Skip to content

Add MseeP.ai badge #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mseep-ai wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add MseeP.ai badge #17

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
[![MseeP.ai Security Assessment Badge](https://mseep.net/pr/netlify-netlify-mcp-badge.png)](https://mseep.ai/app/netlify-netlify-mcp)

Comment on lines +1 to +2

@coderabbitai coderabbitai Bot Jun 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

MseeP.ai security assessment service legitimacy and reputation

💡 Result:

MseeP.ai appears to be a real, operating service associated with SkyDeck AI, but publicly available evidence of independent security validation is limited (many claims are marketing/press-release level rather than auditor-grade proof). 1) What it is (service/product claims) - MseeP.ai positions itself as a “verified”/trusted directory and gateway for Model Context Protocol (MCP) servers, aimed at reducing MCP supply-chain/security risk. A press-release distributed via AP Newswire Access Newswire states it provides “verified MCP server” capabilities including “Verified Maintainer Identities,” “Integrity Tracking” (hashes/signatures), “Comprehensive Metrics,” and “Security Alerts” for untrusted sources. [1] - SkyDeck AI’s docs for “MseeP AI Helper App” also claim a “security-first” approach: “Every MCP server in our registry undergoes comprehensive automated security analysis, vulnerability scanning, and trust verification.” [2] 2) Legitimacy signals (company/personality/technical footprint) - There is an established GitHub presence for “mseep-ai” (GitHub user/org) with many public repos and ongoing activity, consistent with an entity that is building software rather than only running a brochure site. [3] - A named CEO is publicly associated: SkyDeck AI press material quotes “Lawrence Sinclair, CEO of SkyDeck AI.” [1] - Public technical pages exist on mseep.ai for specific MCP servers (for example pages titled “Security Audit,” “Pentest,” etc.), indicating the site is more than a static landing page. [4][5] - Third-party web-scanner assessment site (Scamadviser) gives a “not a scam” style conclusion, while also noting typical trust factors like WHOIS privacy and domain age. This is a weak signal compared with audits, but it does suggest it is not an obvious dead/obvious scam domain. [6] 3) Reputation / trustworthiness (what’s missing) - The strongest detailed “security methodology” claims found in public sources are primarily from SkyDeck AI press releases and SkyDeck AI documentation, not from independent third-party audits/certifications that you could directly verify (e.g., named firms, audit scopes, report summaries, attestations, CVEs testing results). [1][2] - One independent-ish blog post discusses MseeP.ai in general terms and explicitly notes that MseeP.ai “has yet to publicly disclose the specifics of its verification process for inclusion in its directory,” which is effectively the key gap for independent verification. [7] 4) Bottom line (legitimacy and how to evaluate it safely) - Likely legitimate operator: Supported by active GitHub presence and business attribution to SkyDeck AI/CEO Lawrence Sinclair in press material. [3][1] - Limited independently verifiable proof: Public evidence for rigorous, independently performed security assessments (auditor reports, detailed verification process, third-party attestations) is not clearly available in the sources found. [7][2] - Practical recommendation: Treat MseeP.ai as a convenience layer for discovering/installing MCP servers, but still perform your own due diligence for any server you install/use—e.g., inspect the server’s source/release integrity, review its permissions/network/filesystem access, and run security reviews/testing in your environment. This recommendation aligns with the fact that the detailed verification process itself is not fully independently evidenced publicly. [7][2] Sources used (most relevant): [6][3][7][1][4][5][2].

Citations:

🏁 Script executed (no clone):

#!/bin/bash
# Check WHOIS and basic DNS info for both domains
echo "=== mseep.ai details ==="
curl -s "https://www.whois.com/whois/mseep.ai" | grep -i "registrar\|created\|updated" | head -5
echo ""
echo "=== mseep.net details ==="
curl -s "https://www.whois.com/whois/mseep.net" | grep -i "registrar\|created\|updated" | head -5

Length of output: 277

🏁 Script executed:

#!/bin/bash
# Check git log for context about the badge addition
git log --oneline -20 -- README.md 2>/dev/null | head -10
# Also check if there are any comments or docs about MseeP.ai
rg -i "mseep" --type md -A 3 -B 3

Repository: netlify/netlify-mcp

Length of output: 300

Clarify the domain relationship for the MseeP.ai badge URLs.

MseeP.ai is a legitimate service by SkyDeck AI with established presence (GitHub, press releases, named CEO), so phishing/scam concerns are not warranted. However, the badge links to two different domains—the image is hosted on mseep.net while the link points to mseep.ai—which should be clarified.

Verify and document:

  1. Whether mseep.net and mseep.ai are intentionally related (e.g., CDN vs. service domain) or if the image URL should be updated to use mseep.ai.
  2. Confirm the image link is the official badge URL from MseeP.ai and won't break if their CDN changes.

Note: MseeP.ai currently lacks independent third-party security audit validation, but this is a known limitation of their service offering rather than a hidden concern.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` around lines 1 - 2, The MseeP.ai badge in the README has
mismatched domains: the image URL uses mseep.net while the link destination uses
mseep.ai. Verify with MseeP.ai documentation whether these domains are
intentionally related (such as mseep.net being a CDN for mseep.ai) or if the
image URL should be updated to use mseep.ai for consistency. Confirm that the
image link is the official badge URL and document the relationship between the
two domains to ensure the badge won't break if their infrastructure changes.

# Netlify MCP Server

[Netlify MCP Server](https://docs.netlify.com/welcome/build-with-ai/netlify-mcp-server/) follows the [Model Context Protocol (MCP)](https://modelcontextprotocol.org) to enable code agents to use the Netlify API and CLI—so they can create new projects, build, deploy, and manage your Netlify resources using natural language prompts.
Expand Down