Add Xquik remote MCP server

[kriptoburak]

Summary

• Add the Xquik remote MCP server to the ToolHive Catalog.
• Reference the canonical Xquik SVG icon and Streamable HTTP metadata.
• Mark the required x-api-key header as secret and use the current official registry version 2.4.13.

Validation

• python3 -m json.tool registries/toolhive/servers/xquik-remote/server.json
• git diff --cached --check
• go run ./cmd/catalog validate -v
• go test ./...

[JAORMX]

Thanks for the submission — and for pinning a real release and marking the x-api-key header secret. This is a well-formed entry, and unlike some other recent X-API submissions, https://xquik.com/mcp is a genuine, officially-documented remote MCP server: an unauthenticated initialize correctly returns 401, the explore / xquik tools match the docs, and the repo is MIT with real releases, CI, and traction (106★). Nice.

A few things to address before this can go in:

Please fix:

1. Icon. The entry references an external https://xquik.com/icon.svg. Catalog convention is a repo-hosted icon.svg committed into the server directory (registries/toolhive/servers/xquik-remote/icon.svg) and referenced via the https://raw.githubusercontent.com/stacklok/toolhive-registry/main/registries/toolhive/servers/xquik-remote/icon.svg URL. See any neighboring remote entry (e.g. atlassian-remote) for the pattern. The PR currently adds no icon.svg file.
2. Remove metadata.last_updated. That field is auto-populated by CI — it shouldn't be set by hand in a new submission.

Please confirm:

3. tier: "Official". Official is reserved for servers maintained by the ToolHive team, the MCP spec authors, or the platform owner of the integrated service. Since xquik.com/mcp is Xquik's own documented endpoint, Official is defensible (the same way atlassian-remote is Official) — but can you confirm this PR is from or on behalf of Xquik? If it isn't a first-party submission, it should be Community.

Optional:

• The entry pins v2.4.13; latest is v2.4.15 — consider bumping.
• Consider adding a SECURITY.md and dependency automation (Dependabot/Renovate) upstream — recommended, not required for a remote entry.

One thing I'll defer to the maintainers on: this is an X/Twitter scraping + posting-automation service, so there may be acceptable-use / platform-ToS considerations for this category independent of the technical review above.

Happy to re-review once the icon and metadata are sorted and the tier is confirmed.

[kriptoburak]

Thanks for the review. Addressed the requested items in 1280231:

• Added a repo-hosted registries/toolhive/servers/xquik-remote/icon.svg and updated the icon URL to the raw GitHub path used by neighboring entries.
• Removed the manually-set metadata.last_updated field.
• Bumped the entry version to the current Xquik skill release, 2.4.16.

Confirmation on tier: this is a first-party submission from Xquik. The remote MCP endpoint is owned and documented by Xquik, and the linked repository is the Xquik-dev public source for the skill/package metadata.

Validation:

• python3 -m json.tool registries/toolhive/servers/xquik-remote/server.json
• git diff --check
• go build -o build/catalog ./cmd/catalog && ./build/catalog validate -v