Stop Blindly Trusting MCP Servers — Add a Trust Gate to Your AI Agent in 5 Lines

Your AI agent calls MCP servers. But do you know if those servers are reliable?

MCP (Model Context Protocol) is how agents talk to tools. There are 22,561 MCP servers indexed, only 117 (0.5%) with any behavioral record and just 18 (0.08%) verifiable at runtime. Some are rock-solid. Some go down every hour. Some return garbage data. Your agent can't tell the difference — unless you add a trust check.

The Problem

When your LangChain agent calls an MCP server:

1. It doesn't know if the server has been reliable historically
2. It doesn't know if the server is currently degraded
3. If the server fails, your agent fails — with no fallback

The Fix: TrustGateInterceptor

Using the interceptor pattern in langchain-mcp-adapters:

from langchain_mcp_adapters.client import MultiServerMCPClient
from langchain_mcp_adapters.trust_gate import TrustGateInterceptor

trust_gate = TrustGateInterceptor(min_trust_score=60)

async with MultiServerMCPClient(
    {"my_server": {"url": "https://my-mcp.example.com/mcp", "transport": "streamable_http"}},
    interceptors=[trust_gate],
) as client:
    tools = client.get_tools()
    # Every tool call now checks trust score first

Every tool call checks Dominion Observatory (22,561 servers indexed, only 0.5% with any behavioral record) before executing. Servers below your threshold get blocked with an explanation.

What's Happening Under the Hood

The trust gate calls the Observatory API before each tool invocation. It gets back:

• Trust score (0-100) based on observed behavior across the ecosystem
• Latency stats — avg and p95
• Success rate — what % of calls succeed
• SLA grade — Platinum/Gold/Silver/Bronze/Unrated

If the server doesn't meet your threshold, the call is blocked and your agent gets a clear message explaining why. Scores are cached for 5 minutes to avoid excessive API calls.

The Interceptor Pattern

The TrustGateInterceptor implements LangChain's ToolCallInterceptor protocol — the same pattern used for rate limiting, logging, and auth injection. It composes cleanly with other interceptors:

interceptors=[
    trust_gate,       # Check trust first
    rate_limiter,     # Then rate limit
    audit_logger,     # Then log
]

For Enterprise / MiCA Compliance

If you're in the EU and need audit trails for MiCA Article 12 (enforcement July 1, 2026), the compliance tier returns signed attestation receipts at $0.10/query.

Links

• Observatory: https://dominionobservatory.com
• GitHub: https://github.com/sgdata-io/dominion-observatory
• LangChain PR: https://github.com/langchain-ai/langchain-mcp-adapters/pull/520
• MCP endpoint: https://dominionobservatory.com/mcp