Skip to main content
Glama

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault

No arguments

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": false
}
prompts
{}
resources
{}

Tools

Functions exposed to the LLM to take actions

NameDescription
start_scanA

Start a website release-readiness scan for a public URL across five layers: security, SEO, accessibility, legal compliance, and sustainability. Behavior: enqueues an asynchronous job and returns immediately with a scanId — it does NOT wait for results, and it fetches/renders the target site (not a read-only call). Returns { scanId, status, cached }; identical URLs within ~10 minutes return the cached scan. Next step: poll get_scan with the scanId until status is "done" or "failed". Use this first, once per site; do not busy-loop calling start_scan for the same URL.

get_scanA

Poll a scan and, once complete, return its structured results. Read-only. Returns { scan, findings, checkResults, techDetections, access, agentSummary }. scan.status moves through pending → running → retrying → done → failed; keep polling (every few seconds) until done or failed. On failed, a failure object explains the cause and next_action. access.level is none | teaser | full: teaser findings are diagnostic only (evidence, check keys, and fix text are redacted). To get full data, pass a report token via the token argument. If access.campaign is present the report is FREE right now — call unlock_report with an email to obtain that token instead of sending the user to checkout.

unlock_reportA

Unlock a completed scan's full findings and fix plan for free during an active campaign. Behavior: records the submitted email as a lead and issues a 24h report token (not read-only). Returns { token, expires_at, report_url }. Only works while a free campaign is active (otherwise returns 403 — use create_checkout_handoff instead). Call this only when get_scan shows access.campaign; then re-poll get_scan or call generate_fix_plan with the returned token.

list_checksA

Return the RGate scan-layer and check catalog. Read-only, static, no side effects — safe to call any time. Use it to plan a scan, explain coverage to a user, or map a finding to its layer. Pass a layer to focus on just that layer's checks.

get_pricingA

Return machine-readable RGate pricing: plan ids, names, prices (EUR/USD), billing period, scan limits, and best-fit use cases. Read-only, static, no arguments. Use to answer pricing questions or choose a planId for create_checkout_handoff.

create_checkout_handoffA

Create a human handoff URL for purchasing a full report or subscription after a scan is complete. Behavior: creates a checkout/upgrade link and returns { handoffUrl }. The agent CANNOT complete payment itself — give the URL to the user to finish in a browser. Use only when the report is paywalled (get_scan shows access.level teaser with payment_required true) AND no free campaign is active. During a campaign, prefer unlock_report.

generate_fix_planA

Build a prioritized, implementation-ready fix plan from a completed scan's findings: release blockers first, then high-impact follow-ups, then backlog. Read-only (derives from stored findings). Returns JSON (or Markdown). Requires full access: on a locked report it returns HTTP 402, or — during a campaign — a teaser with unlock instructions; pass a token from unlock_report or a paid unlock. Call after get_scan shows status done.

export_scan_markdownA

Export a completed scan as Markdown in one of three templates: cursor (an agent fix prompt), github (an issue body), or executive (a stakeholder summary). Read-only. Requires full access — pass a token for a locked report. Use to hand results into an IDE/coding agent or a ticket.

compare_scan_historyA

Diff two completed scans of the SAME domain and return added, resolved, improved, and worsened findings. Read-only. Both scans must be done. Use to verify that fixes landed between two runs, or to catch regressions after a deploy.

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/marcoldenburg/rgate-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server