Product · MCP Server

Scan from any AI. From any prompt.

Plug CheckVibe into Claude Desktop, Cursor, or any MCP-compatible client. Your agent calls the scanner, reads structured findings, and ships fixes — without leaving the chat.

Get your MCP key See pricing

How it works

Four steps. One pasted URL away.

01
Generate an API key
From your dashboard. Scoped to your projects, revocable any time.
02
Add CheckVibe to your MCP config
A single block in `claude_desktop_config.json`, `cursor.json`, or your client of choice.
03
Ask your agent to scan
Natural language. "Scan staging.myapp.com" — the agent picks the right tool and runs it.
04
Findings, inline
Structured results land back in the conversation. The agent can dismiss, re-run, or open project context next.

Why it works

Built by people who shipped vibe-coded apps and broke them.

Works with the clients you already use
Claude Desktop, Cursor, Continue, Windsurf, Codex CLI. Anything that speaks MCP.
Every scanner, every project
All scanner endpoints exposed as MCP tools. Findings, dismissals, and project metadata are queryable.
Bring-your-own-key mode
Power users can run the MCP server locally against their own CheckVibe API key for full control.
Streaming-aware
Long scans stream progress so the agent stays responsive — no 90-second silent waits.

Drop-in config

Three lines of config. Then you forget it exists.

{
  "mcpServers": {
    "checkvibe": {
      "command": "npx",
      "args": ["-y", "@checkvibe/mcp"],
      "env": { "CHECKVIBE_API_KEY": "cv_live_..." }
    }
  }
}

Get your MCP key — free until you find something.

Get your MCP key

Keep exploring.

Scanner

Paste any URL — production app, staging build, vibe-coded prototype.

AI Fixes

Every CheckVibe finding ships with a copy-paste prompt engineered for Claude, Cursor, and Windsurf — context, file paths, the exact diff.

Threat Detection

Watch the traffic hitting your live app, classify suspicious patterns, and surface real threats — credential stuffing, scraping, prompt-injection probes — without flooding your inbox with noise.

Monitors

Set a project up once.

Reports

Branded, executive-style PDFs and shareable dashboards for stakeholders, clients, and security reviewers — without writing a single sentence yourself.

All products

Product · MCP Server

Scan from any AI. From any prompt.

Plug CheckVibe into Claude Desktop, Cursor, or any MCP-compatible client. Your agent calls the scanner, reads structured findings, and ships fixes — without leaving the chat.

Get your MCP key See pricing

How it works

Four steps. One pasted URL away.

01
Generate an API key
From your dashboard. Scoped to your projects, revocable any time.
02
Add CheckVibe to your MCP config
A single block in `claude_desktop_config.json`, `cursor.json`, or your client of choice.
03
Ask your agent to scan
Natural language. "Scan staging.myapp.com" — the agent picks the right tool and runs it.
04
Findings, inline
Structured results land back in the conversation. The agent can dismiss, re-run, or open project context next.

Why it works

Built by people who shipped vibe-coded apps and broke them.

Works with the clients you already use
Claude Desktop, Cursor, Continue, Windsurf, Codex CLI. Anything that speaks MCP.
Every scanner, every project
All scanner endpoints exposed as MCP tools. Findings, dismissals, and project metadata are queryable.
Bring-your-own-key mode
Power users can run the MCP server locally against their own CheckVibe API key for full control.
Streaming-aware
Long scans stream progress so the agent stays responsive — no 90-second silent waits.

Drop-in config

Three lines of config. Then you forget it exists.

{
  "mcpServers": {
    "checkvibe": {
      "command": "npx",
      "args": ["-y", "@checkvibe/mcp"],
      "env": { "CHECKVIBE_API_KEY": "cv_live_..." }
    }
  }
}

Get your MCP key — free until you find something.

Get your MCP key

Keep exploring.

Scanner

Paste any URL — production app, staging build, vibe-coded prototype.

AI Fixes

Every CheckVibe finding ships with a copy-paste prompt engineered for Claude, Cursor, and Windsurf — context, file paths, the exact diff.

Threat Detection

Watch the traffic hitting your live app, classify suspicious patterns, and surface real threats — credential stuffing, scraping, prompt-injection probes — without flooding your inbox with noise.

Monitors

Set a project up once.

Reports

Branded, executive-style PDFs and shareable dashboards for stakeholders, clients, and security reviewers — without writing a single sentence yourself.

Scan from any AI. From any prompt.

Four steps. One pasted URL away.

Generate an API key

Add CheckVibe to your MCP config

Ask your agent to scan

Findings, inline

Built by people who shipped vibe-coded apps and broke them.

Works with the clients you already use

Every scanner, every project

Bring-your-own-key mode

Streaming-aware

Three lines of config. Then you forget it exists.

Get your MCP key — free until you find something.

Keep exploring.

Ship your first secure release today.

Ship your first secure release today.

Scan from any AI. From any prompt.

Four steps. One pasted URL away.

Generate an API key

Add CheckVibe to your MCP config

Ask your agent to scan

Findings, inline

Built by people who shipped vibe-coded apps and broke them.

Works with the clients you already use

Every scanner, every project

Bring-your-own-key mode

Streaming-aware

Three lines of config. Then you forget it exists.

Get your MCP key — free until you find something.

Keep exploring.

Ship your first secure release today.