The Model Context Protocol ecosystem now spans at least 15,930 indexed servers across four major registries — but most published lists mix categories, omit auth models, or never tell you who actually maintains the server. This Issue #1 of our monthly MCP tracker catalogs 56 production-ready or vendor-backed servers across 10 categories with all 7 columns: name, category, registry source, auth model, transport, maintainer, and status.
The ecosystem shifted structurally in May 2026. MCP tunnels — a research preview that opens an outbound-only encrypted connection so agents can reach customer data without inbound firewall rules — were announced at Code with Claude London on May 19, 2026. Self-hosted sandboxes entered public beta the same day, with Cloudflare, Daytona, Modal, and Vercel as sandbox providers. Together these announcements reshape what "production" means for MCP servers: hosted endpoints, OAuth 2.1, and outbound-only gateways are now the default deployment shape, not the advanced configuration.
This guide covers the what-changed context for Issue #1, a registry count comparison across all eight major sources, the full 56-server catalog by category, an auth-model and transport breakdown, and a preview of what we will track in Issue #2 (June 2026). For the deployment playbook, see our MCP server org deployment 30-60-90 day plan. For auth-model best practices, see the MCP server security engineering guide.
- 01Registries are not a single source of truth.As of May 2026, the official Anthropic reference repo ships only 7 active servers (14 more are archived). The real ecosystem lives in PulseMCP (15,930+), Smithery (~7,300), Composio (1,000+ toolkits / 20,000+ tools), and the official MCP Registry (~2,000). No single registry indexes all servers. Buyers must cross-reference at least two sources before declaring a category 'covered.'
- 02OAuth 2.1 is winning the auth model race.Of the 56 servers in this catalog, approximately 21 use OAuth 2.1 as their primary or only auth method — the plurality. API key authentication accounts for roughly 17, connection strings 7, and PATs 3. The trend is clear: vendor-hosted servers shipping in 2026 default to OAuth 2.1; community stdio servers from 2024-2025 default to API keys or connection strings. The 2025-11-25 MCP spec formalized OAuth 2.1 enforcement.
- 03MCP tunnels + sandboxes change the production model.MCP tunnels (research preview, May 19, 2026) let agents reach customer-side data through a single outbound encrypted connection — no inbound firewall rules. Self-hosted sandboxes (public beta, same day) with Cloudflare, Daytona, Modal, and Vercel as providers give security teams an auditable execution environment. These two primitives together remove the two largest enterprise blockers for production MCP deployments.
- 04MCP governance moved to the Linux Foundation.In December 2025, Anthropic donated MCP to the Agentic AI Foundation (AAIF) under the Linux Foundation. Anthropic remains a platinum member and core maintainer, but the protocol is now governed by a steering group of 9 core/lead maintainers with 58 total active maintainers and 2,900+ community contributors on Discord. This governance shift matters for enterprise buyers — MCP is no longer a single-vendor standard.
- 05The catalog's 'Archived' flag is a production blocker.Fourteen servers in the original Anthropic reference repo (GitHub, GitLab, Google Drive, PostgreSQL, Slack, and others) moved to github.com/modelcontextprotocol/servers-archived in 2025-2026 with no security guarantees. Many still appear in tutorial posts and aggregator listings without the archived flag. Before deploying any MCP server, verify its current maintainer status against the source repo — not just the Smithery or PulseMCP listing.
01 — Issue #1 — May 2026What changed in May 2026: tunnels, sandboxes, and the governance shift.
Three events in May 2026 make this the right moment to launch a recurring MCP tracker. First, the MCP tunnels research preview and self-hosted sandboxes public beta were announced at Code with Claude London on May 19, 2026 — the first structural change to the production deployment model since the 2025-11-25 spec formalized OAuth 2.1. Second, AWS's Agent Toolkit MCP Server reached general availability with 60+ official servers spanning documentation, infrastructure, Lambda, containers, AI/ML, and analytics — the largest first-party server catalog from any cloud provider. Third, the observability category expanded from 6 to 9 vendor-maintained servers between March and May 2026, with IBM Instana, Honeycomb, and New Relic all shipping GA endpoints.
For context on the code-with-claude event specifically, see our companion post: Code with Claude: sandboxes and MCP tunnels launch. The MCP tunnels announcement quoted a developer from The New Stack coverage directly: "The compliance team is the real bottleneck for production agents, not the model. Self-hosted sandboxes and MCP tunnels are the layer that lets agents actually run inside the customer's perimeter instead of behind a sandbox the security team takes six weeks to clear."
The spec version to track is 2025-11-25 — published November 25, 2025 on the protocol's first anniversary. It introduces async Tasks, improved OAuth 2.1 enforcement, structured tool outputs, and elicitation primitives. The previous spec version (2025-06-18) focused on the original OAuth-based authorization and elicitation groundwork. Do not cite 2024-11-05 as the current spec — that was the launch-era version. For a full engineering walkthrough of what the spec update means for server authors, see the MCP inspector deep-dive.
MCP is no longer an Anthropic-owned standard. In December 2025, Anthropic donated the protocol to the Agentic AI Foundation (AAIF) under the Linux Foundation. Anthropic remains a platinum member and core maintainer alongside 58 total active maintainers — but the steering group is multi-vendor. For enterprise buyers evaluating long-term lock-in risk: MCP's governance model is closer to CNCF than to a proprietary protocol.
02 — Registry LandscapeRegistry counts at a glance: eight sources, four orders of magnitude.
The MCP registry landscape has no single source of truth. Each aggregator uses different inclusion criteria, quality filters, and update cadences. PulseMCP deliberately omits low-quality entries and updates daily. Smithery includes any installable server. The official MCP Registry (~2,000) applies a curation layer. First-party catalogs (AWS, Azure, Google Cloud) list only their own servers. The table below is a May 2026 snapshot — treat counts as point-in-time and verify against the source before using in a procurement decision.
MCP server registry counts — May 2026 snapshot
Sources: PulseMCP (pulsemcp.com), Smithery (smithery.ai), AWS blog, Google Cloud blog, Microsoft Learn, claude.com/docs — May 2026 snapshots. Cross-registry distinct estimate: roughly 9,400 distinct servers de-duplicated across PulseMCP, official MCP Registry, Smithery, and npm-tagged servers.The order-of-magnitude gap between curated first-party catalogs and aggregator registries is the key insight for buyers: AWS's 60+ servers are all GA and AWS-maintained; PulseMCP's 15,930+ include community experiments, archived projects, and alpha tooling. The useful signal is the overlap between the official MCP Registry (~2,000) and PulseMCP — a server appearing in both has cleared two curation filters. For marketing-specific server selections, see our companion catalog: 25 MCP servers for marketing reviewed.
03 — Category 1 of 10Databases: 10 servers from Postgres to Neo4j.
The database category is the most mature in the MCP ecosystem and the most important to audit carefully — several Anthropic reference servers in this category have been archived, and community successors with different maintainers, different auth models, and different stability guarantees have filled the gap.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| PostgreSQL MCP | Conn str | stdio | Community (crystaldba) | Production |
| SQLite MCP | Conn str | stdio | Community | Archived/Community |
| Redis MCP | Conn str | stdio | Redis Inc. | Production |
| MongoDB MCP | Conn str | stdio + HTTP | MongoDB | Beta |
| Supabase MCP | OAuth 2.1 + PAT | HTTP / Hosted | Supabase | GA |
| Snowflake MCP | OAuth / key-pair | stdio + Hosted | Snowflake | GA |
| Google Cloud MCP Toolbox | Varies by DB | stdio + HTTP | GA | |
| Databricks MCP | OAuth + workspace token | stdio + Hosted | Community + Databricks | Beta |
| ClickHouse MCP | Conn str | stdio | ClickHouse Inc. | Production |
| Neo4j MCP | Conn str | stdio | Community + Neo4j Labs | Production |
* Supabase MCP is hosted at mcp.supabase.com/mcp (HTTP transport, OAuth 2.1 + dynamic client registration + PAT, 2.6k GitHub stars). Google Cloud MCP Toolbox covers PostgreSQL, MySQL, SQL Server, Oracle, MongoDB, Redis, Elasticsearch, ClickHouse, Couchbase, Neo4j, Snowflake, and Trino through a single server binary. SQLite MCP: the original Anthropic reference server is archived; community successors exist with varying quality. Verify maintainer status before deploying.
04 — Category 2 of 10CRM & business apps: five servers, four on OAuth 2.1.
The CRM category is where the OAuth 2.1 transition is most visible. HubSpot, Salesforce, Notion, and Linear all use OAuth 2.1 as their primary auth model — only Pipedrive (community-only, no official server) uses an API key. If your CRM stack is in this category, you should expect OAuth 2.1 as the standard integration pattern in 2026. For teams building agentic CRM workflows, our CRM automation services cover the full integration architecture.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| HubSpot MCP | OAuth 2.1 | HTTP / Hosted | HubSpot | Beta (production-grade) |
| Salesforce MCP | OAuth 2.1 | stdio + HTTP | Salesforce | GA |
| Notion MCP | OAuth 2.1 | Hosted | Notion | GA |
| Linear MCP | OAuth 2.1 | Hosted | Linear | GA |
| Pipedrive MCP | API key | stdio | Community | Community |
HubSpot MCP exposes 100+ tools across contacts, companies, and deals. Salesforce MCP (salesforcecli/mcp) ships 60+ tools and is the most comprehensive CRM MCP in any ecosystem as of May 2026. Pipedrive has no official MCP server as of April 2026 — the community server (iamsamuelfraga/pipedrive-mcp) exposes 100+ tools but carries no Pipedrive maintenance guarantee.
05 — Category 3 of 10Dev tools: 10 servers — the densest category in the catalog.
Dev tools is the most active category in the MCP ecosystem by server count, by maintainer quality, and by the speed of the archived-to-GA transition. Several servers in this category started as Anthropic reference implementations in November 2024 and have since been taken over by the original vendors — GitHub, Sentry, and GitLab all made this transition. The Atlassian Remote MCP entered beta in May 2025 and reached GA in February 2026, covering Jira, Confluence, and Compass with 72+ tools.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| GitHub MCP | OAuth 2.1 / PAT | stdio + HTTP | GitHub | GA |
| GitLab MCP | PAT | stdio | Community | Community |
| Cloudflare MCP | API token / OAuth | stdio + Hosted | Cloudflare | GA |
| Vercel MCP | OAuth 2.1 | Hosted | Vercel | GA |
| Stripe MCP | API key + OAuth 2.1 | stdio + HTTP | Stripe | GA |
| Sentry MCP | OAuth 2.1 | stdio + Hosted | Sentry | GA |
| PagerDuty MCP | API key | stdio | PagerDuty | GA |
| Atlassian Remote MCP | OAuth 2.1 | Hosted | Atlassian | GA (Feb 2026) |
| Docker MCP | OAuth / PAT | stdio | Docker | Beta |
| Replit MCP | OAuth | Hosted | Replit | Beta |
GitHub MCP: Anthropic's reference is archived; GitHub now maintains github/github-mcp-server officially. Sentry MCP: reference archived; Sentry maintains getsentry/sentry-mcp. GitLab MCP: reference archived; community successors only as of May 2026. Atlassian Remote MCP covers Jira, Confluence, and Compass with 72+ tools (OAuth 2.1, GA since February 2026). PagerDuty MCP exposes 60+ tools including full incident write APIs.
06 — Category 4 of 10Productivity & docs: five servers, all hosted.
Every server in the productivity category uses a hosted transport — no stdio-only options remain for the major productivity platforms. The Anthropic reference servers for Google Drive and Slack have both been archived; Google and Slack each ship official hosted replacements. ClickUp made the most dramatic capability expansion in this category, growing from 6 to approximately 49 tools in 2026.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| Google Drive MCP | OAuth 2.1 | Hosted | Google + Community | GA / Community |
| Slack MCP | OAuth 2.1 | Hosted | Slack | GA |
| Microsoft 365 / Outlook MCP | OAuth 2.1 | Hosted | Microsoft | GA |
| Asana MCP | OAuth 2.1 | Hosted | Asana | GA |
| ClickUp MCP | API key | stdio + HTTP | ClickUp | GA |
Microsoft 365 MCP is exposed via Azure MCP tools. Slack MCP and Google Drive MCP: the original Anthropic reference servers are archived; both vendors now ship official replacements. ClickUp expanded from 6 to ~49 tools in 2026. Asana's official server launched February–April 2026.
07 — Category 5 of 10Data & analytics: five servers from BigQuery to dbt.
The data and analytics category shows the clearest split between cloud-hosted OAuth 2.1 servers (BigQuery, Looker — both Google Managed MCP) and community-first stdio servers (dbt, DuckDB). The dbt server is partly dbt Labs-supported, making it a rare hybrid between community and vendor in this category.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| BigQuery MCP | OAuth 2.1 | Hosted | GA | |
| Looker MCP | OAuth 2.1 | Hosted | Preview | |
| dbt MCP | API key + conn str | stdio | dbt Labs | Beta |
| DuckDB / MotherDuck MCP | Service token | stdio | MotherDuck | GA |
| Tableau MCP | OAuth + PAT | stdio + HTTP | Tableau / Salesforce | Beta |
BigQuery and Looker are exposed through the Google Managed MCP catalog announced at Google Cloud Next '26. For analytics and data pipeline integrations, our analytics services team works with dbt and BigQuery MCP server patterns.
08 — Category 6 of 10AI & ML: five servers — the model-to-model layer.
The AI/ML category is the most architecturally interesting: these servers allow one AI model or agent to call another model's capabilities via MCP. The Anthropic Claude API MCP Connector and the OpenAI MCP Connector are both in beta — the protocol for AI-to-AI tool use via MCP is maturing but not yet GA on either platform. Pinecone and Qdrant are the two production-grade vector search MCPs in this catalog; Weaviate and LanceDB were omitted as their MCPs are not ready for production use as of March 2026.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| Anthropic Claude API MCP Connector | Anthropic API key | Hosted | Anthropic | Beta |
| OpenAI MCP Connector | OAuth 2.1 | Hosted | OpenAI | Beta |
| HuggingFace MCP | HF API token | stdio | HuggingFace | Beta |
| Pinecone MCP | API key | stdio | Pinecone | GA |
| Qdrant MCP | API key + conn str | stdio | Qdrant | GA |
Anthropic Claude API MCP Connector entered public beta February 2026 (mcp-client-2025-11-20). OpenAI MCP Connector: via ChatGPT MCP connectors on the Developer Platform. Weaviate and LanceDB MCPs are not cataloged here — per March 2026 vector DB review, neither is ready for production use.
09 — Category 7 of 10Observability: five servers, nine vendors now active.
The observability category grew from 6 to 9 vendor-maintained servers between March and May 2026, according to ChatForest's observability MCP tracker. The five cataloged here are the highest-maturity entries by stars, downloads, or explicit GA/production status. Honeycomb is worth a separate callout: it deprecated its self-hosted MCP server in 2026 in favor of a fully managed hosted endpoint — the first observability vendor to treat MCP as a managed service rather than a self-hosted tool. For reliability patterns across server categories, see our 100-server MCP reliability stress test.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| Grafana MCP | Service account / OAuth | stdio + HTTP | Grafana Labs | GA |
| Datadog MCP | API key + app key | Hosted | Datadog | GA |
| Honeycomb MCP | API key | Hosted | Honeycomb | GA |
| New Relic MCP | API key | stdio + Hosted | New Relic | GA (Feb 23, 2026) |
| Splunk MCP | Token | stdio + HTTP | Splunk | GA |
Grafana MCP: 2,600+ GitHub stars, 252,000+ Docker Hub pulls — the most-used observability MCP by community signals. New Relic MCP reached GA February 23, 2026, powering the New Relic Agentic Platform launched the following day. Honeycomb deprecated its self-hosted server in 2026; the hosted endpoint is now the only supported option.
10 — Category 8 of 10Security & secrets: four servers — none yet GA except 1Password.
The security category has the weakest maturity profile in this catalog. No server here has reached full GA except 1Password (Beta) — and HashiCorp Vault remains community-only. This is partly structural: security vendors are cautious about exposing credential and secret management APIs through a protocol still maturing its OAuth 2.1 enforcement. For a detailed threat model of MCP server auth patterns, see the MCP server security best practices engineering guide.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| 1Password MCP | Service account token | stdio | 1Password | Beta |
| HashiCorp Vault MCP | Vault token | stdio | Community | Community |
| Snyk MCP | Snyk token | stdio | Snyk | Beta |
| Auth0 MCP | Mgmt API token | stdio | Auth0 (Okta) | Beta |
1Password MCP (1Password/op-mcp) is CLI-backed. HashiCorp has not shipped an official Vault MCP; the community server at hashicorp-community/vault-mcp carries no HashiCorp maintenance guarantee. Snyk MCP supports CLI scans and issue listing. Auth0 MCP covers tenant management and app configuration.
11 — Category 9 of 10Web, scraping & search: five servers, all GA.
The web and search category is the most homogeneous in the catalog: all five servers are GA, all use API key auth, and all support HTTP transport alongside stdio. This category is also where the Anthropic-reference-to-vendor-successor transition is most complete — Brave Search moved from the archived reference repo to a community/Brave-maintained option, and the void has largely been filled by Tavily and Exa. For web scraping pipelines, Apify stands apart: a single server exposing 19,000+ pre-built Actors.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| Firecrawl MCP | API key | stdio + HTTP | Firecrawl | GA |
| Brave Search MCP | API key | stdio | Brave + Community | Production |
| Tavily MCP | API key | stdio + HTTP | Tavily | GA |
| Exa MCP | API key | stdio + HTTP | Exa | GA |
| Apify MCP | API key | stdio + HTTP | Apify | GA |
Brave Search MCP: Anthropic's reference is archived; Brave and community maintainers have filled the gap. Tavily MCP (tavily-ai/tavily-mcp) covers real-time web search, extraction, and site crawl. Apify MCP exposes 19,000+ pre-built Actors through a single server endpoint. For content pipeline integrations using web search MCP servers, see our content engine services.
12 — Category 10 of 10Filesystem & compute: two servers — the reference and the cloud.
This category contains the two most architecturally distinct entries in the catalog. The Local Filesystem MCP is one of seven active Anthropic reference servers — it is explicitly educational, not production-ready, and ships with no security guarantees beyond what you configure in your own environment. The AWS MCP Server (Agent Toolkit) is the opposite: 60+ GA servers hosted by AWS across two regions, covering the broadest scope of any single first-party MCP catalog. They represent the two poles of the ecosystem: educational reference and hyperscaler-managed production.
| Name | Auth | Transport | Maintainer | Status |
|---|---|---|---|---|
| Local Filesystem MCP | None | stdio | Anthropic / steering group | Reference (educational) |
| AWS MCP Server (Agent Toolkit) | AWS IAM / OIDC | stdio + Hosted | AWS | GA |
Local Filesystem MCP is one of the 7 maintained reference servers at github.com/modelcontextprotocol/servers (86.2k stars, 10.8k forks). It is explicitly an educational example; Anthropic does not guarantee production stability for reference servers. AWS MCP Server reached GA May 2026 with 60+ servers hosted in us-east-1 and eu-central-1 covering docs, infrastructure, Lambda, containers, AI/ML, and analytics.
13 — Cross-Catalog AnalysisAuth model & transport breakdown — OAuth 2.1 has the plurality.
Every other published MCP list shows transport (hosted vs. stdio) or auth model in isolation. This section cross-references both columns against the 56-server catalog to surface the structural trend that matters for enterprise buyers: the 2026 ecosystem is mid-transition from stdio + API key to hosted + OAuth 2.1, and the split tells you which category of server you are looking at before you read another word of documentation.
Plurality auth model (2026)
Approximately 21 of 56 servers use OAuth 2.1 as primary auth. All hosted-endpoint servers in productivity, CRM, and dev tools default here. The 2025-11-25 spec formalizes OAuth 2.1 enforcement — this figure will grow in Issue #2.
Legacy default for stdio servers
Approximately 17 servers use API key as their primary auth model. Concentrated in web/search (all 5), observability (Datadog, New Relic), and AI/ML (Pinecone, Qdrant, HuggingFace). API keys are easier to issue but riskier at scale — no token expiry, no scope.
Database category default
Approximately 7 servers use connection strings as primary auth — all in the database category. Connection strings embed credentials that are typically long-lived and hard to rotate. Treat connection string servers as high-priority for secret rotation policy.
Personal access tokens — declining
GitHub MCP (PAT option), GitLab MCP, and Docker MCP use PATs as an auth option alongside OAuth. PATs will decline as more servers complete the OAuth 2.1 migration — expect GitHub MCP to shift to OAuth-only in 2026.
The transport split is equally informative. Of the 56 servers, roughly 28 support stdio-only or stdio-primary transport, while approximately 22 are hosted-endpoint (vendor-operated remote MCP over streamable HTTP), and 6 support both. The hosted count will accelerate: every new first-party server from AWS, Google Cloud, Azure, HubSpot, Salesforce, Notion, Linear, Asana, Slack, and Vercel launched in 2026 uses a hosted endpoint. The community/research servers from 2024-2025 default to stdio. The clearest heuristic: if a server was launched by a vendor after January 2026, assume hosted + OAuth 2.1 unless the docs say otherwise.
For teams evaluating which auth model to implement in a custom MCP server, the MCP server patterns for enterprise AI agents covers the full decision framework including token scope design and service-account patterns.
The clearest heuristic in the 2026 MCP catalog: if a server was launched by a vendor after January 2026, assume hosted endpoint plus OAuth 2.1 unless the docs explicitly say otherwise. API keys and stdio are the 2024 default pattern, not the 2026 one.Digital Applied MCP Ecosystem Tracker, Issue #1, May 2026
14 — Issue #2 PreviewWhat to expect in Issue #2 — June 2026.
Issue #2 (June 2026) will track changes against this May baseline. The 56-server catalog is the reference point — every entry will be re-verified, new servers will be added, and any status changes (beta to GA, community to archived, preview to deprecation) will be called out explicitly with a change log column.
Three categories to watch most closely for Issue #2:
MCP tunnels graduation. Tunnels launched as a research preview on May 19, 2026. If Anthropic follows its typical cadence (research preview to public beta in 4-6 weeks), a beta announcement could land before or during June. A beta status would materially change the hosted-vs-self-hosted calculation for any server in this catalog that currently requires inbound network access.
Security category maturation. The security category is the weakest in this issue — no GA servers, three beta entries, one community server. HashiCorp Vault is the most likely to announce an official MCP server in the June timeframe, given HashiCorp's participation in the Linux Foundation's AAIF. Auth0's management API MCP is also a candidate to exit beta.
Registry count trajectory. PulseMCP has been growing at roughly 1,000+ new indexed servers per month in Q1-Q2 2026. If that pace holds, we may see 16,500+ entries on PulseMCP by the June snapshot. Smithery's growth from ~6,000 (March) to ~7,300 (May) is a 1,300-server addition in two months — a pace that suggests the ecosystem is still in its fastest growth window.
For the full H1 2026 adoption data context that informs our tracking methodology, see the MCP ecosystem H1 2026 retrospective. For enterprise teams deciding whether to build or buy MCP server infrastructure, the MCP server build vs. buy TCO calculator covers the full cost and capability tradeoff. Our AI transformation services team advises on MCP server selection and deployment architecture for enterprise clients.
MCP tunnels beta graduation
Tunnels launched as research preview on May 19, 2026. Beta graduation would change the hosted-vs-self-hosted architecture for every server in this catalog that requires inbound network access. Watch the official MCP blog and the Code with Claude event series.
Security category GA launches
HashiCorp Vault MCP (currently community-only) is the most likely new official server to appear by Issue #2. Auth0 and 1Password are candidates to exit beta. A GA security server would change the deployment risk calculus for secret-management workflows.
Registry count trajectory
PulseMCP has been adding 1,000+ servers per month in Q1-Q2 2026. Smithery added 1,300 servers in the March-to-May window. The ecosystem may still be in its fastest growth phase — the June snapshot will tell us if pace is accelerating or normalizing.
Issue #1 baseline: 56 servers cataloged, the auth transition is underway.
The MCP server ecosystem in May 2026 is mid-transition in two dimensions simultaneously: from stdio to hosted transport, and from API keys to OAuth 2.1. The 56-server catalog in this issue maps that transition at the server level for the first time with all 7 columns — name, category, registry source, auth model, transport, maintainer, and status. No other published list combines those columns at this scale.
The practical implications for teams evaluating MCP server adoption are sharp. If a server in your target category is pre-2026 community maintenance and uses API key auth over stdio, treat it as a transitional dependency, not a long-term architectural choice. If it is a 2026 vendor-launched hosted endpoint with OAuth 2.1, it is the durable pattern. The security category remains the weakest — no fully GA vendor-maintained security MCP server exists as of this issue, and that gap is a deployment blocker for credential-sensitive agent workflows. Watch HashiCorp Vault and Auth0 for Issue #2.
Issue #2 publishes in June 2026 with updated counts, verified status changes against this baseline, and expanded coverage of new entrants. The goal of this tracker is to be the reference catalog that engineering and procurement teams reach for when evaluating MCP server selection — not just a list, but a living audit with provenance for every column.