The MCP marketplace landscape
If you're looking for MCP (Model Context Protocol) servers, there are now several marketplaces. I built one of them (MarketNow), so I'm biased — but here's an honest comparison.
The 4 marketplaces
| Marketplace | Servers | Security audit | Pricing | Unique feature |
|---|---|---|---|---|
| Smithery | 3,000+ | None | Free | Easy install via CLI |
| Glama | 2,000+ | None | Free | Quality scores (algorithmic) |
| PulseMCP | 21,000+ | None | Free | Largest catalog |
| MarketNow | 8,764 | ✓ 6-layer Sentinel | Free + paid | Security certificates |
What each does well
Smithery
Smithery is the easiest way to install an MCP server. Their CLI (npx @smithery/cli install) handles config automatically. The catalog is curated but has no security auditing.
Glama
Glama provides algorithmic quality scores based on GitHub activity, stars, and maintenance signals. It's great for discovery but the scores don't reflect actual security testing.
PulseMCP
PulseMCP has the largest catalog (21,000+) because they aggregate from multiple sources. But quantity ≠ quality — no security auditing means you're trusting every server author.
MarketNow (us)
MarketNow is the only marketplace that security-audits every server. We run a 6-layer pipeline (Sentinel):
- L1.5: Static analysis (deps, secrets, licenses)
- L1.6: Pattern-based behavioral analysis
- L2 v2.0: Active probe (60+ adversarial inputs)
- L2.5: gVisor sandbox (userspace kernel isolation)
Each server gets a signed SHA-256 certificate with a score 0-10.
The honest gaps
MarketNow's gaps:
- Smaller catalog than PulseMCP (8,764 vs 21,000)
- L2.5 sandbox only covers 206 servers so far (the rest have L1.5+L1.6)
- No third-party audit yet (L5 is Q3 2027)
- Paid features ($0.99-$9.99) — others are fully free
All marketplaces' gaps:
- None verify that the GitHub repo matches the published npm package
- None do supply chain attestation (SLSA)
- None have third-party security audits
- None test for prompt injection at the protocol level
What I'd recommend
- Discovery: Use PulseMCP or Smithery to find servers
- Trust: Check if the server has a MarketNow Sentinel certificate
- Install: Use the official install command from the GitHub repo
-
Verify: Check the Sentinel score at
marketnow.site/verify
The real problem
Discovery is solved. Trust is not.
You can find 21,000+ MCP servers today. But when you npx -y some-mcp-server, that server gets:
- Read access to
~/.ssh/id_rsa,~/.aws/credentials - Network access (exfiltrate data, SSRF)
- Process spawn access (run commands)
- Environment variable access (API keys)
There's no sandboxing in MCP. You're trusting the author.
3 of the 8,764 servers I audited leaked environment variables when sent credential-access prompts. None of the other marketplaces would catch this.
Try it
- Browse: marketnow.site/registry
- Free skills: marketnow.site/api/free-skills.json
- Install:
npx -y marketnow-mcp - Verify a certificate: marketnow.site/verify
I build MarketNow — the trust layer for agent commerce. Follow on GitHub.
Top comments (0)