MCP compliance catalog

Every MCP tool in the SCOPE compliance index, grouped by server — risk posture, regulatory exposure, and the tools that warrant tighter governance.
80MCP servers
1695tools
Reset 80 of 80 servers
Aiwyn Tax
10 tools · footprint 22
4 high 1 med 5 low COSOGLBA+1 more
Outreach
17 tools · footprint 22
2 high 6 med 9 low COSOSOX
PlanetScale
16 tools · footprint 22
1 critical 1 high 14 low COSOSOX
Square
3 tools · footprint 22
1 critical 2 low COSOGLBA+3 more
Airtable
19 tools · footprint 21
11 med 8 low
Klaviyo
29 tools · footprint 21
2 high 7 med 20 low
Mercury
13 tools · footprint 21
3 high 8 med 2 low COSOGLBA+2 more
Zoom for Claude
13 tools · footprint 20
3 high 3 med 7 low HIPAA
monday.com
17 tools · footprint 19
1 high 4 med 12 low
10x Genomics Cloud
27 tools · footprint 18
1 high 5 med 21 low HIPAA
Base44
7 tools · footprint 18
2 high 1 med 4 low
HubSpot
12 tools · footprint 18
1 high 3 med 8 low
Intercom
13 tools · footprint 18
8 med 5 low
Mixpanel
23 tools · footprint 18
1 high 6 med 16 low
Notion
18 tools · footprint 18
8 med 10 low
Slack
7 tools · footprint 18
2 high 4 med 1 low
‹ PrevPage 3 of 5Next ›
Stytch
1 critical 2 high 2 med 2 low · 7 tools · 3 SoD-flagged
regimes APPICCPAGDPRISO_27001LGPDNIST_CSFNY_DFS_500PIPEDAPIPLPOPIASOC2UK_GDPR

Tools needing tighter control (3 of 7)

stytch.updateConsumerSDKConfig critical conf highhuman approval
Reconfigures consumer SDK settings, enabled auth products, and permissions; misconfiguration can disable MFA or lock users out at scale.
stytch.createRedirectURLs high conf highhuman approval
Registers new authentication callback URLs; an attacker-controlled URL here enables credential interception.
stytch.createPublicToken high conf mediumhuman approval
Issues a new public token for a project; expands the set of identifiers that can initiate auth flows.
All other tools (4)
stytch.createProject medium conf highaudit
Creates a new Stytch project; expands the workspace's authentication footprint.
stytch.getAllPublicTokens medium conf mediumaudit
Reads public tokens used by client applications; intended public credentials but still a credential.
stytch.getAllRedirectURLs low conf highallow
Reads registered redirect URLs for the project.
stytch.listProjects low conf highallow
Lists Stytch projects in the workspace.