Allows for the submission of GitHub repositories for security audits and the retrieval of security reports, trust scores, and vulnerability findings for GitHub-hosted projects.
oathe-mcp
MCP server for Oathe AI security audits. Check trust scores before installing MCP servers, plugins, or AI agent skills.
Quick Start
No API key required. No configuration needed.
MCP Client Configuration
Claude Desktop
Add to your claude_desktop_config.json:
Claude Code
Tools
submit_audit
Submit a GitHub or ClawHub URL for a security audit.
Returns audit_id to track progress. Rate limited: one submission per 60 seconds per IP.
check_audit_status
Check the status of a submitted audit.
Poll every 5 seconds. Terminal statuses: complete, failed.
get_audit_report
Get the full security audit report for a repository.
Returns trust score, verdict, findings, category scores, and recommendation.
get_skill_summary
Get a lightweight summary (score + verdict) without full findings.
Returns score, verdict, recommendation, and finding counts.
search_audits
Search completed audits by verdict or minimum trust score.
Returns up to 100 results.
Configuration
Environment Variable | Default | Description |
|
| Override the API base URL |
Setting an invalid OATHE_API_BASE will produce a clear error at startup.
License
MIT