Verify ownership of a GitHub repository on Loomal claim what's yours.
Thousands of MCP server listings on Loomal were imported from the official registry, unclaimed. Here's exactly how Loomal confirms you control the repository behind one before handing you the listing.
Loomal imported its directory of MCP servers from the official MCP registry, so most listings start out unclaimed — they describe a real server, but no one on Loomal controls them yet. Claiming a listing is how the actual maintainer takes it over: to publish a live tool list, attach pricing, and start earning per call.
Because a claimed listing can take money, the bar for claiming is proof, not promises. The proof Loomal uses is GitHub ownership of the repository the listing was imported against. This guide explains what passes, what fails, and how to fix the common failure.
Why GitHub is the proof
Every imported listing carries the GitHub repository it came from, in owner/repo form. Servers published to the official registry under the io.github.* namespace were already GitHub-verified at publish time — the registry checked that the publisher controlled that namespace. Loomal's claim flow re-checks the same proof on its side: if you control the repo, you are the maintainer the registry verified.
This is deliberately stricter than email-based or honor-system claims. A listing that can charge agents $0.01 or more per call needs an ownership check that can't be socially engineered.
What counts as ownership
Verification passes in exactly two cases. First, your linked GitHub account is the repository owner — the listing points at alice/weather-mcp and you sign in as alice. Second, the repository belongs to an organization and you are a public member of that organization — the listing points at acme/weather-mcp and your membership in acme is publicly visible.
Nothing else passes. Being a collaborator on the repo, having commit access, or being a private org member are not sufficient, because Loomal can only see what GitHub's API exposes with default OAuth scopes — and that means public signals only.
The claim steps
Find your server on loomal.ai/marketplace and open its listing page. Unclaimed listings show a claim prompt; following it takes you into the Loomal console's claim flow for that specific listing.
Sign in to the console with GitHub. The ownership check runs automatically against the repository on the listing — there are no DNS records to set, no files to commit, no verification codes to paste. If your account is the owner or a public member of the owning org, the claim succeeds on the spot.
From there the flow continues: you connect your MCP server so Loomal can probe and publish its live tool list, and link a priced endpoint so agents can pay to call it. The claim is the gate; the connection and pricing are what make the listing earn.
When verification fails
The most common failure is private org membership. If the repo lives under an organization and your membership is set to private — GitHub's default — Loomal cannot see it. Fix: go to github.com/orgs/your-org/people, find yourself, and switch visibility to Public. Then retry the claim. You can flip it back to private afterward, but note the claim check reflects what's visible when it runs.
Renamed your GitHub account or revoked Loomal's OAuth token since you first signed in? Neither breaks the flow: Loomal resolves your account by its immutable numeric GitHub ID, which survives both username changes and token revocation. If the listing points at a repo that was transferred to a different owner, though, the listing's recorded repo is what's checked — contact support if the import predates a transfer.
After the claim
A claimed listing is yours to operate. Publish the live tool list so agents and search engines see exactly what the server does, set a per-call price (minimum $0.01, repriceable in one field), and the listing flips from a directory entry to a storefront. Loomal's fee is 5% on settled transactions, currently waived.
FAQ
I have commit access to the repo. Why can't I claim the listing?
Claiming requires being the repository owner or a public member of the owning organization — collaborator access isn't visible to Loomal through GitHub's API with default OAuth scopes. Ask an org owner to claim it, or make your org membership public if you're a member.
My org membership is private. Do I have to make it public permanently?
No. Set your membership to public at github.com/orgs/your-org/people, complete the claim, and you can set it back. The check runs at claim time against what's publicly visible.
Do I need to add a DNS record or commit a verification file?
No. Verification is entirely OAuth-based: you sign in to the Loomal console with GitHub and the ownership check runs automatically against the repository recorded on the listing.
What can I do with the listing once it's claimed?
Connect your MCP server so Loomal publishes its live tool list, attach a priced endpoint so agents can pay per call in USDC, and manage the listing's description and discovery presence — all from the console.
Your server is probably already listed.
Find it, claim it, and turn the listing into revenue.