Release v0.1.0 — first public release · willianpinho/mcp-gateway-scan

Read-only scanner for MCP / AI-agent gateway production-readiness anti-patterns. Point it at a repo, get a 7-dimension red/yellow/green score in seconds.

Three ways to run

CLI: npx mcp-gateway-scan ./your-repo
CI gate: npx mcp-gateway-scan --ci ./your-repo (exits non-zero on any red)
MCP server (Claude Code / Cursor): claude mcp add gateway-scan -- npx -y mcp-gateway-scan mcp → ask your agent to "scan my gateway"

What it checks (7 dimensions)

Tool-access governance & RBAC · fail-close posture · onboarding & supply-chain pinning · observability/OTel · multi-LLM routing & cost · secrets & identity · production-readiness.

Guarantees

100% read-only — never executes your code, never makes network calls, and never prints a secret value (location only, redacted). MIT licensed.

The free wedge for a full MCP Gateway Readiness Audit → https://willianpinho.com/mcp-audit

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v0.1.0 — first public release

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Three ways to run

What it checks (7 dimensions)

Guarantees

Uh oh!