Preflight

Validate whether your MCP server is publishable on real directories.

Preflight checks your server's actual artifacts — server.json, package.json, smithery.yaml — against the documented requirements of the MCP Registry, Smithery, and npm. Every finding includes the evidence found, the directory rule it maps to, and the exact fix.

What it checks

Each finding is tagged with:

• Evidence level: verified_from_artifact (parsed from your file) or inferred (absence of expected input)
• Rule type: hard_requirement (submission will fail), directory_convention, or heuristic
• Source URL: link to the directory documentation the rule comes from

Use it

As an MCP tool

Connect to the MCP endpoint:

https://skillfoundry.synaplex.ai/products/preflight/mcp/

Call check_publish_readiness with your artifact contents:

{
  "manifest": "<your server.json content>",
  "package_json": "<your package.json content>",
  "target_directories": ["mcp_registry", "npm"]
}

As a REST API

curl -X POST https://skillfoundry.synaplex.ai/products/preflight/api/check \
  -H 'Content-Type: application/json' \
  -d '{
    "manifest": "{\"name\":\"io.github.you/your-server\",\"description\":\"...\",\"version\":\"1.0.0\",\"packages\":[{\"registryType\":\"npm\",\"identifier\":\"@you/your-server\",\"transport\":{\"type\":\"stdio\"}}]}"
  }'

Input fields

All optional — provide as many as you have:

Output

{
  "mode": "artifact_lint",
  "serverName": "io.github.you/your-server",
  "transportType": "stdio",
  "verdict": "fixable",
  "findings": [
    {
      "severity": "block",
      "category": "directory_policy",
      "check": "npm packages: package.json has 'mcpName' matching server.json 'name'",
      "evidence": "package.json missing 'mcpName' field",
      "evidenceLevel": "verified_from_artifact",
      "affectedArtifact": "package.json",
      "rule": {
        "ruleId": "mcpreg-npm-mcpname",
        "directory": "mcp_registry",
        "type": "hard_requirement",
        "sourceUrl": "https://modelcontextprotocol.io/registry/package-types",
        "lastReviewed": "2026-04-11",
        "policyPackVersion": "0.1.0"
      },
      "fix": "Add '\"mcpName\": \"io.github.you/your-server\"' to package.json."
    }
  ],
  "directoryReadiness": {
    "mcp_registry": { "state": "blocked", "hardBlockers": 1, "conventionGaps": 0, "heuristicFlags": 0 },
    "npm": { "state": "ready", "hardBlockers": 0, "conventionGaps": 0, "heuristicFlags": 0 }
  },
  "summary": { "totalChecks": 15, "passed": 13, "warnings": 1, "blockers": 1 },
  "notChecked": [
    { "reason": "Live endpoint probing is not yet supported (v1.1)", "whatItWouldVerify": "..." }
  ]
}

Verdicts:

• checks_pass — all checked rules pass for target directories
• fixable — has blockers, but every blocker has a concrete fix
• not_ready — fundamental issues

What it does not do

• Does not rewrite anything. It validates.
• Does not verify stdio server runtime behavior.
• Does not use LLM calls. Pure parsing and validation.
• Does not require authentication or collect PII.
• Does not cover non-MCP marketplaces.

Design

• Zero dependencies — no npm packages at runtime
• Evidence-based — every finding cites what was checked, what was found, which directory rule applies
• Source-linked rules — every policy rule traces to actual directory documentation with a review date
• Honest about scope — explicitly reports what was NOT checked and why

Policy packs are versioned and derived from directory documentation as of 2026-04-11:

• MCP Registry quickstart
• MCP Registry package types
• MCP Registry remote servers
• MCP server.json schema
• Smithery publish docs
• npm package.json docs

Endpoints

License

MIT

---

Built by Skillfoundry.