RoninForge / Akashi
Verify a Model Context Protocol server is alive and conformant. Akashi probes it with only public signals and reports whether it is healthy, degraded, or dead, then hands you an embeddable verified-on-date badge for the healthy ones.
証 (akashi) means proof or certificate. Akashi produces a dated, checkable proof that a server works - not a promise, a receipt.
$ akashi check io.github.owner/name io.github.owner/name checked 2026-07-02 UTC, keyless PASS registry status active PASS repo reachable exists PASS repo freshness pushed 3d ago PASS package npm published (1.4.0) PASS remote reachable HTTP 200 via initialize PASS MCP conformance initialize handshake ok PASS at least one live entrypoint 3 alive OK healthy
Pass an official-registry server name (io.github.owner/name), a GitHub repository URL, or a remote endpoint URL. Akashi figures out what to probe.
Repository status via the public GitHub API, package publication on npm, PyPI, and Docker Hub (anonymous), and remote reachability. No account, no key, no traffic to a server you do not trust.
A capability-only MCP initialize handshake confirms the endpoint actually speaks MCP, not just that a port answers. An HTML page returning 200 is caught, not trusted.
Every signal rolls up to healthy, degraded, dead, or unknown, with the reasons spelled out. The exit code is CI-ready: 0 healthy, 1 not.
--badge emits a shields.io endpoint. A healthy server reads verified <date> in green; anything else reads its verdict, so a broken server can never masquerade as verified.
Drop in uses: RoninForge/akashi@v0 to fail a job when a server you depend on goes dead, or to gate your own server's release on a clean bill of health.
| Tier | Check | Keyless source |
|---|---|---|
| Health | Registry status | MCP registry (active / deprecated / deleted) |
| Health | Repository reachable and fresh | Public GitHub API (exists / archived / 404, last-push age) |
| Health | Package published | npm, PyPI, Docker Hub (anonymous) |
| Health | Remote reachable | MCP initialize handshake, GET fallback |
| Conformance | Speaks MCP initialize | Capability negotiation over the declared transport |
| Conformance | Echoes the JSON-RPC id | Response framing (not an HTML page impersonating a server) |
| Conformance | License present | Repository license API |
An auth-gated remote (a 401 to initialize) is treated as alive, not broken. Akashi never supplies credentials to reach past it.
At least one live entrypoint and nothing broken. This is the only verdict that earns a green verified badge.
Usable, but something is broken: a 404 repo link while the package installs, a stale-over-a-year repo, a deprecated registry entry, or an endpoint that answers HTTP but is not a real MCP server.
Registry-deleted, or every probed entrypoint is broken. Nothing installs and nothing answers.
Only entrypoints that cannot be probed without a key were declared. Akashi will not guess.
| Command | Purpose |
|---|---|
| akashi check <server> | Probe one server and print the check table plus an overall verdict. |
| akashi check <server> --json | Emit the full result row as JSON for scripts and CI. |
| akashi check <server> --badge | Emit a shields.io endpoint badge JSON. |
| akashi version | Print version, commit, and build date. |
Fail CI when a server you depend on is not healthy, or gate your own server's release on a clean check.
name: MCP health on: [push] jobs: akashi: runs-on: ubuntu-latest steps: - uses: RoninForge/akashi@v0 with: server: io.github.owner/name
Akashi never authenticates to a probed server. A GitHub token, if present, is used only against the public GitHub API to raise the rate limit, exactly as running gh would.
The only request sent to a server is initialize, which negotiates capabilities and runs nothing. Safe against a server you do not trust.
No crash reports, no usage analytics. Source is MIT, 100% Go, a single auditable binary.
Two tiers. Health is whether the server is installable and reachable at all: registry status, repository reachability and freshness, package publication on npm/PyPI/Docker Hub, and remote endpoint reachability. Conformance is whether it is a well-behaved MCP server: a capability-only initialize handshake, a JSON-RPC id echo, and a declared license. It rolls up to a healthy, degraded, dead, or unknown verdict.
Yes. Akashi reads only public endpoints: the MCP registry, the GitHub API, the npm and PyPI registries, Docker Hub's anonymous manifest API, and the server's own remote endpoint. It never authenticates to a probed server. Any GitHub token it finds is used only against the public GitHub API to raise the rate limit, exactly as a human running gh would. No user secret is ever sent to a probed server.
No. The only thing it sends to a server is an MCP initialize request, which negotiates protocol capabilities and executes nothing. An auth-gated server (a 401 to initialize) is treated as alive, not broken, and akashi never supplies credentials to reach past it.
Healthy: at least one live entrypoint and nothing broken. Degraded: usable, but something is wrong. Dead: registry-deleted, or every probed entrypoint is broken. Unknown: only entrypoints that cannot be probed without a key were declared. A degraded, dead, deprecated, or unknown server never earns a green verified badge.
Run curl -fsSL https://roninforge.org/akashi/install.sh | sh. It downloads a single Go binary from GitHub Releases, verifies its checksum, and installs it to /usr/local/bin (or ~/.local/bin as a fallback). Or with Go: go install github.com/RoninForge/akashi/cmd/akashi@latest. Supports macOS and Linux (amd64, arm64) and Windows (amd64).
Akashi (証) means proof or certificate in Japanese. Akashi's job is to produce a dated, checkable proof that an MCP server is alive and conformant - the verified-on-date badge you stamp on a README.
Akashi is part of RoninForge. Siblings: Hanko (validates Claude Code plugin manifests) and Tsuba (scaffolds plugins).