capability_profile
ActiveTool of SaSame Research Agent
DEFENSIVE pre-call check for one public MCP server: SaSame classifies its DECLARED tool surface (published tools/list) into capability-risk classes (code-execution / payment / credential / write / send / outbound-fetch / read), flags state-changing tools that publish NO machine-readable safety annotation (so a caller cannot auto-distinguish a read from a write/delete/payment before invoking), gives an exposure tier, and — the part an agent cannot self-produce — which higher-risk capability classes this server NEWLY exposed since SaSame first observed it. ed25519-signed, offline-verifiable. This is an OBSERVATION of the declared surface, NOT a vulnerability/malware scan and NOT a claim the server is unsafe. Use it before wiring an untrusted MCP into an agent. Cost-zero, observed level.
Parameters schema
{
"type": "object",
"$schema": "http://json-schema.org/draft-07/schema#",
"required": [
"url"
],
"properties": {
"url": {
"type": "string",
"description": "The MCP server endpoint URL (https) to profile"
}
}
}No endpoints wrapped at confidence ≥ 0.50.
Parent server
SaSame Research Agent
https://github.com/shigeki7777/sasame-mcp
2/7 registries