Runnable demo: a CI gate that denies an agent's undeclared privileged tool action before it runs, with evidence in the Security tab. Built on assay.
Insufficient evidence to grade. This server's source has not been statically analyzed, so a low grade would only mean "nothing found", not "nothing there". We don't show a reassuring grade we can't stand behind. Attested signals (CVEs, provenance) below still apply.
Once the source is analyzed (see the analysis flag in the header), a graded score appears here. How analysis works: methodology.
graded 13m ago · see ecosystem CVEs →
no known CVEs for this server.
No tool-safety findings — heuristic detectors run on the compute-risk cadence; a finding appears when a tool trips a rule.
[](https://mcpobservatory.com/servers/github:Rul1an/assay-agent-gate-demo/security) Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of Rul1an.