Check catalog
Every check Gated runs against an MCP server, grouped into five families by the question it answers. Open a family to see each check, the findings it raises, the intensity it runs at, and the spec clauses it enforces.
Can the server be coerced into doing something it shouldn't? Auth gaps, injection surfaces, token leaks, tools exposed without scope.
Does the server follow the specs it claims to? MCP, OAuth, JSON-RPC, HTTP, TLS — all the contracts a stable building block depends on.
Is it pleasant to integrate against? Schema correctness, error shape, descriptive metadata, predictable tool behavior.
Does it stay correct under load and partial failure? Timeouts, retries, idempotency, cancellation, behavior at the edges.
Will it bankrupt the team that adopts it? Payload bloat, chatty tools, unbounded responses, expensive defaults.