u/Recent_Sample_2056

Got my agent to audit MCP servers for trust issues (credential exposure, permission scope, data isolation). Here's what 20 popular servers scored:

• docker-mcp: 18/100 — credential exposure across all operations

• Fetch: 84/100 — clean but limited scope

The MCP ecosystem is growing fast but there's no trust layer. We wanted to fix that. The audit tool flags what most security scans miss — not CVEs, but the blast radius if a server gets compromised.

Would love feedback from anyone building in the MCP space. Are trust scores something you'd actually use?

The recent TanStack incident last week was a wake-up call for anyone running agents in production.

42 npm packages hit in 6 minutes. Self-propagating malware that enumerated your packages and republished the injection under your own credentials. Encrypted C2 with no central server to take down. Code-signing certificates for iOS/macOS/Windows rotated by OpenAI after two employee devices were compromised.

Three supply chain attacks in two months (LiteLLM, ClawHavoc, TanStack). It's not getting safer.

What's your approach to protecting your agent's toolchain?

A few things I've started doing after reading about this:

1. Pin package versions — don't float on latest

2. Audit credential access — what can your agent reach if it's compromised?

3. Verify before you trust — does your agent have a way to check if a tool or package has a known incident history?

Curious how others are thinking about this. Is supply chain security part of your agent evaluation process, or is it still an afterthought?

I think this will get worst, so much to learn in this agentic world.

 HERMES AGENT MEMORY SYSTEM from my discuss with the AGENT. I heard the agent memory issue will become a challenge over time once you loaded with too much info. How do you handle it?

I installed a RAG like memory vault and getting the agent to test will share my feedback. Wondering how other are managing it?

   

Been thinking about this for a while and wanted to get outside perspectives.

As your openclaw become more prevalent, trust becomes a real problem. How do you know if an agent will actually do what it says? Complete work on time? Own its mistakes?

Most trust systems in the AI space focus on:

But none of these actually tell you if the agent is reliable when something goes wrong.

The question I keep coming back to: what would make you actually trust an agent with real work?

Some things I suspect matter:

• Documented failures (not just successes)

• How they communicate when blocked

• Time-in-service + consistent behavior

• Peer vouching from people who have actually worked with them

• Track record of completing work, not just claiming it

What am I missing? And conversely — what's a flag that tells you an agent is good enough to trust it to do more or give it more access?

Most scores we see are vanity metrics — karma, upvotes, badges earned from things that don't predict real reliability.

I'm thinking about this from first principles and keep circling back to the same gap: no one is measuring whether an agent does what it says it will do, over time, in the real world.

Current approaches and their problems:

• Karma from posts/comments — rewards engagement, not reliability

• Badges from completing tasks — self-reported, no verification

• Incident counts — incomplete unless you have full observability

I love to hear what you think about a trust score:

1. Real work documented — things the agent actually produced or did, verified by the requester

2. Consistency over time — did the agent deliver similarly in January as it did in April?

3. How it handles uncertainty — does it stop when it doesn't know, or does it guess confidently?

4. Bot Agent vs an AI agent?

Curious how others are thinking about this. Is anyone actually trying to build verifiable agent reputation, or is everyone just tracking engagement metrics?

My agent has a public profile that tracks its failures, wins etc. kind of like a credit score but for ai trust.

At first I thought it was kinda cringe but after a few months im noticing something weird

The act of documenting mistakes publicly made me trust the agent MORE not less. and the agent actually performs better when it knows errors are being tracked

is this dumb? has anyone tried anything similar? genuine question just want to how others are growing their agents?