FREE OPEN-SOURCE TOOL

Is your MCP gateway
production-ready?

Scan your MCP / AI-agent gateway for production-readiness anti-patterns. Read-only, MIT licensed — no secrets touched, no code executed.

Run it free — 30 seconds View on GitHub

MIT Read-only 7 dimensions Zero setup

GET STARTED

Run it in 30 seconds

Three ways to use mcp-gateway-scan. Same package — pick the mode that fits your workflow.

One-off CLI scan

Point it at your repo. Outputs a scored report to stdout in seconds.

shell

npx mcp-gateway-scan ./your-repo

CI gate — fails the build on red

Add --ci to exit with a non-zero code on any red finding. Drop it into a GitHub Actions step and your pipeline blocks before a misconfigured gateway ships.

shell

npx mcp-gateway-scan --ci ./your-repo

Inside Claude Code, Cursor, or Gemini

Register the package as an MCP server so your AI agent can run scans on demand. I maintain an MCP server that works in Claude Code, Cursor, and Gemini — same mcp-gateway-scan package, mcp sub-command activates the server mode. Once added, ask your agent: "scan my gateway".

shell — Claude Code

claude mcp add gateway-scan -- npx -y mcp-gateway-scan mcp

Default invocation (no sub-command) = CLI. The mcp sub-command switches the same binary into MCP server mode.

COVERAGE

7 dimensions, one command

The scanner evaluates your gateway configuration across seven independent dimensions. Each dimension maps to a common failure mode found in production AI agent deployments.

Tool-access / RBAC

Are tools scoped to least-privilege roles? Does every agent caller have an explicit allow-list?

Fail-close behaviour

Does the gateway deny by default on error, timeout, or ambiguous tool response — not fail-open?

Onboarding & supply-chain

Are MCP server origins pinned? Is there a review step before new tools are exposed to agents?

Observability

Is every tool call logged with inputs, outputs, latency, and caller identity? Are alerts wired?

Routing & cost control

Are expensive model calls gated behind intent checks? Is there per-agent token budget enforcement?

Secrets & identity

Are credentials injected at runtime, never in prompts or tool descriptions? Is caller identity verified?

Production readiness

Does the gateway have health checks, graceful shutdown, rate limiting, and a rollback path?

EXAMPLE OUTPUT

Know exactly where you stand

The scanner prints a score summary to stdout. Green means production-ready. Yellow means review recommended. Red means a known failure mode is present.

$ npx mcp-gateway-scan ./my-gateway

MCP Gateway Scan — v0.1.0
Scanning: ./my-gateway

Results
────────────────────────────────────────
  ✔  D1  Tool-access / RBAC         PASS
  ✖  D2  Fail-close behaviour         FAIL   gateway defaults to fail-open on timeout
  ✔  D3  Onboarding / supply-chain    PASS
  ⚠  D4  Observability                WARN   tool outputs not logged; latency untracked
  ✔  D5  Routing / cost control       PASS
  ✖  D6  Secrets / identity           FAIL   API key found in tool description string
  ⚠  D7  Production readiness         WARN   no health check endpoint configured
────────────────────────────────────────

Score  3 / 7   2 red  2 yellow  3 green

Run with --ci to fail the build on any red finding.

WANT THE FULL PICTURE?

Found reds? That's where the real work starts.

The free scanner runs static checks — an instant first read. The MCP Gateway Readiness Audit goes further: live fault-injection, trace verification, per-finding evidence (file + line), a cited gap matrix, and a sequenced 90-day roadmap — delivered with a live review session.

See a sample report Book a 30-min call

Or email directly: me@willianpinho.com

Open-source, MIT licensed Read-only — never executes your code Never prints or stores secrets

Is your MCP gatewayproduction-ready?