www.ia-qa.com
What it offers — 139 tools · Developer Tools
format_jsonFormat, validate, and pretty-print a JSON string. Returns the formatted JSON or a detailed parse error.
generate_uuidGenerate one or more cryptographically random UUID v4 identifiers. Use this when you need unique IDs for test fixtures, database records, session toke
hash_textCompute a cryptographic hash of a text string. Use when you need to verify data integrity, generate content fingerprints, hash passwords (prefer SHA-2
count_tokensEstimate the token count of a text string using the cl100k_base approximation (~4 chars/token). Call this BEFORE sending any text to an LLM API to che
base64_encodeEncode a UTF-8 string to Base64. Use when you need to embed binary data, multi-line text, or special characters safely inside JSON fields, HTTP header
base64_decodeDecode a Base64 string back to UTF-8 text. Use for inspecting Base64-encoded API responses, JWT payload claims, config file values, or attachment data
url_encodePercent-encode a string for safe use in URLs. Call this before programmatically building query strings, path segments, or form-encoded bodies to preve
url_decodeDecode a percent-encoded URL string back to plain text. Use when parsing query parameters from raw URLs or when displaying encoded values to users.
generate_slugConvert any string into a URL-friendly slug: lowercase, ASCII-normalized (é→e), special characters removed, spaces replaced with hyphens. Use for g
validate_emailValidate an email address against RFC 5322 syntax before storing it, sending a transactional email, or adding it to a mailing list. Returns { valid, e
minify_jsMinify a JavaScript snippet, function, class, or module up to 50 KB using Terser. Returns minified code and byte savings. Use when embedding scripts i
decode_jwtDecode a JWT (JSON Web Token) and return its header and payload without verifying the signature. Also reports whether the token is expired and the exa
text_statsCompute comprehensive statistics for any text: character count (with and without spaces), word count, line count, sentence count, paragraph count, and
generate_passwordGenerate a cryptographically secure random password using crypto.randomBytes. Configurable length (4–128), uppercase letters, digits, and symbols. U
parse_csvParse a CSV string into a JSON array of objects (or raw arrays). Handles RFC 4180 quoted fields, escaped quotes, and custom delimiters. Use when proce
color_convertConvert a color between HEX, RGB, and HSL formats. Use when translating design tokens between CSS notations, verifying color accessibility, or normali
regex_testTest a regular expression pattern against an input string and return all matches with their index positions and named capture groups. Use for validati
lorem_ipsumGenerate Lorem Ipsum placeholder text for UI mockups, design prototypes, or test data population. Configurable paragraphs (1–10), sentences per para
+121 more tools
- ✓ initialize → protocolVersion 2025-06-18
- ✓ initialize HTTP 200
- ✓ unknown method → -32601
- ✓ tools/list → 139 tools
- ✓ every tool has name + inputSchema
- 139 tools scanned
- 10 injection-markup hits
- 3 secret-path refs
- single-probe latency 502ms (PRELIMINARY — continuous uptime/p95 from proxy telemetry lands in v2)
- 100% of tools have typed inputSchema
- 0/139 declare outputSchema
- no unannotated destructive tools
- HTTPS ✓
- RFC 9728 oauth-protected-resource metadata ✓
- advertises protocol 2025-06-18
Observed behavior
No proxied traffic observed for this host yet. Connect it at /connect and its grade gains a measured Reliability score + per-tool behavioral evidence — the half a static scan can't produce.
Findings
We re-grade www.ia-qa.com on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.
Share this report card
A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.
Embed this grade
A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.
[](https://wmcp.sh/mcp/grade/www.ia-qa.com)
<a href="https://wmcp.sh/mcp/grade/www.ia-qa.com"><img src="https://wmcp.sh/mcp/grade/www.ia-qa.com/badge.svg" alt="MCP Trust Grade F · wmcp.sh"></a>
Agents: check this before connecting
Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:
https://wmcp.sh/mcp/trust
readOnly vs observed behavior) layer on via the wmcp.sh proxy.