costwright
Provides static worst-case token-budget analysis for CrewAI workflows in Python repos, identifying certifiable, default-dependent, non-certifiable, and runaway units.
Provides static worst-case token-budget analysis for LangGraph workflows in Python repos, identifying certifiable, default-dependent, non-certifiable, and runaway units.
Provides static worst-case token-budget analysis for OpenAI Agents SDK workflows in Python repos, identifying certifiable, default-dependent, non-certifiable, and runaway units.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@costwrightcheck my LangGraph project for token budget issues"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
costwright — MCP server
Static worst-case token-budget analysis for LLM-agent workflows. Point it at a Python repo using LangGraph / CrewAI / OpenAI-Agents-SDK and it reports — by pure AST analysis, without running the code — the worst-case budget ceiling of every workflow graph: which units are certifiable / default-dependent / non-certifiable / runaway, and which LLM calls have no token cap. Optionally issues an Ed25519-signed budget certificate logged to a public transparency log. Wraps the hosted costwright API; backed by a Lean 4 cost-soundness theorem.
Use it before deploying an agent workflow to catch missing token caps and
while True:runaway drivers — the budget version of a type check.
Tools
Tool | What it does | Key? |
| Static budget analysis of a local repo. Returns pass/fail + counts of certifiable/default-dependent/non-certifiable/runaway units. | yes |
| Issues a signed, logged budget certificate. Returns cert_id + signature + verify_url. | yes |
| Verify a certificate by id (valid/expired/revoked, signature check). | public |
| Active Ed25519 public keys for offline verification. | public |
Related MCP server: cycles-mcp-server
Setup
{
"mcpServers": {
"costwright": {
"command": "npx",
"args": ["-y", "costwright-mcp"],
"env": { "COSTWRIGHT_API_KEY": "your_rapidapi_key" }
}
}
}The key is sent as X-RapidAPI-Key (RapidAPI channel) by default; set COSTWRIGHT_DIRECT=1 to send
it as Authorization: Bearer for the direct channel. verify and pubkey work with no key.
check/certify build a .py-only gzip archive of repo_path client-side (excluding venv,
node_modules, tests, etc.) and send it for analysis — your source is uploaded to the hosted API.
See https://eleata.io/privacy/. MIT licensed.
Maintenance
Latest Blog Posts
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/hernaninverso/costwright-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server