‹ directory
86MCP SCORE
B
@huggingface/mcp-services
https://huggingface.co/mcp
8 tools26 resources4 prompts~2.9k tok/req100% annot.proto 2024-11-05
Score by pillar
Security ·20100
Tool design ·1885
Schemas / desc ·1675
Reliability ·14100
Context-cost ·1280
Compliance ·1286
Coverage ·880
reliability: LOW (T1 single-shot, not credited - requires T3 >=24h)
Context-cost
2.9ktokens for
tools/listPaid on every request. Lean footprint for 8 tools.
ecosystem median ≈ 3k
MCP primitive coverage
the quality score covers tools8
Tools
26
Resources
4
Prompts
Why this score — causal attribution
Each penalty: measure → mechanism → effect → Δscore.
Compliance · MEDIUM−1.6
proto 2024-11-05 (4 rev. behind 2025-11-25) → outdated protocol version → recent features unavailable, recent clients weakened
Badge — paste it in your README
[](https://checkmcp.dev/report?url=https%3A%2F%2Fhuggingface.co%2Fmcp)About @huggingface/mcp-services — FAQ
Is the @huggingface/mcp-services MCP server safe to use?+
CheckMCP audited @huggingface/mcp-services and gave it an MCP Score of 86/100 (grade B) — good — only minor issues. The audit runs an OWASP MCP Top 10 security pass (tool poisoning, hardcoded secrets, command injection, the lethal trifecta) against the live endpoint; see the per-pillar breakdown and the "why this score" attribution on this page, and re-audit anytime at checkmcp.dev.
What is the MCP Score of @huggingface/mcp-services?+
@huggingface/mcp-services scores 86/100 (grade B) on CheckMCP's vendor-neutral audit across six weighted pillars — security, tool design, schemas, context-cost, compliance and coverage — with reliability measured and shown but not yet credited.
How many tools does @huggingface/mcp-services expose, and what is its context cost?+
@huggingface/mcp-services exposes 8 tools, and its tools/list response costs roughly 2.9k tokens — paid on every request your agent makes to it. Lower is better for your context budget.
How was @huggingface/mcp-services scored?+
By probing the live MCP endpoint (https://huggingface.co/mcp), inspecting its tools, schemas and protocol compliance, running an OWASP MCP Top 10 security pass, and measuring the token cost of tools/list — then attributing every penalty as measure → mechanism → effect. The methodology is open: checkmcp.dev/#methodology.