Probe goes beyond tool discovery. It tests MCP servers against real inputs, verifies tools do what they claim, and flags unexpected behaviour — before you let them near your agents.
Provide the MCP server definition — package name, URL, or config block
Probe loads the server in an isolated cloud sandbox and enumerates all exposed tools
Each tool is invoked with controlled inputs across multiple runs to observe actual behaviour
A full report is generated with risk score, findings, and a reproducibility rating
Compares what the server says its tools do against what they actually do when invoked. Undeclared tools and mismatched behaviour are flagged.
Detects process spawns, network calls, and file access that occur outside the declared scope of a tool call. Anything unexpected is surfaced with context.
MCP servers that behave differently on first run vs subsequent runs are a red flag. Probe runs each server multiple times and scores consistency explicitly.
Flags any file access attempts targeting sensitive system paths — credential files, SSH keys, environment files — regardless of whether they succeed.
Most MCP registries tell you what tools a server exposes. Probe tells you what those tools actually do — and what else the server does that it didn't mention.
The MCP ecosystem is growing fast. Not every server is well-intentioned, well-tested, or well-maintained. Probe gives you independent verification before you trust a server with your agent's actions.
| Capability | Registry listing | Probe |
|---|---|---|
| Tool enumeration | ✓ | ✓ |
| Behavioural testing | — | ✓ |
| Side effect detection | — | ✓ |
| Multi-run consistency | — | ✓ |
| Risk score | — | ✓ |
| Downloadable report | — | ✓ |
Join the waitlist to be first to test MCP servers with Probe when it launches. Early access will include a limited number of free scans.