‹ directory
Score by pillar
Security ·20100
Tool design ·18100
Schemas / desc ·1680
Reliability ·1450
Context-cost ·1279
Compliance ·1257
Coverage ·850
reliability: LOW (T1 single-shot, not credited - requires T3 >=24h)
Context-cost
752tokens for
tools/listPaid on every request. Lean footprint for 5 tools.
ecosystem median ≈ 3k
MCP primitive coverage
the quality score covers tools5
Tools
0
Resources · none
0
Prompts · none
Why this score — causal attribution
Each penalty: measure → mechanism → effect → Δscore.
Compliance · MEDIUM−3.6
0 declared annotations → destructiveHint/openWorldHint missing -> worst-case defaults → the tool is treated as destructive & open-world by clients
Compliance · MEDIUM−1.6
proto 2024-11-05 (4 rev. behind 2025-11-25) → outdated protocol version → recent features unavailable, recent clients weakened
Suggested composite optimizations
search_generic_documentation, fetch_generic_documentation →
query_generic_documentation(filter, fields, limit)fetch_generic_documentation ↔ search_generic_documentation →
renommer pour distinguerBadge — paste it in your README
[](https://checkmcp.dev/report?url=https%3A%2F%2Fgitmcp.io%2Fdocs)About GitMCP — FAQ
Is the GitMCP MCP server safe to use?+
CheckMCP audited GitMCP and gave it an MCP Score of 83/100 (grade B) — good — only minor issues. The audit runs an OWASP MCP Top 10 security pass (tool poisoning, hardcoded secrets, command injection, the lethal trifecta) against the live endpoint; see the per-pillar breakdown and the "why this score" attribution on this page, and re-audit anytime at checkmcp.dev.
What is the MCP Score of GitMCP?+
GitMCP scores 83/100 (grade B) on CheckMCP's vendor-neutral audit across six weighted pillars — security, tool design, schemas, context-cost, compliance and coverage — with reliability measured and shown but not yet credited.
How many tools does GitMCP expose, and what is its context cost?+
GitMCP exposes 5 tools, and its tools/list response costs roughly 752 tokens — paid on every request your agent makes to it. Lower is better for your context budget.
How was GitMCP scored?+
By probing the live MCP endpoint (https://gitmcp.io/docs), inspecting its tools, schemas and protocol compliance, running an OWASP MCP Top 10 security pass, and measuring the token cost of tools/list — then attributing every penalty as measure → mechanism → effect. The methodology is open: checkmcp.dev/#methodology.