B+

mystoq.com

https://mystoq.com/api/mcp
87/100 · MCP Trust Grade · checked 5h ago · MCP 2024-11-05
Watched since 2026-06-03 — behavioral baseline locked. We re-check this server's tool surface on a schedule; if it adds, removes, or silently rewrites a tool (rug-pull), we record it.

What it offers — 12 tools · Finance & Crypto

search_stores

Search the public Mystoq store directory (Algerian online shops). Filter by keyword (store name), wilaya, or plan. Returns store name, wilaya, storefr

get_store

Get a public Mystoq store by its slug: name, wilaya, storefront URL, plan tier and member-since. Public info only.

list_plans

List Mystoq subscription plans with monthly/yearly/lifetime prices (DZD) — useful to answer "how much does Mystoq cost".

platform_stats

Mystoq network statistics: number of active stores and wilayas covered.

cod_profit

Compute true CAC and net cash-on-delivery profit for an Algerian online store, accounting for the return/refusal rate. Returns base and confirmation-c

yalidine_delivery

Estimate Yalidine delivery for an Algerian shipment (home/stopdesk) between wilayas.

order_risk

Score the fraud/return risk of an Algerian COD order from its signals (phone, history, etc.) — Mystoq FakeShield logic.

create_store

Register a NEW Mystoq store (tenant). Returns the store id, slug and an access token. No auth needed. WRITE.

create_product

Create a product in the authenticated merchant's store. Requires Bearer token. WRITE.

set_price

Update a product's price (and optional compare_price) in the authenticated store. Requires Bearer token. WRITE.

publish

Publish a product (set status=active) so it shows on the storefront. Requires Bearer token. WRITE.

delete_product

Delete a product from the authenticated store (reversible cleanup — used by the agent's ephemeral live-demo). Requires Bearer token; only the owner's

Spec conformance20%100
Security (OWASP MCP)30%100
Reliability / performance20%84
Tool hygiene15%65
Transparency / provenance15%70

Observed behavior

No proxied traffic observed for this host yet. Connect it at /connect and its grade gains a measured Reliability score + per-tool behavioral evidence — the half a static scan can't produce.

Findings

No blocking issues found in the static + spec checks.
Grade another server

We re-grade mystoq.com on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.

Share this report card

A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.

MCP Trust report card — mystoq.com grade B+
Share on X Open card image

Embed this grade

A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.

MCP Trust Grade B+ · wmcp.sh
[![MCP Trust Grade B+](https://wmcp.sh/mcp/grade/mystoq.com/badge.svg)](https://wmcp.sh/mcp/grade/mystoq.com)
<a href="https://wmcp.sh/mcp/grade/mystoq.com"><img src="https://wmcp.sh/mcp/grade/mystoq.com/badge.svg" alt="MCP Trust Grade B+ · wmcp.sh"></a>

Agents: check this before connecting

Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:

https://wmcp.sh/mcp/trust
How this grade is computed. An open, independent rubric — Spec conformance (20%), Security mapped to the OWASP MCP Top 10 (30%), Reliability (20%), Tool hygiene (15%), Transparency (15%) — run by connecting to the server and inspecting its real MCP surface. The grade is free and identical whether or not the operator pays. v1 uses static + spec signals from a single connection; continuous uptime, real latency, and annotation-truthing (declared readOnly vs observed behavior) layer on via the wmcp.sh proxy.