From cdc181ec1fc7ac75aa4a8f2c58832a35d37260e8 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Wed, 15 Apr 2026 10:38:22 +0000
Subject: [PATCH] docs: fix AgentSeal link to point to agentseal.org blog post

The README cited "AgentSeal scan" with a link to agentseal.com, which
is not AgentSeal's domain. The actual source of the 66%/1,808-servers
statistic is agentseal.org/blog/mcp-server-security-findings. Deep-link
to the primary source so readers can verify the claim.
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0f81e56..b3ca7fa 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@
 
 ---
 
-66% of MCP servers have security findings ([AgentSeal scan](https://agentseal.com)). Most registries don't tell you that. mcpm runs a trust assessment on every install -- checking for hardcoded secrets, prompt injection patterns, typosquatting, and suspicious argument schemas -- so you know what you're adding to your AI tools before it runs.
+66% of MCP servers have security findings ([AgentSeal scan](https://agentseal.org/blog/mcp-server-security-findings)). Most registries don't tell you that. mcpm runs a trust assessment on every install -- checking for hardcoded secrets, prompt injection patterns, typosquatting, and suspicious argument schemas -- so you know what you're adding to your AI tools before it runs.
 
 <p align="center">
   <img src="./assets/demo.gif" alt="mcpm demo" width="680">