io.github.Kindora-PBC/foundation-discovery

“Foundation discovery and grant intelligence for nonprofits. 174K+ US funders, IRS 990 data.”

This server’s public MCP-registry listing advertises a permission_change capability. If it performs that action on behalf of an AI agent, it should require an accountable human authorization receipt before executing — otherwise an agent can trigger an irreversible action with no signed proof a person approved it.

Is this your project? Earn EG-1 Enforced.

Wrap the high-risk tools with @emilia-protocol/gate so they require a human/quorum receipt, then run npx @emilia-protocol/fire-drill against your manifest for a tool-level score. We update this listing on request.

Registry-level signal only: derived from this server’s publicly-advertised name and description in registry.modelcontextprotocol.io. It is not a scan of any deployment, not a tool-level manifest scan, and not a vulnerability report. It indicates the server advertises a capability that, for agent use, warrants a receipt requirement.