← Back to search

Search • Sprawl Radar • TrustOps • Gateway • Ledger • Mandates • Hosting • Docs Compiler • Demo • Trust Index • Discovery Sources • Submit Repo • GitHub Action • Plans • Intelligence API • Verified Profiles • Shortlists • Rankings • Compare • Badges • Claim • ChatGPT compatible • Claude compatible • Healthcare • Digests • RSS • RSS XML • Backfill • MCP API

pipeworx-io/mcp-stackexchange

mcp-stackexchange

Wraps the StackExchange API v2.3 to enable reading StackExchange data (questions, answers, etc.) without authentication. Allows AI agents to query StackExchange content through natural language or direct tool calls.

JSON report • Policy • Badge metadata • History API • • Global feed

Decision: Allow with approval

Why: exec-capable tools + no confirmation safeguards + high-risk tools need review + unauthenticated behavior not proven

Next: export policy, require approval for writes, add authenticated validation

EXECUTIVE VERDICT

Executive verdict

Production trust decision: Allow with approval

Reason: exec-capable tools + no confirmation safeguards + high-risk tools need review + unauthenticated behavior not proven

Next action: export policy, require approval for writes, add authenticated validation

Production decision

Allow with approval

exec-capable tools + no confirmation safeguards + high-risk tools need review + unauthenticated behavior not proven

Current score

70.7

Snapshot trustsnap_c22f9bf17dbafe32

Next action

export policy, require approval for writes, add authenticated validation

Claim the profile to add evidence, trigger validation, and configure monitoring.

Compare alternatives Export policy Open report JSON

Evidence Tool risk Compatibility Policy History Badge Raw report

Status

Healthy

Score

70.7

Transport

streamable-http

Tools

Current trust snapshot

Snapshot ID

trustsnap_c22f9bf17dbafe32

Use this ID to compare server page, report, policy, MCP, homepage, ranking, and shortlist surfaces.

Snapshot generated

May 27, 2026 06:26:55 PM UTC

All page, report, policy, and MCP surfaces use this same server-detail snapshot shape.

Last validated

May 27, 2026 04:04:47 PM UTC

Age: 2.37h • freshness band: Verified in last 24h • display score: 70.69

Production trust decision

Allow with approval

exec-capable tools + no confirmation safeguards + high-risk tools need review + unauthenticated behavior not proven

Readiness class

Safe for evaluation

The server is suitable for evaluation, but remaining gaps should be resolved before broad production use.

Canonical machine links

Report JSON

/v1/servers/pipeworx-io/mcp-stackexchange/report

Policy export

/v1/servers/pipeworx-io/mcp-stackexchange/policy

Badge metadata

/v1/servers/pipeworx-io/mcp-stackexchange/badge

Evidence pack

/v1/servers/pipeworx-io/mcp-stackexchange/ledger

Compare URL

/compare?server=pipeworx-io%2Fmcp-stackexchange

SERVER OWNER FUNNEL

Own this MCP?

Claim ownership, prove control with a GitHub, DNS, HTTP, MCP metadata, or email-domain challenge, revalidate now, publish a badge, configure monitoring, and unlock a verified server profile.

1. Claim

unclaimed

with GitHub, DNS, or HTTP challenge instructions.

2. Revalidate

POST /v1/servers/pipeworx-io/mcp-stackexchange/revalidate

Verified owners get priority queueing after proof succeeds.

3. Badge

Verified by MCP Verify - score 70.7 - last checked May 27, 2026

4. Monitor

Continuous Verify plan is self-serve: choose a tier, configure watches, add authenticated validation, trigger revalidation, and use the badge.

Paid profile

Verified Server Profile

Add verified publisher identity, security metadata, evidence packs, badge customization, and owner analytics without buying a better score.

Badge embed

[![Verified by MCP Verify](https://verify.sentinelsignal.io/badge/pipeworx-io/mcp-stackexchange.svg)](https://verify.sentinelsignal.io/servers/pipeworx-io/mcp-stackexchange)

MCP TrustOps

TrustOps turns this report into operational controls: freshness SLAs, authenticated validation, semantic benchmarks, policy exports, alert subscriptions, badges, cost/compliance metadata, and runtime routing. Fresh trusted index decisions stay separate from long-tail inventory so stale scores do not masquerade as current evidence.

Freshness band

Verified in last 24h

Policy SLA: 168.0h • confidence-weighted score: 54.8 • stale score suppressed: ✕

Policy exports

Export policy

Formats: json, rego, yaml, github_action, gateway_config, client_report

Runtime routing

/v1/decide

Returns allowed tools, blocked tools, approval requirement, and reason.

Hosted runtime

Verify Hosted MCP

Deploy trusted servers from GitHub with secrets, egress controls, releases, rollback, and audit events.

Authenticated validation

Premium publisher feature: paid authenticated runs verify scopes, write-action safeguards, and authorized tool execution.

Active trust badges

Freshly Validated OAuth Verified Claude Remote MCP Compatible No Critical Risk

Semantic benchmarks

available

Templates cover GitHub, database, healthcare, web search, and CRM least-privilege jobs.

Supply chain

metadata signal

Deep scan checks are marked separately from public metadata signals.

Compliance metadata

Terms, privacy, SOC 2, HIPAA, GDPR, retention, deletion, and audit-log fields are tracked as enterprise metadata.

Alert subscription types

Status changes Score drops or recovers Freshness SLA breach Validation schema drift OAuth or auth behavior changes Tool surface changes New or changed write tool Supply-chain signal changes Legal or compliance metadata changes

MCP Runtime hosting

Verify Hosted MCP turns a trusted server report into a managed remote MCP endpoint with GitHub deployment provenance, sandbox policy, encrypted secrets, release history, rollback, and audit/usage events.

Activation readiness

✓

Trusted hosted runtimes require fresh validation, a passing server state, a remote endpoint, and a minimum score.

Minimum tier

TrustOps

Publisher claim plus paid TrustOps tier are required before secrets or releases can be created.

Hosted endpoint

/hosted/{namespace}/{name}/mcp

The endpoint enforces egress allowlists and records audit/usage events.

Blockers

none

Deployment	Status	Endpoint	Release
No hosted runtime deployments yet.

Production readiness class

Safe for evaluation

The server is suitable for evaluation, but remaining gaps should be resolved before broad production use.

Critical alerts

Production verdicts degrade quickly when critical alerts are active.

Evidence confidence

Confidence score

77.5

Based on 2 recent validations, 26 captured checks, and validation age of 2.4 hours.

Live checks captured

More direct checks increase trust in the current verdict.

Validation age

2.4h

Lower age means fresher evidence.

Recommended for

Claude Desktop

Claude Desktop is marked compatible with score 83.

Smithery

Smithery is marked compatible with score 100.

Generic Streamable HTTP

Generic Streamable HTTP is marked compatible with score 100.

Client compatibility verdicts

Client compatibility only means the server shape can work with a client. Production trust decision and write-action publishing are evaluated separately so a client-compatible server can still be blocked for production.

Client compatibility: ChatGPT

Partially client-compatible

Dynamic client registration materially improves connector setup.; Transport compliance should be in good shape.

Confidence: high (77.5)

Evidence provenance

Winner: live_validation

Supporting sources: live_validation, history, server_card

Disagreements: none

initialize • OK
tools_list • OK
transport_compliance_probe • Error
step_up_auth_probe • OK
connector_replay_probe • OK — Frozen tool snapshots must survive refresh.
request_association_probe • Missing — Roots, sampling, and elicitation should stay request-scoped.

Client compatibility: Claude

Client-compatible

Transport behavior should match Claude-compatible HTTP expectations.

Confidence: high (77.5)

Evidence provenance

Winner: live_validation

Supporting sources: live_validation, history, server_card

Disagreements: none

initialize • OK
tools_list • OK
transport_compliance_probe • Error

Write-action publishing

Publishing allowed

Current write surface is bounded enough for cautious review with production policy controls.

Confidence: high (77.5)

Evidence provenance

Winner: live_validation

Supporting sources: live_validation, history

Disagreements: none

action_safety_probe • Warning

Snapshot churn risk

Medium

The live tool surface changed between recent validations.

Confidence: high (77.5)

Evidence provenance

Winner: history

Supporting sources: history, live_validation

Disagreements: none

tool_snapshot_probe • OK
connector_replay_probe • OK

Why compatibility is limited by client

ChatGPT custom connector

Partially client-compatible

Remediation checklist

Dynamic client registration materially improves connector setup.
Transport compliance should be in good shape.
search fetch only is not yet satisfied
safe for company knowledge is not yet satisfied
safe for messages api remote mcp is not yet satisfied
Transport compliance issues should be resolved before wider client rollout.

Claude remote MCP

Client-compatible

Remediation checklist

Transport behavior should match Claude-compatible HTTP expectations.
search fetch only is not yet satisfied
safe for company knowledge is not yet satisfied
safe for messages api remote mcp is not yet satisfied
Transport compliance issues should be resolved before wider client rollout.

Write-safe publishing

Ready

Remediation checklist

No explicit blockers recorded.

Verdict traces

Production verdict

Safe for evaluation

The server is suitable for evaluation, but remaining gaps should be resolved before broad production use.

Confidence: high (77.5)

Winning source: live_validation

Triggering alerts

tool_snapshot_changed • high • Tool snapshot changed
auth_mode_changed • high • Auth mode changed
write_action_surface_expanded • high • Write-action surface expanded

Client verdict trace table

Verdict	Status	Checks	Winning source	Conflicts
`openai_connectors`	Partially client-compatible	initialize, tools_list, transport_compliance_probe, step_up_auth_probe, connector_replay_probe, request_association_probe	live_validation	none
`claude_desktop`	Client-compatible	initialize, tools_list, transport_compliance_probe	live_validation	none
`unsafe_for_write_actions`	Publishing allowed	action_safety_probe	live_validation	none
`snapshot_churn_risk`	Medium	tool_snapshot_probe, connector_replay_probe	history	none

Publishability policy profiles

ChatGPT custom connector compatibility

Compatible with review

Dynamic client registration materially improves connector setup.; Transport compliance should be in good shape. Compatibility is not a production approval; company knowledge and Messages API gates remain separate.

Search Fetch Only: No
Write Actions Present: Yes
Oauth Configured: Yes
Admin Refresh Required: Yes
Safe For Company Knowledge: No
Safe For Messages Api Remote Mcp: No

Claude remote MCP compatibility

Connector-compatible

Transport behavior should match Claude-compatible HTTP expectations. Compatibility is not a production approval; company knowledge and Messages API gates remain separate.

Search Fetch Only: No
Write Actions Present: Yes
Oauth Configured: Yes
Admin Refresh Required: Yes
Safe For Company Knowledge: No
Safe For Messages Api Remote Mcp: No

Compatibility fixtures

ChatGPT custom connector fixture

Degraded

Dynamic client registration materially improves connector setup.; Transport compliance should be in good shape.

remote_http_endpoint: Passes
oauth_discovery: Passes
frozen_tool_snapshot_refresh: Passes
request_association: Passes

Anthropic remote MCP fixture

Degraded

Transport behavior should match Claude-compatible HTTP expectations.

remote_transport: Passes
tool_discovery: Passes
auth_connect: Passes
safe_write_review: Passes

Authenticated validation sessions

Public validation is free. Authenticated validation is paid and proves scoped behavior, write-action safeguards, and authenticated tool execution.

Latest profile

remote_mcp

Authenticated session used

Public score isolation

✓

Preview endpoint

/v1/verify

CI preview endpoint

/v1/ci/preview

Public server reputation

Validation success 7d

1.0

Validation success 30d

1.0

Mean time to recover

n/a

Breaking diffs 30d

Registry drift frequency 30d

Snapshot changes 30d

Incident & change feed

Timestamp	Event	Details
May 27, 2026 04:04:47 PM UTC	Latest validation: healthy	Score 70.7 with status healthy.
May 27, 2026 04:04:47 PM UTC	Score changed	Score delta -0.1 versus the previous run.
May 27, 2026 04:04:47 PM UTC	Tool snapshot changed	Added 22, removed 0, and changed 0 tool contracts.
May 27, 2026 04:04:47 PM UTC	Auth mode changed	Auth mode moved from unknown to oauth_supported.

Capabilities

OAuth: ✓
DCR/CIMD: ✕
Prompts: ✓
Homepage: https://glama.ai/mcp/servers/htb9hce4yp
Docs: none
Support: https://github.com/pipeworx-io/mcp-stackexchange
Icon: none
Remote endpoint: https://gateway.pipeworx.io/stackexchange/mcp
Server card: none

Use-case taxonomy

development database search communication

Security posture

Tools analyzed

High-risk tools

Destructive tools

Exec tools

Egress tools

Secret tools

Bulk-access tools

Risk distribution

low:2, medium:14, high:4, critical:2

Tool capability & risk inventory

Tool	Capabilities	Risk	Findings	Notes
`ask_pipeworx`	read network admin	Medium	none	No explicit safeguard hints detected.
`discover_tools`	read write exec export	High	command execution bulk data access freeform input surface	No explicit safeguard hints detected.
`resolve_entity`	read write network admin	Medium	admin mutation	No explicit safeguard hints detected.
`compare_entities`	network admin	Medium	none	No explicit safeguard hints detected.
`entity_profile`	read network filesystem admin	Medium	none	No explicit safeguard hints detected.
`recent_changes`	write network admin	Medium	admin mutation	No explicit safeguard hints detected.
`validate_claim`	read admin	Medium	none	Safeguards hinted in metadata.
`bet_research`	read write network	Medium	arbitrary network egress	No explicit safeguard hints detected.
`polymarket_arbitrage`	read network	Medium	none	No explicit safeguard hints detected.
`polymarket_edges`	read write delete admin export	Critical	destructive operation bulk data access freeform input surface admin mutation	No explicit safeguard hints detected.
`polymarket_kalshi_spread`	read	Low	none	No explicit safeguard hints detected.
`pipeworx_trending`	other	Low	none	Safeguards hinted in metadata.
`generate_llms_txt`	read write delete network filesystem admin	Critical	destructive operation arbitrary network egress freeform input surface filesystem mutation admin mutation	No explicit safeguard hints detected.
`ai_visibility_check`	read secrets	Medium	secret material access	No explicit safeguard hints detected.
`scan_competitor_ai_presence`	read secrets	Medium	secret material access	No explicit safeguard hints detected.
`pipeworx_feedback`	read admin	Medium	none	No explicit safeguard hints detected.
`remember`	read write delete admin secrets	High	destructive operation secret material access admin mutation	Safeguards hinted in metadata.
`recall`	read write delete admin	Medium	destructive operation admin mutation	Safeguards hinted in metadata.
`forget`	read write delete admin	High	destructive operation admin mutation	No explicit safeguard hints detected.
`search_questions`	read exec admin export	High	command execution bulk data access freeform input surface	No explicit safeguard hints detected.
`get_answers`	read network	Medium	none	No explicit safeguard hints detected.
`stack_get_user`	read write network filesystem admin	Medium	filesystem mutation admin mutation	No explicit safeguard hints detected.

Write-action governance

Governance status

Warning

Safe to publish

✓

Auth boundary

oauth_or_auth_required

Blast radius

High

High-risk tools

Confirmation signals

compare_entities, validate_claim, bet_research, pipeworx_trending

Safeguard count

Status detail: 6 high-risk tool(s), 5 destructive tool(s), 2 exec-capable tool(s); auth boundary is oauth or auth required with 4 safeguard(s) and 4 confirmation signal(s).

Tool	Risk	Flags	Safeguards
`discover_tools`	High	command execution bulk data access freeform input surface	no
`polymarket_edges`	Critical	destructive operation bulk data access freeform input surface admin mutation	no
`generate_llms_txt`	Critical	destructive operation arbitrary network egress freeform input surface filesystem mutation admin mutation	no
`remember`	High	destructive operation secret material access admin mutation	yes
`forget`	High	destructive operation admin mutation	no
`search_questions`	High	command execution bulk data access freeform input surface	no

Action-controls diff

Snapshot changed

yes

Disabled-by-default candidates

bet_research discover_tools forget generate_llms_txt polymarket_edges recall remember search_questions

Manual review candidates

bet_research discover_tools forget generate_llms_txt polymarket_edges recall remember search_questions

New actions

Action	Risk	Flags
`ai_visibility_check`	Medium	secret material access
`ask_pipeworx`	Medium	none
`bet_research`	Medium	arbitrary network egress
`compare_entities`	Medium	none
`discover_tools`	High	command execution bulk data access freeform input surface
`entity_profile`	Medium	none
`forget`	High	destructive operation admin mutation
`generate_llms_txt`	Critical	destructive operation arbitrary network egress freeform input surface filesystem mutation admin mutation
`get_answers`	Medium	none
`pipeworx_feedback`	Medium	none
`pipeworx_trending`	Low	none
`polymarket_arbitrage`	Medium	none
`polymarket_edges`	Critical	destructive operation bulk data access freeform input surface admin mutation
`polymarket_kalshi_spread`	Low	none
`recall`	Medium	destructive operation admin mutation
`recent_changes`	Medium	admin mutation
`remember`	High	destructive operation secret material access admin mutation
`resolve_entity`	Medium	admin mutation
`scan_competitor_ai_presence`	Medium	secret material access
`search_questions`	High	command execution bulk data access freeform input surface
`stack_get_user`	Medium	filesystem mutation admin mutation
`validate_claim`	Medium	none

Changed actions

Action	Change types	Risk
No materially changed actions.

Why this score?

Access & Protocol

34/44

Connectivity, auth, and transport expectations for common clients.

Interface Quality

39.12/56

How well the tool/resource interface communicates and behaves under automation.

Security Posture

22/36

How safely the exposed tool surface handles destructive actions, egress, execution, secrets, and risky inputs.

Reliability & Trust

20.94/24

Operational stability, consistency, and trustworthiness over time.

Discovery & Governance

17.5/28

How well the server is documented, listed, and governed in public registries.

Adoption & Market

5/8

Adoption clues and public evidence that the server is intended for external use.

Algorithmic score breakdown

Auth Operability

3/4

Measures whether auth discovery and protected access behave predictably for clients.

Error Contract Quality

2.1/4

Grades machine-readable error structure, status alignment, and remediation hints.

Rate-Limit Semantics

2/4

Checks whether quota/throttle responses are deterministic and automation-friendly.

Schema Completeness

3/4

Completeness of tool descriptions, parameter docs, examples, and schema shape.

Backward Compatibility

4/4

Stability score across tool schema/name drift relative to prior validations.

SLO Health

3/4

Availability, latency, and burst-failure profile across recent validation history.

Security Hygiene

2/4

HTTPS posture, endpoint hygiene, and response-surface hardening checks.

Task Success

4/4

Can an agent reliably initialize, enumerate tools, and execute core MCP flows?

Trust Confidence

2.9/4

Confidence-adjusted reliability score that penalizes low evidence volume.

Abuse/Noise Resilience

4/4

How well the server preserves core behavior in the presence of noisy traffic patterns.

Prompt Contract

3/4

Quality of prompt metadata, argument shape, and prompt discoverability for clients.

Resource Contract

2/4

How completely resources and resource templates describe URIs, types, and usage shape.

Discovery Metadata

4/4

Homepage, docs, icon, repository, support, and license coverage for directory consumers.

Registry Consistency

2/4

Agreement between stored registry metadata, live server-card data, and current validation output.

Installability

4/4

How cleanly a real client can connect, initialize, enumerate tools, and proceed through auth.

Session Semantics

4/4

Determinism and state behavior across repeated MCP calls, including sticky-session surprises.

Tool Surface Design

3/4

Naming clarity, schema ergonomics, and parameter complexity across the tool surface.

Result Shape Stability

3/4

Stability of declared output schemas across validations, with penalties for drift or missing shapes.

OAuth Interop

3/4

Depth and client compatibility of OAuth/OIDC metadata beyond the minimal protected-resource check.

Recovery Semantics

0/4

Whether failures include actionable machine-readable next steps such as retry or upgrade guidance.

Maintenance Signal

2/4

Versioning, update recency, and historical validation cadence that indicate active stewardship.

Adoption Signal

2/4

Directory presence and distribution clues that suggest the server is intended for external use.

Freshness Confidence

3/4

Confidence that recent validations are current enough and dense enough to trust operationally.

Transport Fidelity

4/4

Whether declared transport metadata matches the observed endpoint behavior and response formats.

Spec Recency

2/4

How close the server’s claimed MCP protocol version is to the latest known public revision.

Session Resume

3/4

Whether Streamable HTTP session identifiers and resumed requests behave cleanly for real clients.

Step-Up Auth

4/4

Whether OAuth metadata and WWW-Authenticate challenges support granular, incremental consent instead of broad upfront scopes.

Transport Compliance

0/4

Checks session headers, protocol-version enforcement, session teardown, and expired-session behavior.

Utility Coverage

2/4

Signals support for completions, pagination, and task-oriented utility surfaces that larger clients increasingly expect.

Advanced Capability Coverage

3/4

Coverage of newer MCP surfaces like roots, sampling, elicitation, structured output, and related metadata.

Connector Publishability

3/4

How ready the server looks for client catalogs and managed connector programs.

Tool Snapshot Churn

4/4

Stability of the tool surface across recent validations, including add/remove and output-shape drift.

Connector Replay

4/4

Whether a previously published frozen connector snapshot would remain backward compatible after the latest tool refresh.

Request Association

3/4

Whether roots, sampling, and elicitation appear tied to active client requests instead of arriving unsolicited on idle sessions.

Interactive Flow Safety

3/4

Whether prompts and docs steer users toward safe auth flows instead of pasting secrets directly.

Action Safety

2/4

Risk-weighted view of destructive, exec, egress, and confirmation semantics across the tool surface.

Official Registry Presence

3/4

Whether the server appears directly or indirectly in the official MCP registry.

Provenance Divergence

4/4

How closely official registry metadata, the live server card, and public repo/package signals agree with each other.

Safety Transparency

2/4

Clarity of docs, auth disclosure, support links, and other trust signals visible to integrators.

Tool Capability Clarity

4/4

How clearly the tool surface communicates whether each action reads, writes, deletes, executes, or exports data.

Destructive Operation Safety

3/4

Penalizes delete/revoke/destroy style tools unless auth and safeguards reduce blast radius.

Egress / SSRF Resilience

3/4

Assesses arbitrary URL fetch, crawl, webhook, and remote-request exposure on the tool surface.

Execution / Sandbox Safety

2/4

Evaluates shell, code, script, and command-execution exposure and whether that surface appears contained.

Data Exfiltration Resilience

2/4

Assesses export, dump, backup, and bulk-read behavior against the surrounding auth and safeguard signals.

Least Privilege Scope

4/4

Rewards scoped auth metadata and penalizes broad or missing scopes around privileged tools.

Secret Handling Hygiene

2/4

Assesses secret-bearing tools, token leakage risk, and whether the public surface avoids obvious secret exposure.

Supply Chain Signal

0.5/4

Public metadata signal for repository, changelog, license, versioning, and recency that supports supply-chain trust.

Input Sanitization Safety

3/4

Penalizes risky freeform string inputs when schemas do not constrain URLs, code, paths, queries, or templates.

Tool Namespace Clarity

4/4

Measures naming uniqueness and ambiguity across the tool namespace to reduce collision and confusion risk.

Compatibility profiles

OpenAI Connectors

77.8

partial

Dynamic client registration materially improves connector setup.; Transport compliance should be in good shape.

Connector URL: https://gateway.pipeworx.io/stackexchange/mcp
# Complete OAuth in the client when prompted.
# Server: pipeworx-io/mcp-stackexchange

Claude Desktop

83.3

compatible

Transport behavior should match Claude-compatible HTTP expectations.

{
  "mcpServers": {
    "mcp-stackexchange": {
      "command": "npx",
      "args": ["mcp-remote", "https://gateway.pipeworx.io/stackexchange/mcp"]
    }
  }
}

Smithery

100.0

compatible

No major blockers detected.

smithery mcp add "https://gateway.pipeworx.io/stackexchange/mcp"

Generic Streamable HTTP

100.0

compatible

No major blockers detected.

curl -sS https://gateway.pipeworx.io/stackexchange/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'

Actionable remediation

Severity	Remediation	Why it matters	Recommended action
High	Add confirmation and dry-run semantics for risky actions	High-risk write, delete, exec, or egress tools should communicate safeguards clearly.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
High	Align session and protocol behavior with Streamable HTTP expectations	Clients increasingly rely on MCP-Protocol-Version, session teardown, and expired-session semantics.	Align MCP-Protocol-Version, MCP-Session-Id, DELETE teardown, and expired-session handling with the transport spec. Playbook Return `Mcp-Session-Id` and `Mcp-Protocol-Version` headers consistently on streamable HTTP responses. Honor `DELETE` session teardown and return `404` when a deleted session is reused. Reject invalid protocol-version headers with `400 Bad Request`.
High	Associate roots, sampling, and elicitation with active client requests	Modern MCP guidance expects roots, sampling, and elicitation traffic to be tied to an active client request instead of arriving unsolicited on idle sessions.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
High	Publish a complete server card	Missing or incomplete server-card metadata weakens discovery, documentation, and trust signals.	Serve /.well-known/mcp/server-card.json and include tools, prompts/resources, homepage, and support links. Playbook Publish `/.well-known/mcp/server-card.json`. Include homepage, repository, support, tools, prompts/resources, and auth metadata. Revalidate the server after publishing the card.
High	Respond to auth mode changed	Auth mode changed from unknown to oauth_supported.	Document the new auth posture and confirm protected-resource and challenge metadata still match reality. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
High	Respond to tool snapshot changed	Tools were added, removed, or materially changed between the latest two validations.	Publish a first-class changelog for tool additions, removals, and breaking schema changes. Playbook Review the tool snapshot diff for adds, removals, required-arg changes, and output-schema drift. Publish a changelog before managed connector clients refresh their frozen tool snapshots. Revalidate after the changelog and connector metadata are in sync.
High	Respond to write-action surface expanded	The number of high-risk write, delete, exec, or bulk-access tools increased on the latest run.	Review the newly exposed write and destructive actions before publishing them broadly. Playbook Inspect the new write, delete, exec, or export tools for auth boundaries and confirmation semantics. Add preview, dry-run, or explicit confirmation language where possible. Delay public connector publication until the new blast radius is reviewed.
Medium	Adopt a current MCP protocol revision	Older protocol revisions reduce compatibility with newer clients and registry programs.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
Medium	Close connector-publishing gaps	Connector catalogs care about protocol recency, session behavior, auth clarity, and tool-surface stability.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
Medium	Publish OpenID configuration	OIDC metadata improves token validation and client compatibility.	Expose /.well-known/openid-configuration with issuer, jwks_uri, and supported grants. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
Medium	Support resumable HTTP sessions cleanly	Modern MCP clients increasingly expect resumable session behavior on streamable HTTP transports.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
Low	Expose modern utility surfaces like completions, pagination, or tasks	Utility coverage improves interoperability with larger clients and long-lived agent workflows.	Expose completions, pagination, and task metadata where supported so larger clients can plan and resume work safely. Playbook Advertise `completions`, pagination cursors, and `tasks` only when they are actually supported. Return `nextCursor` on large list operations when pagination is available. Document task support and whether it requires step-up auth.
Low	Publish newer MCP capability signals	Roots, sampling, elicitation, structured outputs, and related metadata improve client understanding and ranking.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.
Low	Publish or reconcile the server in the official MCP registry	Official registry presence improves discovery confidence and cross-source consistency.	Inspect the latest validation evidence and resolve the client-visible regression. Playbook Inspect the latest validation evidence. Resolve the highest-severity client-facing gap first. Revalidate and confirm the score and verdict improve.

Point loss breakdown

Component	Current	Points missing
Transport Compliance	0/4	-4.0
Recovery Semantics	0/4	-4.0
Dependency Supply Chain Signal	0.5/4	-3.5
Utility Coverage	2/4	-2.0
Spec Recency	2/4	-2.0
Security Hygiene	2/4	-2.0
Secret Handling Hygiene	2/4	-2.0
Safety Transparency	2/4	-2.0
Resource Contract	2/4	-2.0
Registry Consistency	2/4	-2.0
Rate Limit Semantics	2/4	-2.0
Maintenance Signal	2/4	-2.0

Validation diff

Score delta

-0.09

Summary changed

Tool delta

Prompt delta

Auth mode changed

yes

Write surface expanded

yes

Protocol regressed

Registry drift changed

Regressed checks: openid_configuration, prompt_get, server_card, transport_compliance_probe

Improved checks: connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, probe_noise_resilience, prompts_list, provenance_divergence_probe, resources_list, step_up_auth_probe, tool_snapshot_probe, tools_list

Component	Previous	Latest	Delta
`backward_compatibility_score`	2.0	4.0	2.0
`least_privilege_scope_score`	2.0	4.0	2.0
`secret_handling_hygiene_score`	4.0	2.0	-2.0
`maintenance_signal_score`	3.95	2.0	-1.95
`registry_consistency_score`	3.65	2.0	-1.65
`trust_confidence_score`	1.75	2.94	1.19
`connector_replay_score`	3.0	4.0	1.0
`egress_ssrf_resilience_score`	2.0	3.0	1.0

Tool snapshot diff & changelog

Snapshot changed

yes

Added tools

ai_visibility_check ask_pipeworx bet_research compare_entities discover_tools entity_profile forget generate_llms_txt get_answers pipeworx_feedback pipeworx_trending polymarket_arbitrage polymarket_edges polymarket_kalshi_spread recall recent_changes remember resolve_entity scan_competitor_ai_presence search_questions stack_get_user validate_claim

Removed tools

none

Required-argument changes

Tool	Added required args	Removed required args
No required-argument changes detected.

Output-schema drift

Tool	Previous properties	Latest properties
No output-schema drift detected.

Connector replay

Status

Backward compatible

✓

Would break after refresh

Added tools

none

Removed tools

none

Additive output changes

none

Required-argument replay breaks

Tool	Added required args	Removed required args
No required-argument replay breaks detected.

Output-schema replay breaks

Tool	Removed properties	Added properties
No output-schema replay breaks detected.

Transport compliance drilldown

Probe status

Error

Transport

streamable-http

Session header

Protocol header

Bad protocol response

200

DELETE teardown

n/a

Expired session retry

n/a

Last-Event-ID visible

Issues: missing_session_id, missing_protocol_header, bad_protocol_not_rejected

Request association

Status

Missing

Advertised capabilities

none

Observed idle methods

none

Violating methods

none

Probe HTTP status

n/a

Issues

none

Utility coverage

Probe status

Missing

Completions

not detected

Completion probe target: { "argument_name": "company", "name": "research_public_company", "type": "prompt" }

Pagination

not detected

No nextCursor evidence.

Tasks

Missing

Advertised: no

Benchmark tasks

Benchmark task	Status	Evidence
Discover tools	Passes	`initialize` • OK `tools_list` • OK
Read-only fetch flow	Degraded	`resource_read` • Missing `read_only_tool_surface` • OK
OAuth-required connect	Passes	`oauth_protected_resource` • OK `step_up_auth_probe` • OK
Safe write flow with confirmation	Degraded	`action_safety_probe` • Warning

Registry & provenance divergence

Probe status

Direct official match

Drift fields

none

Field	Registry	Live server card
Title	n/a	n/a
Version	n/a	n/a
Homepage	n/a	n/a

Active alerts

Tool snapshot changed (high)
Tools were added, removed, or materially changed between the latest two validations.
Auth mode changed (high)
Auth mode changed from unknown to oauth_supported.
Write-action surface expanded (high)
The number of high-risk write, delete, exec, or bulk-access tools increased on the latest run.

Aliases & registry graph

Identifier	Source	Canonical	Score
`pipeworx-io/mcp-stackexchange`	glama_registry	yes	70.69
`github-pipeworx-io/mcp-stackexchange`	github_topic_registry	no	46.44

Alias consolidation

Canonical identifier

pipeworx-io/mcp-stackexchange

Duplicate aliases

Registry sources

github_topic_registry glama_registry

Remote URLs

https://gateway.pipeworx.io/stackexchange/mcp

Homepages

https://github.com/pipeworx-io/mcp-stackexchange

https://glama.ai/mcp/servers/htb9hce4yp

Source disagreements

Field	What differs	Observed values
Registry source	Multiple registries or registry sync paths claim this same canonical server.	github_topic_registry glama_registry
Homepage	Registry entries disagree on the primary homepage for this server.	https://github.com/pipeworx-io/mcp-stackexchange https://glama.ai/mcp/servers/htb9hce4yp
Registry identifier	Different registry-specific identifiers resolve to the same canonical server record here.	github_topic_registry:pipeworx-io/mcp-stackexchange glama_registry:htb9hce4yp

Install snippets

Openai Connectors

Connector URL: https://gateway.pipeworx.io/stackexchange/mcp
# Complete OAuth in the client when prompted.
# Server: pipeworx-io/mcp-stackexchange

Claude Desktop

{
  "mcpServers": {
    "mcp-stackexchange": {
      "command": "npx",
      "args": ["mcp-remote", "https://gateway.pipeworx.io/stackexchange/mcp"]
    }
  }
}

Smithery

smithery mcp add "https://gateway.pipeworx.io/stackexchange/mcp"

Generic Http

curl -sS https://gateway.pipeworx.io/stackexchange/mcp -H 'content-type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"mcp-verify","version":"0.1.0"}}}'

Agent access & tool surface

Live server tools

ask_pipeworx discover_tools resolve_entity compare_entities entity_profile recent_changes validate_claim bet_research

Observed from the latest live validation against https://gateway.pipeworx.io/stackexchange/mcp. This is the target server surface, not Verify's own inspection tools.

Live capability counts

22 tools • 12 prompts • 0 resources

Counts come from the latest tools/list, prompts/list, and resources/list checks.

Inspect with Verify

search fetch search_servers recommend_servers get_server_report compare_servers

Use Verify itself to search, recommend, compare, and fetch the full report for pipeworx-io/mcp-stackexchange.

Direct machine links

JSON report • Compare this server • Verify MCP API

Claims & monitoring

Server ownership

No verified maintainer claim recorded.

Watch subscriptions

Teams: none

Alert routing

Active watches

Generic webhooks

Slack routes

Teams routes

Email routes

Watch	Team	Channels	Minimum severity
No active watch destinations.

Maintainer analytics

Validation Run Count

Average Latency Ms

3415.07

Healthy Run Ratio Recent

1.0

Registry Presence Count

Active Alert Count

Watcher Count

Verified Claim

False

Taxonomy Tags

development, database, search, communication

Score Trend

70.69, 70.78

Remediation Count

High Risk Tool Count

Destructive Tool Count

Exec Tool Count

Maintainer response quality

Score

16.67

Verified claim

Support contact

✓

Changelog present

Incident notes present

Tool changes documented

Annotation history

Annotation count

Maintainer annotations

No maintainer annotations have been recorded yet.

Maintainer rebuttals & expected behavior

No maintainer rebuttals or expected-behavior overrides are recorded yet.

Latest validation evidence

Latest summary

Healthy

Validation profile

remote_mcp

Started

May 27, 2026 04:04:43 PM UTC

Latency

4573.6 ms

Failures

openid_configuration Client error '405 Method Not Allowed' for url 'https://gateway.pipeworx.io/.well-known/openid-configuration' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/405
server_card Response body exceeded byte limit
transport_compliance_probe Issues: missing session id, missing protocol header, bad protocol not rejected (bad protocol=200).

Checks

Check	Status	Latency	Evidence
`action_safety_probe`	Warning	n/a	6 high-risk, 5 destructive, 2 exec-capable tool(s); auth present; safeguards=4; confirmation=compare entities, validate claim, bet research, pipeworx trending.
`advanced_capabilities_probe`	Warning	n/a	Only 3 capability signal(s): prompts, resources, structured outputs.
`connector_publishability_probe`	Warning	n/a	Publishability blockers: transport compliance, server card.
`connector_replay_probe`	OK	n/a	Backward compatible with no breaking tool-surface changes.
`determinism_probe`	OK	499.4 ms	Check completed
`initialize`	OK	112.0 ms	Protocol 2025-03-26
`interactive_flow_probe`	OK	n/a	Check completed
`oauth_authorization_server`	OK	10.5 ms	authorization_endpoint, authorization_response_iss_parameter_supported, client_id_metadata_document_supported, code_challenge_methods_supported
`oauth_protected_resource`	OK	747.1 ms	1 authorization server(s)
`official_registry_probe`	Warning	n/a	Check completed
`openid_configuration`	Error	8.7 ms	Client error '405 Method Not Allowed' for url 'https://gateway.pipeworx.io/.well-known/openid-configuration' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/405
`probe_noise_resilience`	OK	18.8 ms	Fetched https://gateway.pipeworx.io/robots.txt
`prompt_get`	Args Required	925.6 ms	template requires args
`prompts_list`	OK	541.4 ms	12 prompt(s) exposed
`protocol_version_probe`	Warning	n/a	Claims 2025-03-26; 2 release(s) behind 2025-11-25.
`provenance_divergence_probe`	OK	n/a	Check completed
`request_association_probe`	Missing	n/a	No request-association capabilities were advertised.
`resource_read`	Missing	n/a	not advertised
`resources_list`	OK	41.1 ms	0 resource item(s) exposed
`server_card`	Error	164.3 ms	Response body exceeded byte limit
`session_resume_probe`	Warning	n/a	no session id
`step_up_auth_probe`	OK	n/a	Scopes=pipeworx:read.
`tool_snapshot_probe`	OK	n/a	Check completed
`tools_list`	OK	927.5 ms	22 tool(s) exposed
`transport_compliance_probe`	Error	31.6 ms	Issues: missing session id, missing protocol header, bad protocol not rejected (bad protocol=200).
`utility_coverage_probe`	Missing	22.3 ms	No completions evidence; no pagination evidence; tasks missing.

Raw evidence view

Show raw JSON evidence

Large evidence payload summarized to keep this page fast. Full raw evidence remains available from the JSON report.

{
  "checks": {
    "count": 26,
    "items": {
      "action_safety_probe": {
        "auth_present": true,
        "safeguard_count": 4,
        "status": "warning"
      },
      "advanced_capabilities_probe": {
        "status": "warning"
      },
      "connector_publishability_probe": {
        "status": "warning"
      },
      "connector_replay_probe": {
        "status": "ok"
      },
      "determinism_probe": {
        "latency_ms": 499.44,
        "status": "ok"
      },
      "initialize": {
        "http_status": 200,
        "latency_ms": 112.0,
        "payload_omitted": true,
        "status": "ok"
      },
      "interactive_flow_probe": {
        "status": "ok"
      },
      "oauth_authorization_server": {
        "http_status": 200,
        "latency_ms": 10.54,
        "payload_omitted": true,
        "status": "ok"
      },
      "oauth_protected_resource": {
        "http_status": 200,
        "latency_ms": 747.09,
        "payload_omitted": true,
        "status": "ok"
      },
      "official_registry_probe": {
        "status": "warning"
      },
      "openid_configuration": {
        "latency_ms": 8.68,
        "reason": "Client error '405 Method Not Allowed' for url 'https://gateway.pipeworx.io/.well-known/openid-configuration'\nFor more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/405",
        "status": "error"
      },
      "probe_noise_resilience": {
        "http_status": 200,
        "latency_ms": 18.8,
        "status": "ok"
      },
      "prompt_get": {
        "http_status": 200,
        "latency_ms": 925.6,
        "payload_omitted": true,
        "reason": "template_requires_args",
        "status": "template_requires_args"
      },
      "prompts_list": {
        "http_status": 200,
        "latency_ms": 541.44,
        "payload_omitted": true,
        "status": "ok"
      },
      "protocol_version_probe": {
        "status": "warning"
      },
      "provenance_divergence_probe": {
        "status": "ok"
      },
      "request_association_probe": {
        "reason": "no_request_association_capabilities_advertised",
        "status": "missing"
      },
      "resource_read": {
        "reason": "not_advertised",
        "status": "missing"
      },
      "resources_list": {
        "http_status": 200,
        "latency_ms": 41.15,
        "payload_omitted": true,
        "status": "ok"
      },
      "server_card": {
        "latency_ms": 164.35,
        "reason": "Response body exceeded byte limit",
        "status": "error"
      },
      "session_resume_probe": {
        "reason": "no_session_id",
        "status": "warning"
      },
      "step_up_auth_probe": {
        "status": "ok"
      },
      "tool_snapshot_probe": {
        "status": "ok"
      },
      "tools_list": {
        "http_status": 200,
        "latency_ms": 927.52,
        "payload_omitted": true,
        "status": "ok",
        "tool_count": 22,
        "tool_names_preview": [
          "ask_pipeworx",
          "discover_tools",
          "resolve_entity",
          "compare_entities",
          "entity_profile",
          "recent_changes",
          "validate_claim",
          "bet_research",
          "polymarket_arbitrage",
          "polymarket_edges",
          "polymarket_kalshi_spread",
          "pipeworx_trending",
          "generate_llms_txt",
          "ai_visibility_check",
          "scan_competitor_ai_presence",
          "pipeworx_feedback",
          "remember",
          "recall",
          "forget",
          "search_questions",
          "get_answers",
          "stack_get_user"
        ]
      },
      "transport_compliance_probe": {
        "latency_ms": 31.63,
        "protocol_header_present": false,
        "status": "error"
      },
      "utility_coverage_probe": {
        "latency_ms": 22.34,
        "status": "missing"
      }
    },
    "omitted_count": 0
  },
  "failures": {
    "count": 3,
    "items": {
      "openid_configuration": {},
      "server_card": {},
      "transport_compliance_probe": {}
    },
    "omitted_count": 0
  },
  "message": "Raw evidence is summarized in HTML to keep server detail pages fast. Use the JSON report or evidence API for the full payload.",
  "remote_url": "https://gateway.pipeworx.io/stackexchange/mcp",
  "server_card": {
    "name": null,
    "raw_payload_omitted": false,
    "version": null
  },
  "server_identifier": "pipeworx-io/mcp-stackexchange",
  "truncated": true
}

Known versions

No versions recorded.

Validation history

7 day score delta

n/a

30 day score delta

n/a

Recent healthy ratio

100%

Freshness

2.4h

Timestamp	Status	Score	Latency	Tools
May 27, 2026 04:04:47 PM UTC	Healthy	70.7	4573.6 ms	22
May 27, 2026 04:03:47 AM UTC	Healthy	70.8	2256.5 ms	0

Validation timeline

Validated	Summary	Score	Protocol	Auth mode	Tools	High-risk tools	Changes
May 27, 2026 04:04:47 PM UTC	Healthy	70.7	2025-03-26	oauth_supported	22	6	auth_mode_changed write_surface_expanded tool_snapshot_changed
May 27, 2026 04:03:47 AM UTC	Healthy	70.8	unknown	unknown	0	0	none

Recent validation runs

Started	Status	Summary	Latency	Checks
May 27, 2026 04:04:43 PM UTC	Completed	Healthy	4573.6 ms	action_safety_probe, advanced_capabilities_probe, connector_publishability_probe, connector_replay_probe, determinism_probe, initialize, interactive_flow_probe, oauth_authorization_server, oauth_protected_resource, official_registry_probe, openid_configuration, probe_noise_resilience, prompt_get, prompts_list, protocol_version_probe, provenance_divergence_probe, request_association_probe, resource_read, resources_list, server_card, session_resume_probe, step_up_auth_probe, tool_snapshot_probe, tools_list, transport_compliance_probe, utility_coverage_probe
May 27, 2026 04:03:45 AM UTC	Completed	Healthy	2256.5 ms