Scan your MCP config
Paste your claude_desktop_config.json, .mcp.json, or Cursor MCP config. Get an instant security and token-cost score.
🔒 Runs 100% in your browser. Your config is never uploaded, logged, or sent anywhere.
Tip: on macOS the Claude config is at ~/Library/Application Support/Claude/claude_desktop_config.json
0/ 100
Want servers that pass this by default?
MCP Forge Kit is a production-ready MCP server starter: bearer and JWT auth, an SSRF-safe fetch tool, rate limiting, input validation, tests, and CI. Build on a base that scores well instead of fixing one that does not.
Get MCP Forge Kit, €39Prefer the command line, or want this in CI?
pipx install git+https://github.com/alih552/mcp-audit then mcp-audit. Same checks, runs against your real machine. GitHubThis scanner mirrors the open-source mcp-audit checks. The token estimate is a rough figure based on server count; the CLI gives a precise number when you point it at a tool-list export. New to MCP security? Start with the checklist or the blog.