Secure The VibeLog in
MCP Server

Scan from any AI. From any prompt.

Connect Secure The Vibe to Claude, Cursor, Windsurf, or any MCP client and run security scans without leaving your editor. Just ask your agent to scan a site — it gets the full report inline.

What is MCP?

MCP (Model Context Protocol) is an open standard that lets AI assistants use external tools. Think of it as a USB port for AI: instead of only chatting, your assistant can take actions. The Secure The Vibe MCP server gives your assistant a security scanner it can call on demand — so "scan staging.myapp.com" just works, right inside the conversation.

Your AI client (Claude / Cursor / Windsurf)
  │  speaks MCP
@checkvibe/mcp  → tools: scan_url, get_scan_history
  │  HTTPS + your API key
Secure The Vibe → real scan → graded report back into your chat

Set it up (2 minutes)

  1. 1

    Get an API key

    In your dashboard, open API keysand create one. Copy it — it's shown only once. (API keys are on paid plans; the MCP server is Pro & Max.)

  2. 2

    Add the config to your AI client

    Paste this into your client's MCP config file, replacing the key with yours:

    {
  "mcpServers": {
    "checkvibe": {
      "command": "npx",
      "args": ["-y", "@checkvibe/mcp"],
      "env": {
        "CHECKVIBE_API_KEY": "cv_live_…your key…",
        "CHECKVIBE_API_URL": "https://securethevibe.dev"
      }
    }
  }
}
    Claude Desktop~/Library/Application Support/Claude/claude_desktop_config.json
    Cursor~/.cursor/mcp.json (or a project .cursor/mcp.json)
    Windsurf~/.codeium/windsurf/mcp_config.json
  3. 3

    Restart & scan

    Fully quit and reopen your client, then just ask:

    Scan staging.myapp.com for security issues.

Available tools

scan_url

Scan any public URL for exposed secrets, exposed files, header/TLS/cookie issues, CORS, DNS, debug endpoints, source-map exposure, and more. Returns a graded report with fixes.

get_scan_history

List your recent scans with their scores and grades.

Ready to scan from your editor?

Grab a key from your dashboard and paste the config.

Go to dashboard

During local testing, set CHECKVIBE_API_URL to http://localhost:3000 and use "command": "node", "args": ["/path/to/checkvibe/mcp/index.mjs"] instead of npx.