Compuute MCP Security Scanner

Name: Compuute MCP Security Scanner
Author: Compuute

Compuute/compuute-scan-api

Scan any public GitHub MCP server repository for security issues before you install or publish your own MCP package.

Overview

io.github.Compuute/compuute-scan-api is a MCP server for the Ship phase that scans public GitHub MCP-server repos for security issues using 37 MCP-specific L1 rules across 8 languages.

What is this MCP server?

Scans public GitHub MCP-server repositories for security issues
37 MCP-specific L1 security rules baked into the scanner
Analysis coverage across 8 programming languages
Remote streamable-http MCP at scan.compuute.se
Purpose-built for MCP server repos—not generic app SAST only
8 programming languages supported in analysis
Server version 0.3.0

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Installing random MCP servers from GitHub is risky because generic linters miss MCP-specific footguns and solo builders rarely have time for manual security review.

Who is it for?

Indie devs curating MCP dependencies or publishing their own MCP server who want a quick, MCP-aware GitHub repo scan from the agent.

Skip if: Private repos you cannot expose to a public-GitHub scanner, non-MCP applications, or teams needing formal compliance pentests.

What do I get? / Deliverables

After you connect the remote scanner MCP, your agent can run a structured security pass on a GitHub MCP repo URL before you trust or ship it.

Security findings oriented to MCP server implementations on GitHub
Agent-readable scan output grounded in 37 MCP-specific L1 rules
Pre-install vetting record you can attach to ship checklists

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Third-party MCP supply-chain risk is highest right before you ship or adopt agent tooling—security review belongs in Ship. Automated repo scanning with MCP-specific rules is explicit security vetting, not generic unit testing or performance tuning.

How it compares

MCP-focused GitHub security scanner service, not an in-repo Claude skill for writing fixes.

Common Questions / FAQ

Who is io.github.Compuute/compuute-scan-api for?

Solo builders and small teams who adopt or maintain MCP servers and need automated, MCP-specific security signals on public GitHub source before install or release.

When should I use io.github.Compuute/compuute-scan-api?

Use it in Ship security when evaluating a third-party MCP listing, before merging MCP server changes, or prior to announcing a new MCP package.

How do I add io.github.Compuute/compuute-scan-api to my agent?

Register the remote MCP URL https://scan.compuute.se/mcp/ with streamable-http transport in your client, then invoke scan tools against the public GitHub MCP repo you want reviewed.

Compuute MCP Security Scanner

Compuute/compuute-scan-api

Scan any public GitHub MCP server repository for security issues before you install or publish your own MCP package.

Overview

io.github.Compuute/compuute-scan-api is a MCP server for the Ship phase that scans public GitHub MCP-server repos for security issues using 37 MCP-specific L1 rules across 8 languages.

What is this MCP server?

Scans public GitHub MCP-server repositories for security issues
37 MCP-specific L1 security rules baked into the scanner
Analysis coverage across 8 programming languages
Remote streamable-http MCP at scan.compuute.se
Purpose-built for MCP server repos—not generic app SAST only
8 programming languages supported in analysis
Server version 0.3.0

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

Installing random MCP servers from GitHub is risky because generic linters miss MCP-specific footguns and solo builders rarely have time for manual security review.

Who is it for?

Indie devs curating MCP dependencies or publishing their own MCP server who want a quick, MCP-aware GitHub repo scan from the agent.

Skip if: Private repos you cannot expose to a public-GitHub scanner, non-MCP applications, or teams needing formal compliance pentests.

What do I get? / Deliverables

After you connect the remote scanner MCP, your agent can run a structured security pass on a GitHub MCP repo URL before you trust or ship it.

Security findings oriented to MCP server implementations on GitHub
Agent-readable scan output grounded in 37 MCP-specific L1 rules
Pre-install vetting record you can attach to ship checklists

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP-focused GitHub security scanner service, not an in-repo Claude skill for writing fixes.

Common Questions / FAQ

Who is io.github.Compuute/compuute-scan-api for?

Solo builders and small teams who adopt or maintain MCP servers and need automated, MCP-specific security signals on public GitHub source before install or release.

When should I use io.github.Compuute/compuute-scan-api?

Use it in Ship security when evaluating a third-party MCP listing, before merging MCP server changes, or prior to announcing a new MCP package.

How do I add io.github.Compuute/compuute-scan-api to my agent?

Register the remote MCP URL https://scan.compuute.se/mcp/ with streamable-http transport in your client, then invoke scan tools against the public GitHub MCP repo you want reviewed.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.Compuute/compuute-scan-api for?

When should I use io.github.Compuute/compuute-scan-api?

How do I add io.github.Compuute/compuute-scan-api to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.Compuute/compuute-scan-api for?

When should I use io.github.Compuute/compuute-scan-api?

How do I add io.github.Compuute/compuute-scan-api to my agent?