vibecheck

Agent-native "safe to ship?" security gate for AI-generated code. Uses real parsers and inter-rocedural taint analysis (JS/TS, Python, Go) to flag the classes AI coding agents get wrong — secrets, SQL injection, SS, SSRF, path traversal, command injection, weak JWT/CORS — and ranks findings by confidence. Exposes a scan tool over MCP.

by ArisRhiannon

Links:

GitHub

Glama

○

Unscored visibility — 0/0 applicable dimensions scored

○ Schema Quality — Protocol — Reliability ○ Docs & Maintenance ○ Security Hygiene — Schema Interpretability

Schema Quality

—

42% weight

Protocol Compliance

N/A

Local server

Reliability

N/A

Local server

Docs & Maintenance

—

25% weight

Security Hygiene

—

33% weight

Embed Badge

Add this to your README to display your MCP Scoreboard grade:

[![MCP Score](https://www.mcpscoreboard.com/badge/e631ccaf-51f9-472e-9d19-1369ab1e0f11.svg)](https://www.mcpscoreboard.com/server/e631ccaf-51f9-472e-9d19-1369ab1e0f11/)