Project Health Scanner
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Project Health Scannerscan project at ./my-app"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Project Health Scanner
Get a 0-100 health score for any project in seconds. Scans for dependency vulnerabilities, hardcoded secrets, license conflicts, code quality issues, and git health problems. Returns actionable fix suggestions.
Why
You push code every day but never check if your dependencies have known CVEs, if someone committed an API key, or if your licenses conflict. This tool runs one scan and tells you everything.
Related MCP server: Risk Audit MCP
Install
npm i @lazymac/project-health-scannerQuick Start
As REST API
npm start
# Server runs on http://localhost:3000As MCP Server
Add to your Cursor/Claude Code MCP config:
{
"mcpServers": {
"project-health-scanner": {
"command": "node",
"args": ["node_modules/@lazymac/project-health-scanner/src/main.js"]
}
}
}API Endpoints
POST /scan
Scan a project directory and get a full health report.
curl -X POST http://localhost:3000/scan \
-H "Content-Type: application/json" \
-d '{"path": "/path/to/your/project"}'Response:
{
"score": 72,
"grade": "B",
"checks": {
"dependencies": { "score": 60, "issues": ["3 outdated packages", "1 known vulnerability"] },
"secrets": { "score": 90, "issues": ["Possible API key in config.js:14"] },
"licenses": { "score": 100, "issues": [] },
"codeQuality": { "score": 65, "issues": ["12 files over 300 lines"] },
"gitHealth": { "score": 85, "issues": ["No .gitignore found"] }
},
"suggestions": [
"Run npm audit fix to resolve 1 vulnerability",
"Rotate API key found in config.js and move to environment variable",
"Add .gitignore from github/gitignore template"
]
}MCP Tools
Tool | Description |
| Full health scan with 0-100 score |
| Dependency audit only |
| Secret/API key detection only |
| License compatibility check |
| Code quality metrics |
| Git repository health |
What It Checks
Dependencies -- outdated packages, known vulnerabilities, unused dependencies
Secrets -- API keys, passwords, tokens, private keys in source code
Licenses -- MIT/Apache/GPL compatibility, missing license files
Code Quality -- file sizes, complexity indicators, TODO/FIXME counts
Git Health -- .gitignore presence, large files tracked, commit patterns
Links
License
MIT
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/lazymac2x/project-health-scanner'
If you have feedback or need assistance with the MCP directory API, please join our Discord server