THE AGENT ACTION SAFETY INDEX

Which MCP servers refuse dangerous actions without a receipt?

Each server is scored by the Agent Action Firewall Test: the share of its dangerous operations (money, data destruction, deploy, permissions, export, regulated override) that require an accountable human/quorum receipt. Is this your project? Add a gate and earn EG-1.

Run the fire drill The Report

SCANNED SERVERS

Filesystem (reference)0/100EG-1 fail

1 action(s) run without a receipt

repo ↗

GitHub0/100EG-1 fail

2 action(s) run without a receipt

repo ↗

Postgres (reference)0/100EG-1 fail

1 action(s) run without a receipt

repo ↗

Stripe Agent Toolkit0/100EG-1 fail

3 action(s) run without a receipt

repo ↗

AWS MCP0/100EG-1 fail

2 action(s) run without a receipt

repo ↗

Slack (reference)0/100EG-1 fail

1 action(s) run without a receipt

repo ↗

Google Drive (reference)0/100EG-1 fail

2 action(s) run without a receipt

repo ↗

Notion0/100EG-1 fail

1 action(s) run without a receipt

repo ↗

Cloudflare0/100EG-1 fail

2 action(s) run without a receipt

repo ↗

Weather (read-only reference)100/100EG-1 pass

all dangerous actions gated

repo ↗

Static assessment of publicly-documented tool surfaces — not a live deployment scan and not a vulnerability report. Click a server for detail, or run npx @emilia-protocol/fire-drill on yours.

EG-1 ENFORCED — REFERENCE IMPLEMENTATIONS

@emilia-protocol/gate

EG-1 Enforced

The firewall itself — 8/8 EG-1 checks.

require-receipt-pr-kit

EG-1 Enforced

The MCP dev-wedge reference.

Earn your place: pass npx @emilia-protocol/fire-drill and open a PR.