v10.4.0 — Model Context Protocol server
[10.4.0] - 2026-04-21
Caspian is now a Model Context Protocol server. Any MCP client — Claude Desktop, Cursor, Zed, Cline — can call scans directly from tool use. "Use Caspian to scan this repo" goes from four-step manual flow to one-line prompt.
Added
- MCP server (src/cli/mcpServer.ts) exposing four tools over stdio:
scan— workspace scan with optional severity filter and max-findings truncation; returns categorised summary + findings as JSON.scan_git_history— spawns the existing git-history scanner and parses its JSON output.list_rules— rule catalogue with optional category filter.explain_rule— full description + suggestion + context-awareness / file-pattern metadata for a given rule code.
- New bin entry
caspian-mcpalongside the existingcaspian-scan,caspian-git-history-scan,caspian-check-updates. Launched vianpx caspian-security caspian-mcpor globally. - src/scanRunner.ts — workspace-scan logic extracted so both the CLI and the MCP server share one implementation.
walkFiles(),resolveLanguage(),scanFile(), and a newrunWorkspaceScan()wrapper. No I/O concerns beyondfs.readFileSync— caller chooses the output format. - 12 new unit tests (src/tests/mcpServer.test.ts) exercising the four handlers + the dispatch layer directly. Smoke-verified end-to-end:
initialize+tools/listover real stdio returns the tool catalogue. - Runtime dep:
@modelcontextprotocol/sdk^1.29.0. First non-devDependency runtime dep on the project, but the SDK ships both ESM and CJS entries so it threads cleanly into our CommonJS build.
Changed
- BUILD.md §3c — Claude Desktop + Cursor wiring instructions with copy-pasteable
mcpServersconfig. - README.md Install section — adds the MCP block alongside VS Code, npm, and GitHub Actions paths.
- Test suite: 977 → 989 (+12 MCP handler tests). Rules unchanged at 295+.
Security notes
- The MCP server is stdio-only — no network port, no auth tokens, no telemetry.
- Each tool call validates the
pathargument exists and is a directory before scanning. - The
scan_git_historytool is guarded by a.gitdirectory check and respects the same 100 ms/file taint deadline and 3 s/file rule deadline as every other scan path.