Case file — 2EF4B9CC
The idea
“MCP registry — Timing is everything here. MCP is 6 months old, Anthropic's current solution is a GitHub flat list, and every AI developer needs this. The "npm of MCP" framing is crisp and the gap is real and visible right now.”
The panel
The window you're eyeing is already closed. GitHub launched its own MCP Registry in September 2025, positioning itself as the curated, centralized hub for discovering MCP servers — essentially the exact "npm of MCP" you're describing, but backed by GitHub's existing developer distribution, trust infrastructure, and Microsoft/Anthropic relationships. PulseMCP already exists as an independent community tracker. The ecosystem grew past 5,000 servers in under a year, confirming demand, but that same growth attracted the platform incumbent. Red flag you're ignoring: You're not competing with a GitHub flat list anymore — you're competing with GitHub itself as a dedicated registry operator. Building a registry against the company that already hosts most MCP server source code is a near-impossible distribution fight with zero traction. The gap was real six months ago; it's filled now.
The core technical challenge you're underestimating is trust and security—npm's biggest ongoing nightmare, and you'd inherit it from day one. MCP servers execute arbitrary code with tool-calling LLMs, so a single malicious package is catastrophically worse than npm supply chain attacks. You need sandboxing, verification, and provenance infrastructure that's genuinely hard to build. The build-vs-buy question is search and discovery: you'll be tempted to build custom ranking/relevance, but you should buy (Algolia, Meilisearch) and focus engineering on the security layer instead. The brutal truth on moat: there is none. Anthropic can ship an official registry any Tuesday. Network effects take years to harden; they have the user base already. You're building on someone else's roadmap and betting they stay lazy. That's not a moat, it's a window.
The npm analogy is seductive but misleading—npm monetizes through npm Enterprise and GitHub ownership, not the registry itself. Your core problem: developer registries are notoriously hard to monetize because developers expect them to be free. You'll acquire users cheaply through organic/SEO early, but LTV is near zero until you figure out who actually pays—enterprise teams, MCP server publishers, or platform licensees. That pricing model doesn't exist yet and will take 12-18 months of experimentation to validate. Meanwhile, Anthropic can ship an official registry any Tuesday and kill you instantly—that's not competitive risk, that's existential dependency. With zero traction and no revenue path, a $500K seed gives you maybe 14 months, but you're burning toward a monetization cliff with no proven willingness-to-pay from anyone. You're building a feature, not a business.
This is extremely well-timed but the window is measured in weeks, not months. The gap between MCP's adoption curve and its infrastructure maturity is real and obvious — which means you're not the only one seeing it. Smithery, Glama, and mcp.run already exist with varying approaches. The macro trend that matters most is whether MCP becomes the dominant standard or fragments — Anthropic's backing helps, but OpenAI and Google could fork or ignore it. If MCP consolidates, the registry winner takes most (like npm did). The window is open but closing fast. Without shipping something functional within 4-6 weeks, you'll be entering a space with entrenched early movers. Ideas are worthless here; speed is everything.
Cause of death
The gap you identified no longer exists
Your entire thesis rests on "Anthropic's current solution is a GitHub flat list." That was true. It is no longer true. GitHub launched its own MCP Registry in September 2025 — a curated, centralized hub backed by the platform that already hosts most MCP server source code, has Microsoft's relationship with Anthropic, and owns the developer trust graph. You're not filling a vacuum; you're walking into an occupied building and asking the tenants to leave. The "npm of MCP" framing is crisp, yes — and GitHub already used it on themselves.
You're building a feature on someone else's roadmap
Even if GitHub's registry were mediocre, Anthropic can ship an official registry any Tuesday. You have zero control over this. Your entire business is a bet that the protocol creator and its most powerful distribution partner both stay lazy simultaneously, indefinitely. That's not a strategy; that's a prayer. The tech panel is right — network effects take years to harden, and you have weeks before the window closes entirely. You don't even have a prototype.
Developer registries are free products, not businesses
npm didn't monetize the registry — it monetized enterprise tooling and then got acquired by GitHub (there's that name again). You have no monetization model, no evidence of willingness-to-pay, and the historical precedent says developers will use your registry for free and never give you a dollar. Your finance panel estimates 12-18 months to even validate a pricing model, but you'd be burning cash the entire time against competitors who don't need to monetize the registry because it's a feature of their larger platform. You're not building a business; you're building a free public good and hoping someone acquires you before the money runs out.
⚠ Blind spot
The security problem is your real story — and you're completely ignoring it. MCP servers execute arbitrary code through tool-calling LLMs. A malicious MCP package isn't like a malicious npm package that mines crypto in your CI pipeline; it's a package that gives an AI agent the ability to exfiltrate data, execute commands, or manipulate outputs in ways the user can't see. This is categorically worse than anything the npm ecosystem has faced. GitHub's registry, Smithery, and every other competitor are also ignoring this because trust infrastructure is boring and hard. But the founder who builds the security and verification layer for MCP — not the discovery layer — is building something that's actually defensible, actually valuable, and actually terrifying enough that enterprises will pay for it. You're staring at the interesting problem and pitching the commodity one.
Recommended intervention
Kill the registry. Build MCP Sentinel — a security verification and provenance platform for MCP servers. Think Snyk or Socket.dev, but specifically for the MCP supply chain. Here's why this works: (1) Every registry — GitHub's, Smithery, whatever Anthropic ships — needs a trust layer and none of them have one yet. You become infrastructure under the registries instead of competing against them. (2) Enterprise teams adopting MCP agents will have security and compliance teams screaming about arbitrary code execution from unverified sources. Those teams have budgets. (3) The security surface of MCP is genuinely novel — LLM tool-calling creates attack vectors that existing SAST/DAST tools don't cover — so you'd have real technical differentiation, not just "better search." Ship a free scanning tool in 4 weeks, get it integrated into one existing registry as a badge system, and you have distribution without fighting GitHub for it. The market for MCP security scales with MCP adoption regardless of who wins the registry war.
Intervention unlocking
5seconds
No account needed. One email, no follow-ups.
Want your idea examined? Free triage or full panel →