
turva.dev
@erekola
About turva.dev
The public read-only MCP server for turva.dev, live at mcp.turva.dev/mcp. Published in the official MCP registry as dev.turva/turva-mcp.
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"turva": {
"url": "https://mcp.turva.dev/mcp"
}
}
}Tools
4The service catalog (audit, advisory, implementation, agent operations, MCP server design), the engagement model, and pricing (fixed list prices for audit, advisory and implementation; others on request)
turva.dev's own agent-readiness scores from independent scanners, with per-scanner sub-scores, leaderboard rank, notable wins, the measurement date, and verification links
Public web-security scan results for turva.dev's own domain (Hardenize, Internet.nl), with the scan date
The engagement principles: async-only, least access, results measured in scanner numbers, open and verifiable
Overview
What is turva.dev?
turva.dev is a public, read-only Model Context Protocol (MCP) server for the turva.dev agent-readiness audit and advisory service. It lets AI agents query turva.dev’s service catalog, its own agent-readiness scores, public web-security scan results for its domain, and its engagement principles – all as structured JSON instead of scraped HTML.
How to use turva.dev?
Point any MCP client that supports Streamable HTTP at https://mcp.turva.dev/mcp. An example client configuration is provided. No authentication or API key is required.
Key features of turva.dev
- Four read-only tools returning structured JSON.
- Tools:
get_services,get_agent_readiness,get_security_evidence,get_principles. - Data served from static TypeScript objects; every response is deterministic.
- Scores include a measurement date and live verification links.
- Public and auditable – no authentication needed.
- Built on Cloudflare Workers, independent from the main turva.dev site.
Use cases of turva.dev
- AI agents querying turva.dev’s service catalog and pricing.
- Verifying turva.dev’s own agent-readiness scores from independent scanners.
- Checking public web-security scan results for the turva.dev domain.
- Understanding turva.dev’s engagement principles (async-only, least access, etc.).
FAQ from turva.dev
What data does turva.dev expose?
Four read-only tools: service catalog (audit, advisory, implementation, agent operations, MCP server design), agent-readiness scores from two independent scanners, public web-security scan results (Hardenize, Internet.nl), and engagement principles.
Does turva.dev require authentication or an API key?
No. All exposed data is public and read-only. No authentication or API key is required.
How is the data served?
Data is bundled as static TypeScript objects in a Cloudflare Worker, so responses are deterministic and depend on no external state.
How can I verify the scores?
Each tool response includes a measurement date and links to the independent scanner reports (StartupHub leaderboard, isitagentready, Hardenize, Internet.nl) so you can re-run any scan and compare.
What transport does turva.dev use?
Streamable HTTP on POST /mcp. No SSE transport. Server card JSON is available at GET / and GET /.well-known/mcp.
More Other MCP servers
ghidraMCP
LaurieWiredMCP Server for Ghidra
Unity MCP ✨
justinpbarnettUnity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control scenes, edit scripts, and automate tasks within Unity.
AutoBrowser MCP
autobrowser-aiBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
Servers
modelcontextprotocolModel Context Protocol Servers
Awesome Mcp Servers
punkpeyeA collection of MCP servers.
Comments