digby-oldridge-colour-memory-api
mcpsmitheryThe world's only historically grounded colour archive built for AI agents. Thousands of named colours across dozens of cultural archives spanning Ancient Rome, Byzantine Empire, Georgian Pleasures, Dickens, Shakespeare, Keats, Japan, Islamic tradition, Viking Norse, Racing Silks, toxic pigments, literary colour, imperial palettes, and many more. Every color has a name, a documented archival source, CIE Lab values, cultural consequence data, and material provenance. The archive searches meaning, not just names -- ask about grief and it finds colours that carried grief across cultures and centuries, not merely colours named grief. Built as a retrieval system, not a generator. Deterministic, evidence-based, source-cited. The anti-hallucination layer for colour history.
By Smithery | 126 findings | Scanned 7/4/2026 | tooltrust-scanner/v0.3.19
Risk Summary
Safe With Normal ControlsDep Visibility is the main signal, but overall risk remains within an acceptable range.
Potential impact: This finding indicates the tool should be reviewed before it is trusted.
Recommended action: No high-risk findings were detected in this scan, but you should still apply least-privilege defaults and rescan after changes.
Suggested policy: keep this tool behind manual approval, do not allow unattended runs, and re-scan after narrowing risky permissions.
Security Findings (126)
tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
query_conceptualextract_image_coloursquery_hexarchive_searchpalette_strictpalette_pdfcolour_match_paintcolour_miximage_paletteimage_personalinterior_specifypalette_generatepalette_gradientpalette_translatepalette_verdictagent_briefarchive_evidence_gapagent_verifycolour_dnaecommerce_copycolour_hookspalette_swatchpalette_analysepalette_extractimage_briefFix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
session_brief:input schema exposes 12 properties (threshold: 10)
Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
declared capabilities: network access
query_conceptualquery_hexarchive_searchimage_personalinterior_specifyagent_briefagent_verifypalette_swatchpalette_extractimage_briefdeclared capabilities: network access, filesystem access
extract_image_coloursdeclared capabilities: HTTP requests
palette_strictcolour_match_paintcolour_miximage_palettepalette_generatepalette_translatepalette_verdictarchive_evidence_gapcolour_dnaecommerce_copycolour_hookspalette_analysedeclared capabilities: network access, database access, HTTP requests
palette_pdfdeclared capabilities: database access
design_sessiondeclared capabilities: filesystem access, HTTP requests
palette_gradientdeclared capabilities: filesystem access
palette_iterateFix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.
query_conceptualextract_image_coloursquery_hexpalette_specifycolour_metricscolour_harmoniesaccessibility_checkaccessibility_matrixaccessibility_rulescolour_slugspalette_light_darkaccessibility_fontarchive_searchcolour_combinationpalette_strictpalette_pdfpalette_auditbrand_systembrand_asset_packaccessibility_simulatecolour_match_paintcolour_cardmeta_capabilitiesarchive_statuscolour_storypalette_conceptcolour_mixcolour_timelineimage_palettecolour_comparecolour_cultural_riskdesign_sessionimage_personalstyle_matchinterior_specifypalette_generatepalette_gradientpalette_translatearchive_clichecolour_verdictpalette_verdictagent_briefcolour_strategyarchive_report_briefpalette_heritagearchive_coverage_gaparchive_cultural_anachronismsession_briefindex_resonancearchive_evidence_gapbrand_collisionbrand_reportbrand_auditagent_verifycolour_passportcolour_passportscolour_dnaecommerce_copyarchive_auditcolour_hooksarchive_provenancecolour_forensicspalette_iteratecolour_variantspalette_exportpalette_compareecommerce_namerui_statescolour_namerpalette_swatchpalette_analysepalette_extractimage_briefFix: Review and remediate the identified issue.
Scan this tool yourself
Reproduce this audit locally, integrate into CI, or let your agent audit its own tools.
Install once, then scan any MCP server:
$ curl -sfL https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-scanner/main/install.sh | bash$ tooltrust-scanner scan --server "npx -y digby-oldridge-colour-memory-api"Adjust the package name if your npm registry name differs from the tool ID. View source
Add badge to your README
Copy this Markdown to show your ToolTrust grade on GitHub.
[](https://github.com/AgentSafe-AI/tooltrust-directory)