mcp-data.tunnelmind.ai

Item: mcp-data.tunnelmind.ai
Rating: 45
Author: wmcp.sh

https://mcp-data.tunnelmind.ai/mcp

45/100 · MCP Trust Grade · checked 6h ago · MCP 2025-03-26

✓ Watched since 2026-06-03 — behavioral baseline locked. We re-check this server's tool surface on a schedule; if it adds, removes, or silently rewrites a tool (rug-pull), we record it.

What it offers — 54 tools · Developer Tools

health_check

Returns a minimal status object confirming the API is alive. Use this to verify connectivity before chaining other calls, or as a liveness check in a

get_domain

Returns the complete surveillance intelligence record for a domain name. If the domain is in TunnelMind's tracker database (80,000+ entries), the resp

list_domains

Returns a paginated list of domains from the tracker database. Results are ordered alphabetically by domain name and support cursor-based pagination f

get_entity

Returns an entity record for a surveillance company or data broker, including its industry, estimated annual data value per user (in USD), categories

list_entities

Returns a paginated list of corporate entities in the TunnelMind surveillance database. Includes data categories, estimated data value, and industry c

search

Searches both the domains table and the entities table simultaneously. Returns matching domains (by domain name) and entities (by name or slug) in a s

intel_http

Makes a live HEAD request to the target domain from the Cloudflare edge, follows up to 5 redirects, and returns the full redirect chain, final HTTP st

intel_stack

Fetches up to 32KB of the domain's HTML and response headers from the edge, then fingerprints the content for known CMS platforms, JavaScript framewor

intel_robots

Retrieves the target domain's `robots.txt` file and parses it for AI crawler disallow rules. Specifically detects policies for known AI crawlers (GPTB

intel_agent

Probes a domain for known AI agent integration signals: `llms.txt`, `ai.txt`, `/.well-known/ai-plugin.json`, `openapi.json`, `swagger.json`, MCP manif

intel_inject

Fetches a domain's homepage and checks for content patterns that could constitute prompt injection attacks against AI agents that visit and ingest the

intel_optout

Checks a domain for all known AI training data opt-out mechanisms beyond robots.txt: TDM (Text and Data Mining) reservation headers, `<meta name="ai">

get_receipt

Returns metadata for a TunnelMind surveillance receipt — a signed document proving that a specific user's surveillance exposure was observed, measured

verify_receipt

Tamper-detection verification for TunnelMind surveillance receipts. Submit the receipt ID, the SHA-256 content hash, and the Ed25519 signature from th

get_ghostroute_cert

Returns the proof-of-existence record for a TunnelMind GhostRoute jurisdiction certificate. A GhostRoute certificate is a signed document proving that

verify_ghostroute_cert

Tamper-detection verification for GhostRoute jurisdiction certificates. Submit the certificate ID, the SHA-256 content hash, and the Ed25519 signature

get_api_key

Returns the tier, label, masked owner email, creation date, last-used timestamp, today's request count, and daily request limit for the API key used i

revoke_api_key

Permanently deactivates the API key used to make this request. This action is irreversible. After revocation, the key will return 401 on all subsequen

+36 more tools

Spec conformance20%100

✓ initialize → protocolVersion 2025-03-26
✓ initialize HTTP 200
✓ unknown method → -32601
✓ tools/list → 54 tools
✓ every tool has name + inputSchema

Security (OWASP MCP)30%15

54 tools scanned
1 injection-markup hits
no secret-path refs

Reliability / performance20%70

single-probe latency 2062ms (PRELIMINARY — continuous uptime/p95 from proxy telemetry lands in v2)

Tool hygiene15%76

93% of tools have typed inputSchema
0/54 declare outputSchema
no unannotated destructive tools

Transparency / provenance15%70

HTTPS ✓
advertises protocol 2025-03-26

Observed behavior

No proxied traffic observed for this host yet. Connect it at /connect and its grade gains a measured Reliability score + per-tool behavioral evidence — the half a static scan can't produce.

Findings

FAILMCP01 Tool "get_analyst_config" description contains prompt-injection / hidden-instruction markup.

Grade another server

We re-grade mcp-data.tunnelmind.ai on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.

Share this report card

A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.

MCP Trust report card — mcp-data.tunnelmind.ai grade F

Share on X Open card image

https://wmcp.sh/mcp/grade/mcp-data.tunnelmind.ai

Embed this grade

A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.

Markdown (for your README)

[![MCP Trust Grade F](https://wmcp.sh/mcp/grade/mcp-data.tunnelmind.ai/badge.svg)](https://wmcp.sh/mcp/grade/mcp-data.tunnelmind.ai)

HTML

<a href="https://wmcp.sh/mcp/grade/mcp-data.tunnelmind.ai"><img src="https://wmcp.sh/mcp/grade/mcp-data.tunnelmind.ai/badge.svg" alt="MCP Trust Grade F · wmcp.sh"></a>

Agents: check this before connecting

Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:

https://wmcp.sh/mcp/trust

How this grade is computed. An open, independent rubric — Spec conformance (20%), Security mapped to the OWASP MCP Top 10 (30%), Reliability (20%), Tool hygiene (15%), Transparency (15%) — run by connecting to the server and inspecting its real MCP surface. The grade is free and identical whether or not the operator pays. v1 uses static + spec signals from a single connection; continuous uptime, real latency, and annotation-truthing (declared readOnly vs observed behavior) layer on via the wmcp.sh proxy.