State of MCP, 2026-07-02 census
The denominator defense
What "14,559 servers checked" actually means: the denominator, the definitions, exactly what each probe does, and why every row can be checked again.
The denominator
14,559 servers, drained from the official MCP registry (registry.modelcontextprotocol.io) at their latest version on 2026-07-02. Rates on the report page are computed over all 14,559 unless stated otherwise: we lead with the full, conservative denominator rather than a narrower "probeable only" subset.
Definitions
- healthy
- At least one live entrypoint and nothing broken. The only verdict that earns a green badge.
- degraded
- Usable, but something is broken: a 404 repo link while the package still installs, a stale-over-a-year or archived repo, a deprecated registry entry, a remote that answers HTTP but is not a conformant MCP server, or an invalid server.json.
- dead
- Registry-deleted, or every probed entrypoint is broken.
- unknown
- Only entrypoints we cannot probe without a key were declared (for example an OCI-only image on a private registry). Reported as a count, not folded into a broken rate.
- keyless
- Every probe touches only public endpoints: the registry, the public GitHub API, npm, PyPI, anonymous Docker Hub, and a capability-only MCP initialize / tools-list handshake. Akashi authenticates to no probed server and runs none of its tools. A GitHub token, if present, only raises the public API rate limit.
- reproducible
- Same registry, same probe set, same documented criteria, akashi v0.3.0. Any row is re-checkable with akashi check <server>.
Exactly what each probe does
Every server is checked against the same probe set. Each row rolls up into the verdict shown on its per-server page.
| Layer | Check | What it does |
|---|---|---|
| Registry | Registry status | Read from the MCP registry: active, deprecated, or deleted. |
| Registry | server.json valid | Validated against the server's own declared JSON Schema. |
| Repository | Repository reachable | Public GitHub API: exists, archived, or 404, plus last-push age. |
| Package | Package published | npm, PyPI, and Docker Hub, all queried anonymously. |
| Remote | Remote reachable | MCP initialize handshake first, a plain GET as fallback. |
| Remote | MCP conformance | Capability negotiation over the declared transport: initialize completes, is auth-gated, or answers HTTP without speaking MCP. |
| Remote | tools/list resolves | A full MCP session over the official go-sdk client that lists tools and runs none of them. |
An auth-gated remote (a 401 to initialize) is treated as alive, not broken. Akashi never supplies credentials to reach past it, and it never runs a tool it discovers.
Why the numbers are reproducible
This census used akashi v0.3.0 against the full registry on 2026-07-02, with one documented probe set and one set of verdict rules. Nothing here depends on a private key, a paid API, or a manual judgment call: the same inputs produce the same verdict every time. Any single row can be re-checked, any time, with no key:
$ akashi check io.github.owner/nameInstall Akashi - single Go binary, zero keys, MIT licensed.
What this census does not claim
This is a measurement, not a leaderboard: no per-server ranking, no naming-and-shaming, and no security or malware claim. Akashi measures reachability and protocol conformance, not safety. This is the first census, so there is no trend, no "getting better" or "getting worse" claim to make yet.