DEV Community

Edison Flores
Edison Flores

Posted on

MCP server marketplaces compared: Smithery vs Glama vs PulseMCP vs MarketNow

The MCP marketplace landscape

If you're looking for MCP (Model Context Protocol) servers, there are now several marketplaces. I built one of them (MarketNow), so I'm biased — but here's an honest comparison.

The 4 marketplaces

Marketplace Servers Security audit Pricing Unique feature
Smithery 3,000+ None Free Easy install via CLI
Glama 2,000+ None Free Quality scores (algorithmic)
PulseMCP 21,000+ None Free Largest catalog
MarketNow 8,764 ✓ 6-layer Sentinel Free + paid Security certificates

What each does well

Smithery

Smithery is the easiest way to install an MCP server. Their CLI (npx @smithery/cli install) handles config automatically. The catalog is curated but has no security auditing.

Glama

Glama provides algorithmic quality scores based on GitHub activity, stars, and maintenance signals. It's great for discovery but the scores don't reflect actual security testing.

PulseMCP

PulseMCP has the largest catalog (21,000+) because they aggregate from multiple sources. But quantity ≠ quality — no security auditing means you're trusting every server author.

MarketNow (us)

MarketNow is the only marketplace that security-audits every server. We run a 6-layer pipeline (Sentinel):

  • L1.5: Static analysis (deps, secrets, licenses)
  • L1.6: Pattern-based behavioral analysis
  • L2 v2.0: Active probe (60+ adversarial inputs)
  • L2.5: gVisor sandbox (userspace kernel isolation)

Each server gets a signed SHA-256 certificate with a score 0-10.

The honest gaps

MarketNow's gaps:

  • Smaller catalog than PulseMCP (8,764 vs 21,000)
  • L2.5 sandbox only covers 206 servers so far (the rest have L1.5+L1.6)
  • No third-party audit yet (L5 is Q3 2027)
  • Paid features ($0.99-$9.99) — others are fully free

All marketplaces' gaps:

  • None verify that the GitHub repo matches the published npm package
  • None do supply chain attestation (SLSA)
  • None have third-party security audits
  • None test for prompt injection at the protocol level

What I'd recommend

  1. Discovery: Use PulseMCP or Smithery to find servers
  2. Trust: Check if the server has a MarketNow Sentinel certificate
  3. Install: Use the official install command from the GitHub repo
  4. Verify: Check the Sentinel score at marketnow.site/verify

The real problem

Discovery is solved. Trust is not.

You can find 21,000+ MCP servers today. But when you npx -y some-mcp-server, that server gets:

  • Read access to ~/.ssh/id_rsa, ~/.aws/credentials
  • Network access (exfiltrate data, SSRF)
  • Process spawn access (run commands)
  • Environment variable access (API keys)

There's no sandboxing in MCP. You're trusting the author.

3 of the 8,764 servers I audited leaked environment variables when sent credential-access prompts. None of the other marketplaces would catch this.

Try it


I build MarketNow — the trust layer for agent commerce. Follow on GitHub.

Top comments (0)