Is Compuute Scan Api free?

Yes, Compuute Scan Api is free to use.

How do I install Compuute Scan Api?

Compuute Scan Api supports both local and remote installation. For local use, install it via the provided package manager and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

What AI apps work with Compuute Scan Api?

Compuute Scan Api uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Compuute Scan Api MCP Server

by Compuute

Developer ToolsUse Caution4.2MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

Scan any public GitHub MCP-server repo for security issues. 37 MCP-specific L1 rules, 8 languages.

About

Scan any public GitHub MCP-server repo for security issues. 37 MCP-specific L1 rules, 8 languages.

Remote endpoints: streamable-http: https://scan.compuute.se/mcp/

Security Report

4.2

Use Caution4.2High Risk

Well-structured API wrapper around compuute-scan with strong input validation, proper error handling, and transparent framing about static analysis limitations. Code quality is high and permissions align with purpose. Minor concerns around subprocess invocation and in-memory caching do not substantially impact security posture for this category. Supply chain analysis found 4 known vulnerabilities in dependencies (0 critical, 3 high severity).

7 files analyzed · 9 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

Shell Command Execution

Runs commands on your machine. Be cautious — only use if you trust this plugin.

process_spawn

Check that this permission is expected for this type of plugin.

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

compuute-scan-api

Scan-as-a-Service for MCP servers. HTTP + MCP wrapper around compuute-scan — the MCP-specific static security scanner. Designed for agent-callable consumption.

POST a public GitHub repo URL → get a structured security report scored against 37 MCP-specific rules across 8 languages (TS/JS, Python, Go, Rust, C#, Java, Kotlin).

Honesty note (read first): compuute-scan is a pattern-breadth detector, not an exploitability oracle. Historic false-positive rate after manual validation is ~90% on raw output (verified against modelcontextprotocol/servers: 138 raw findings → 13 confirmed). Every response carries a _disclaimer field stating this explicitly. Use findings as a triage queue, not as a list of confirmed vulnerabilities. See docs/FP-RATES.md for per-rule transparency.

Endpoints

Method	Path	Purpose
POST	`/v1/scan`	Scan a public GitHub MCP-server repo
GET	`/v1/scan/info`	Scanner version, limits, capabilities
GET	`/v1/health`	Liveness + scanner-binary check
GET	`/openapi.json`	OpenAPI v3 spec (for agent discovery)
/mcp/	(planned)	MCP server with `scan_mcp_server` tool

Example

curl -X POST https://scan.compuute.se/v1/scan \
  -H 'Content-Type: application/json' \
  -H 'Idempotency-Key: 00000000-0000-0000-0000-000000000001' \
  -d '{"repo_url": "https://github.com/modelcontextprotocol/servers"}'

Response (truncated):

{
  "repo_url": "https://github.com/modelcontextprotocol/servers",
  "scanner": {"name": "compuute-scan", "version": "0.6.2", "layers_covered": ["L0", "L1"]},
  "summary": {"critical": 1, "high": 94, "medium": 22, "low": 0, "files_scanned": 77},
  "score": 0,
  "recommendation": "AVOID — 1 critical and 94 high finding(s)...",
  "top_findings": [...],
  "performance": {"clone_seconds": 1.2, "scan_seconds": 0.5, "repo_size_bytes": 41234},
  "_disclaimer": "PATTERN MATCH — compuute-scan is a static analyzer..."
}

Agent-shaped API features

Feature	How
Idempotent retries (24h cache)	`Idempotency-Key` header
HTTP cache	`ETag` + `Cache-Control: public, max-age=1800`
Conditional GET	`If-None-Match` → 304 Not Modified
Strict input validation	Pydantic `extra="forbid"`, GitHub-HTTPS-only
OpenAPI for discovery	`GET /openapi.json` with descriptions on every field
Honest framing	Every response carries `_disclaimer` — pattern match, not exploitability claim

Local development

python3 -m venv venv && source venv/bin/activate
pip install -r requirements.txt
export COMPUUTE_SCAN_PATH=$HOME/compuute-scan/compuute-scan.js
uvicorn main:app --reload

Tests

pytest tests/ -v

Architecture

api/services/scan.py — clone + sandbox + scan + parse. Pure functions.
api/serializers/scan_serializer.py — Pydantic models, strict validation.
api/routes/scan.py — HTTP layer: idempotency, cache, ETag.
main.py — FastAPI wiring.

Bundled compuute-scan version is configured via COMPUUTE_SCAN_PATH env var.

Productisation roadmap

Tier	Audience	Price
Free	Indie devs, agent builders	3 scans/day
Pro	Teams shipping MCP to production	TBD
Audit	Manual L2-L4 audit by Compuute AB	$5K-30K — see compuute.se/audit

Documentation

Doc	For
docs/ARCHITECTURE.md	Component diagram, request flow, threat model, deployment topology
docs/DEVELOPMENT.md	Local setup, layout, code style, common pitfalls — onboard a new dev in 30 min
docs/STRATEGY.md	Position, pricing tiers, roadmap, decision log — why we built it this way
docs/MONITORING.md	Endpoints to watch, automated checks, runbook for failures
docs/agentic-market-submission.md	Three paths to Agentic.market listing with engineering effort estimates
scripts/status.sh	30-second project status check (run anytime)

Security

Found a vulnerability? See SECURITY.md — email security@compuute.se. We follow a 90-day coordinated disclosure window.

License

MIT (matches compuute-scan).

Author

Compuute AB — daniel@compuute.se

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Compuute Scan Api MCP Server

About

Security Report

Findings (9)Action required

Permissions Required

How to Install & Connect

Documentation

compuute-scan-api

Endpoints

Example

Agent-shaped API features

Local development

Tests

Architecture

Productisation roadmap

Documentation

Security

License

Author

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript