Skip to content
MCPSuite
MCP Lint

Know if an MCP server is safe before you install it

Scan any MCP server for leaked secrets, missing auth, and quality issues. Get a letter grade across security, reliability, documentation, and LLM compatibility.

Scan a server freeSee how it works

Most MCP servers ship without a single quality check

The ecosystem has thousands of public servers, but no standard way to evaluate safety or quality. The data paints a grim picture.

5.2%

of public repos leak secrets in committed code

~2,000

public servers have zero authentication

0

automated scanners existed before Lint

From URL to quality report in three steps

Point at a server

Paste a GitHub URL, npm package name, or live endpoint. Lint fetches the source and dependencies automatically.

Get your report

Lint scans for secrets, CVEs, auth gaps, and documentation quality. Results include a letter grade (A through F) with detailed findings.

Ship with confidence

Embed a quality badge in your README. Set up the GitHub Action for continuous scanning on every push.

Comprehensive scanning, zero configuration

Lint checks what matters: secrets, vulnerabilities, auth, docs, and LLM compatibility.

Secret detection

40+ patterns with entropy analysis. Catches API keys, tokens, and credentials that regex alone would miss.

Dependency CVE scanning

Checks every dependency against the OSV.dev vulnerability database. Flags critical and high-severity issues.

4D quality scoring

Scores across security, reliability, documentation, and LLM compatibility. Letter grade from A to F.

Embeddable badges

SVG badges for your README, like build-passing but for MCP quality. Shields.io compatible.

CI/CD integration

GitHub Action and SARIF output for GitHub Code Scanning. Quality gates on every pull request.

Comparative benchmarks

See where your server ranks. Percentile scoring across the entire scanned ecosystem.

Start free. Upgrade when you're ready.

Free

$0/month

  • 10 scans per month
  • Web report with findings
  • SVG quality badge
  • JSON output
Get started free
Recommended

Pro

$19/month

  • Unlimited scans
  • Continuous monitoring
  • SARIF output for GitHub Code Scanning
  • GitHub Action for CI/CD
  • Comparative benchmarks
Start Pro trial

See full pricing details →

Stop guessing if an MCP server is safe

Scan any server in seconds. Free to start, no credit card required.

Scan a server free