Skip to main content
Hashnodebmccall17 darketype weblogbmccall17 darketype weblog

Command Palette

Search for a command to run...

The mcp trust registry and lake stability

Updated
3 min read
The mcp trust registry and lake stability
B
Brett A McCall
For the past several years I built and ran Better Than Unicorns (immersive/XR collaboration). That meant I did the whole thing: prospected, sold, onboarded, set up accounts/devices, ran live sessions, troubleshot remotely, built enablement, monitored engagement, and turned feedback into product improvements. I am at my best in the messy middle where customers are excited… and the reality of rollout, behavior change, and technical friction shows up.
Part of seriesrepOptics repository research

It has been almost a month since the last major research update for repOptics. The context lake has grown and we have been busy wiring up new capabilities to measure repo trust and drag.

The big headline this week is our integration with the BlueRock MCP Trust Registry. If you are building agentic systems, you need a trust signal before you wire an external server into your context window. We now display a registry risk badge right beside the repo name on reports. We pull a batch registry snapshot and run a trust classification engine over it. It gives agents a concrete signal of what they are about to execute.

Our scan capabilities also got a major refactor over the last week. We shipped an IaC agent that now covers Terraform, CloudFormation, and serverless.yml. We also rolled out three-valued permission-gated guardrails—meaning a null result is explicitly marked as unverifiable rather than failing or passing silently. We also did a deep pass on claim hygiene, establishing pitfall norm ceilings and stable rates for the same engine versions.

Here is what the lake data said this week:

  • Lake size: 12,838 scans

  • Repositories: 4,311 repos

  • Deltas: 8,529 scan deltas

The notable movement is our re-scan stability. 61% Of re-scans are stable within a +/-1 point margin. The average re-scan delta is hovering at -0.6 points. This means the scoring engine is holding steady even as the underlying codebases evolve.

We also found visible AI-agent guidance files in 27% of scans. This is a solid chunk of the ecosystem explicitly telling agents how to behave in their repos. It proves visible evidence of AI integration is climbing.

A quick check on the pitfalls: duplicates failed in 68% of scans and governance failed in 57%. The ecosystem still struggles with the basics of keeping the repo clean.

This matters because the repo is the bottleneck. If your agents cannot trust the context or cannot read the infrastructure definitions, they will hallucinate or fail. By pulling in the BlueRock trust signals and hardening our own scan capabilities, we are giving AI a clearer map of what to trust.

If you want to see how your repo scores, run a scan and let me know what you think. You can reach out here. repOptics is a free forever project, if it brings value to your work and you'd like to support it, please consider buying me a coffee every little bit makes a difference.

View this post with the full interactive/glitchy experience on darketype.

#repoptics#research#repo-health#trust-registry#mcp#reporesearch
15 views

Comments

Join the discussion

No comments yet. Be the first to comment.

repOptics repository research

Part 6 of 6

weekly repo health research from [repOptics](https://rep-optics.onrender.com/) — tracking what actually changes, what stays stable, and what signals are strong enough to act on. built for AI-native teams who need better optics, not louder grades. let me know what you think [here](https://bmccall17.github.io/book). originally [I posted this up on LinkedIn](https://www.linkedin.com/feed/update/urn:li:activity:7448047904390275072/) to tell that network about what this project is all about. repOptics is a free forever project, if it brings value to your work and you'd like to support it, please [consider buying me a coffee](https://buymeacoffee.com/bmccall17) every little bit makes a difference.

Start from the beginning

repOptics in the wild: building the tools to build the tools

The problem I met with my friend julio last night and we talked about the current market of ai builders. Everyone is building agents and wrappers, but how many of them are actually testing their produ

More from this blog

B

bmccall17 darketype weblog

41 posts

waking up with alot on my mind... mainly my portfolio and developing the accompanying site that is a bit of the darketype site where im practicing the "art of mess making" and logging my learnings.

this is where i keep and continuously build my "failure" resume.