01:48 PM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 21, 2026 12:55:44 AM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 20, 2026 06:50:07 AM UTC | Failing | 57.2 | 2025-03-26 | public | 0 | 0 | none |
| Apr 19, 2026 08:35:32 AM UTC | Failing | 57.2 | 2025-03-26 | public | 0 | 0 | none |
| Apr 18, 2026 03:27:34 PM UTC | Failing | 57.2 | 2025-03-26 | public | 0 | 0 | none |
| Apr 17, 2026 10:17:00 PM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
| Apr 17, 2026 04:11:18 AM UTC | Failing | 57.1 | 2025-03-26 | public | 0 | 0 | none |
Recent validation runs
| Started | Status | Summary | Latency | Checks |
|---|---|---|---|---|
| Apr 25, 2026 05:42:54 PM UTC | Completed | Failing | 3518.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 24, 2026 10:34:18 PM UTC | Completed | Failing | 2775.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 24, 2026 03:25:10 AM UTC | Completed | Failing | 3463.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 23, 2026 08:20:19 AM UTC | Completed | Failing | 2385.8 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 22, 2026 02:06:32 PM UTC | Completed | Failing | 13170.2 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 21, 2026 08:01:44 PM UTC | Completed | Failing | 3759.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 21, 2026 12:55:40 AM UTC | Completed | Failing | 4228.3 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 20, 2026 06:50:04 AM UTC | Completed | Failing | 3029.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 19, 2026 08:35:29 AM UTC | Completed | Failing | 3220.4 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |
| Apr 18, 2026 03:27:31 PM UTC | Completed | Failing | 2888.6 ms | action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe |