Proposal
MCP Trust Check is a free GitHub Action that auto-scans MCP server configs in your repo and checks each server's behavioral trust score against Dominion Observatory (14,824 servers scored from runtime interaction data). It posts results as a PR comment with letter grades (A+ to F).
Since github-mcp-server is itself a widely-used MCP server, adding this action to CI would:
- Validate trust scores for any MCP configs referenced in tests/examples
-
- Signal to users that GitHub takes MCP supply-chain trust seriously
-
- Catch regressions if a referenced server's trust score drops
Usage
# .github/workflows/mcp-trust-check.yml
name: MCP Trust Check
on: [pull_request]
jobs:
trust-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- - uses: vdineshk/dominion-observatory/github-action@main
- with:
- threshold: 50
- fail_below_threshold: false
- comment_on_pr: true
- github_token: ${{ secrets.GITHUB_TOKEN }}
- ```
No API key needed. Free and open-source.
**Links:** [Action source](https://github.com/vdineshk/dominion-observatory/tree/main/github-action) | [Observatory](https://dominionobservatory.com) | [Server directory](https://dominionobservatory.com/servers/)
Proposal
MCP Trust Check is a free GitHub Action that auto-scans MCP server configs in your repo and checks each server's behavioral trust score against Dominion Observatory (14,824 servers scored from runtime interaction data). It posts results as a PR comment with letter grades (A+ to F).
Since
github-mcp-serveris itself a widely-used MCP server, adding this action to CI would:Usage