Paste your MCP server configuration below. We check it against the same failure patterns we're seeing across the ecosystem right now — no signup, nothing stored.
Drop in your MCP server's JSON configuration or manifest. This is a static analysis — we read the structure you paste, we don't reach out to your server or your network.
Flags configs with no discernible auth mechanism (API key, bearer token, OAuth) on any exposed tool or endpoint.
Flags wildcard or overly broad tool permissions (e.g. a "*" scope on a shell or file-write capable tool).
Flags plaintext HTTP endpoints and servers bound to all interfaces (0.0.0.0) without an access restriction.
Flags API keys, tokens, or credential-shaped strings committed directly into the configuration file.