Compliance and conformance: which page do I need?
mcptest can grade a server against the MCP spec in several ways, and the five deep-dive pages below each cover one of them. They grew up at different times and answer different questions, so this page exists to route you to the right one in under a minute.
The short mental model: compliance pages cover mcptest's own corpus of protocol and behavior checks (graded A+ through F, gated in CI with a baseline). Conformance pages cover the official spec's SEP checklist and the upstream @modelcontextprotocol/conformance suite (scored as MUST and SHOULD tiers).
| Page | What it measures | Which command | When to use it |
|---|---|---|---|
| Compliance grade | Your server against the mcptest compliance corpus (wire protocol, error handling, schema conformance), rolled up into a letter grade A+ through F | mcptest compliance run | You want one headline number for how well-behaved the server is, or a badge for the README |
| Compliance baseline | The same corpus, gated against a checked-in list of known failures so CI only flips red on new ones | mcptest compliance run --baseline <file> | You are adopting compliance checks on an existing server that does not pass everything yet |
| Conformance CLI | Your server against the vendored SEP corpus from the official spec, scored into MUST and SHOULD tiers | mcptest conformance run | You want to score against the spec's own checklist, offline, in one command |
| Conformance tier | How MUST and SHOULD pass counts aggregate into the public SDK tier badge (T1, T2, T3, F) | reported by mcptest conformance run | You need to understand or explain what the tier badge on a run means |
| Official conformance bridge | Results from the upstream @modelcontextprotocol/conformance npm suite, folded into the same report as local checks | mcptest run with the bridge configured | You want the official test suite's verdicts in your mcptest report, with graceful fallback when npm is unavailable |
Closely related, but not part of this cluster:
- Auth-hardening conformance scores the six OAuth and OIDC tightenings from the 2026-07-28 spec; it lives with the auth guides.
- Conformance invariants and structured output conformance cover individual check families in depth.
- Scenario 4: compliance baseline and Scenario 10: grade against the spec are runnable five-minute walkthroughs of the two workflows.