Compuute MCP Security Scanner
Server Details
Scan any public GitHub MCP-server repo for security issues. 37 MCP-specific L1 rules, 8 languages.
- Status
- Healthy
- Last Tested
- Transport
- Streamable HTTP
- URL
- Repository
- Compuute/compuute-scan-api
- GitHub Stars
- 0
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.9/5 across 1 of 1 tools scored.
Only one tool exists, so there is no ambiguity. The tool is clearly described with specific use cases and limitations.
The single tool name 'scan_mcp_server' follows a consistent verb_noun pattern, which is clear and descriptive.
One tool is appropriate for a focused security scanner. While additional tools like listing past scans could enhance coverage, the current count is reasonable for the stated purpose.
The tool fully covers its intended domain: scanning public GitHub MCP-server repos for security issues. The description explicitly states what it does and does not do, leaving no obvious gaps.
Available Tools
1 toolscan_mcp_serverAInspect
Scan a public GitHub MCP-server repository for security issues.
Clones the repo (shallow, <60s, <200 MB), runs compuute-scan v0.6.2 in
static analysis mode (no code execution from the target), and returns a
structured report with severity counts, a 0-100 score, and the 10 most
severe findings.
WHEN TO USE:
- Before connecting to an unknown MCP server discovered via Anthropic
Registry, Smithery, mcp.so, or a Discord recommendation.
- Before installing a third-party MCP-server package into a production
pipeline.
- As part of an agent's pre-commit / pre-deploy due-diligence step
when adding new dependencies.
- As one input to a multi-source trust evaluation (combine with
publisher reputation, package install count, last-update recency).
WHEN NOT TO USE:
- For private repos. Use the on-prem CLI instead:
`npx compuute-scan ./path-to-private-repo`
- For deep exploitability assessment of a specific code path. This is
pattern matching, not dataflow analysis. Book a manual L2-L4 audit
at https://compuute.se/audit for that depth.
- For non-GitHub hosts (GitLab, Bitbucket, self-hosted). v1 supports
github.com only.
- For repos > 200 MB or clone time > 60s. The endpoint returns a 413
or 504 in those cases — fall back to local CLI.
EXPECTED RESPONSE TIME:
- Median: ~1-2 seconds for small repos (<100 files).
- p99: ~10 seconds for medium repos.
- Hard timeout at clone=60s, scan=120s combined.
EXPECTED COST:
- Free tier in MVP. Future Pro tier may charge per-scan or per-month.
DATA FRESHNESS:
- Scanner version is reported in response.scanner.version.
- L1 rule set freshness reflects compuute-scan releases — see
github.com/Compuute/compuute-scan/CHANGELOG.md for the latest CVE
and threat-intel response timeline.
EXAMPLES:
Example 1 — scan an MCP server you're evaluating:
github_url = "https://github.com/modelcontextprotocol/servers"
→ score: 0, summary: {critical: 1, high: 94, medium: 22}
→ top_findings include SSRF, eval, etc.
→ recommendation: "AVOID — 1 critical and 94 high finding(s)..."
Example 2 — scan a clean reference implementation:
github_url = "https://github.com/microsoft/azure-devops-mcp"
→ score: 90+, summary: {critical: 0, high: 1}
→ recommendation: "REVIEW — 1 high finding(s)..."
Example 3 — scan your own dev MCP-server before publishing:
github_url = "https://github.com/yourorg/your-mcp"
→ audit your own surface before others install it
OUTPUT FIELDS (stable schema):
- repo_url (str): canonical URL of the scanned repo.
- score (int): 0-100, higher safer. Coarse summary, not a precision claim.
- summary (object): {critical, high, medium, low, info, files_scanned}.
- recommendation (str): action guidance derived from severity counts.
- findings_count (int): total raw findings (may include false positives).
- top_findings (list): up to 10 most severe, each with {id, title,
severity, file, line, owasp, cwe}.
- l0_discovery (object): MCP transport, tool count, dependency pinning.
- performance (object): clone_seconds, scan_seconds, repo_size_bytes.
- scanner (object): {name, version, layers_covered}.
- _disclaimer (str): MANDATORY triage disclaimer. Read it.
Args:
github_url: Public GitHub HTTPS URL (e.g. https://github.com/org/repo).
Must be public and < 200 MB. v1 is github.com only.
Returns:
Structured scan result. On error, returns {"error": code, "message": ...}
with HTTP-style code (invalid_url, clone_failed, scan_timeout, etc.).| Name | Required | Description | Default |
|---|---|---|---|
| github_url | Yes |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Discloses shallow clone, time limits, static analysis mode, expected response times, cost, data freshness, and limitations. No annotations provided, so description carries full burden.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with clear sections but somewhat lengthy. However, every sentence adds value given the tool's complexity.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Extremely complete for a single-parameter tool with no annotations or output schema. Covers purpose, usage, behavior, parameters, examples, output fields, and error handling.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
With only one parameter and 0% schema description coverage, the description adds crucial details: public HTTPS URL, size limit, and host restriction.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
Description clearly states it scans a public GitHub MCP-server repository for security issues, with detailed explanation of the process and output.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicit 'WHEN TO USE' and 'WHEN NOT TO USE' sections with specific scenarios and alternatives, such as using on-prem CLI for private repos.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!