Skip to content

Add MseeP.ai badge #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
mseep-ai wants to merge 1 commit into from
Closed

Add MseeP.ai badge #85

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
[![MseeP.ai Security Assessment Badge](https://mseep.net/pr/rohitg00-ai-engineering-from-scratch-badge.png)](https://mseep.ai/app/rohitg00-ai-engineering-from-scratch)

Comment on lines +1 to +2
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

What is MseeP.ai and what security assessments do they provide for GitHub repositories?

💡 Result:

MseeP.ai is a platform that provides a directory of trusted Model Context Protocol (MCP) servers for AI integrations, featuring real-time security ratings and vulnerability analysis to help users discover and integrate secure MCP servers. It offers tools like the MseeP AI Helper app for intelligent recommendations, security scoring, and seamless integration with AI workflows such as Claude. For GitHub repositories, particularly those hosting MCP servers, MseeP.ai performs automated security assessments using tools like Semgrep. These scans detect issues such as unsafe use of exec, yaml.load, os.system with dynamic input, base64 decoding potentially indicating obfuscated code, and dependency vulnerabilities. Results include a security score out of 100 (e.g., 60/100 for high risk), risk level, scan date, and categorized findings by severity (medium, low). Badges summarizing these assessments are promoted via pull requests to project READMEs, with detailed listings available on mseep.ai/app/[repo]. The service automatically discovers and scans public MCP servers on GitHub.

Citations:

🏁 Script executed:

# Check if this is an MCP server repository
find . -type f -name "*.py" -o -name "*.ts" -o -name "*.js" | head -20
cat README.md | head -50

Repository: rohitg00/ai-engineering-from-scratch

Length of output: 4243

🌐 Web query:

MseeP.ai mseep.net domain image badge security why different domains

💡 Result:

MseeP.ai (mseep.ai) is a security-focused directory for trusted Model Context Protocol (MCP) servers, providing security ratings, verified maintainer identities, integrity tracking, and alerts for AI integrations. It was launched by SkyDeck AI to address MCP security vulnerabilities. mseep.net hosts the images for MseeP.ai's "Security Assessment Badge," which displays security scan results (e.g., score out of 100, risk level, findings from tools like semgrep). These badges are added to MCP server repositories via pull requests to promote trust and ongoing validation. Examples include badges at URLs like https://mseep.net/pr/xorbitsai-inference-badge.png. The domains differ because mseep.ai is the primary public-facing site and directory, while mseep.net serves as a dedicated asset/CDN subdomain specifically for hosting static badge images, ensuring reliable delivery for GitHub READMEs and promotional use without impacting the main site's performance.

Citations:

This security badge is inappropriate for this repository.

The MseeP.ai badge is designed for Model Context Protocol (MCP) servers, which this repository is not. ai-engineering-from-scratch is an educational course on AI fundamentals, not an MCP server implementation. The badge should be removed because:

  1. Wrong Repository Type: MseeP.ai automatically scans and badges public MCP servers. This repository doesn't fit that category.

  2. Misleading Badge: Readers may assume this educational course has passed a security assessment relevant to its actual purpose, when the badge measures something entirely different (MCP server security).

While MseeP.ai is a legitimate service and the domain split (mseep.net for images/CDN, mseep.ai for the main site) is intentional asset hosting architecture, the badge itself is simply not applicable here.

Recommendation: Close this PR. If you want security-related badges, consider those relevant to educational content (e.g., OWASP, code analysis tools, dependency scanning for the course materials themselves).

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@README.md` around lines 1 - 2, Remove the MseeP.ai badge markdown from
README.md (the linked image line containing "MseeP.ai Security Assessment Badge"
or references to mseep.net / mseep.ai); search for the badge markdown or the
text "MseeP" in README.md, delete that line(s), and commit with a clear message
like "Remove inappropriate MseeP.ai badge" — no other code changes required.

<div align="center">

<img src="assets/banner.svg" alt="AI Engineering from Scratch" width="100%">
Expand Down