MCP Servers

模型上下文协议服务器、框架、SDK 和模板的综合目录。

M
MCP Servers Checker
作者 @BenAmorFarouk
GitHub 仓库(1 星标)

A desktop governance tool for Model Context Protocol (MCP) servers — static config auditing, public server catalog scanning, real-time HITL monitoring with approve/deny gates, persistent audit logging, and an isolated sandbox for safe tool testing. Built with Electron + React.

创建于 6/16/2026
更新于 1 day ago
README
View Source
Repository documentation and setup instructions

MCP Checker

A desktop application for auditing, monitoring, and governing Model Context Protocol (MCP) servers — built on the best practices outlined in the Agent Tools & Interoperability paper (May 2026).

MCP Checker covers every angle of safe MCP consumption: static config auditing, public server vetting, live runtime monitoring with human approval gates, persistent audit logging, and isolated sandbox testing.

Features

| Feature | What it does | |---|---| | Static Audit | Parses Claude Desktop / MCP config files and flags hardcoded credentials, missing read-only mode, wide access scope, and unverified public endpoints | | Catalog Checker | Fetches source from public GitHub MCP repos and rates them Safe / Caution / Risky based on dangerous code patterns | | Runtime Monitor | Connects to a live MCP server (stdio or SSE) and requires human approval before every tool call executes (HITL) | | Audit Log | Persists every tool call to a local SQLite database; filterable, searchable, and exportable to JSON or CSV | | Sandbox | Runs an in-process mock MCP server so you can test tool calls safely without touching real servers |

Installation & Setup

Prerequisites

  • Node.js v18 or later
  • npm v9 or later
  • Git

Steps

# 1. Clone the repository
git clone https://github.com/BenAmorFarouk/MCP-servers-checker.git
cd MCP-servers-checker

# 2. Install dependencies
npm install

# 3. Start the app in development mode
npm run dev

The Electron window will open automatically.

Running in Production (Packaged Build)

# Build the app
npm run build

# Package as a native installer (Windows .exe / macOS .dmg / Linux .AppImage)
npm run package

The output will be in the dist/ directory.

Usage Guide

Static Audit

  1. Navigate to Static Audit in the sidebar.
  2. Click Browse & Scan Config File.
  3. Select a claude_desktop_config.json or any MCP mcp.json file.
  4. Review the findings table — each rule is marked PASS, WARN, or FAIL.

Rules checked:

| Rule | Severity | Description | |---|---|---| | NO_HARDCODED_CREDS | FAIL | API keys or tokens embedded directly in config | | USE_ENV_VARS | WARN | Env values are literals instead of ${VAR} references | | READ_ONLY_MODE | WARN | Data-source servers missing a --read-only flag | | SCOPED_ACCESS | WARN | Wildcard or --all access flags detected | | UNVERIFIED_PUBLIC | WARN | Server URL points to a public (non-localhost) endpoint |

Catalog Checker

  1. Navigate to Catalog in the sidebar.
  2. Paste a GitHub repository URL (e.g. https://github.com/owner/mcp-server-name).
  3. Click Check — the app fetches source files via the GitHub API and scans for dangerous patterns.
  4. Results are cached for 24 hours to avoid redundant API calls.

Runtime Monitor

  1. Navigate to Monitor in the sidebar.
  2. Fill in the connection form:
    • stdio: provide the command and optional arguments (e.g. npx @modelcontextprotocol/server-filesystem /path/to/dir)
    • SSE: provide the server URL (e.g. http://localhost:3000/sse)
  3. Click Connect — the available tools are listed.
  4. Select a tool, provide JSON input, and click Send.
  5. An approval card appears — review the tool name and full input, then Approve or Deny.
  6. All decisions are logged automatically.

Audit Log

  1. Navigate to Audit Log in the sidebar.
  2. Filter by server name, tool name, or decision (approved / denied / sandbox).
  3. Click Search to refresh results.
  4. Use Export CSV or Export JSON to save a copy to your Downloads folder.

Sandbox

  1. Navigate to Sandbox in the sidebar.
  2. Click Add Mock Tool — provide a name, description, input schema (JSON Schema), and mock response (JSON).
  3. Add as many tools as needed.
  4. Click Start Sandbox to launch the in-process mock MCP server.
  5. Use the Test a Tool Call panel to select a tool, provide input, and fire a test call.
  6. The response is shown immediately and logged with decision: sandbox.

Project Structure

src/
├── main/                   # Electron main process
│   ├── index.ts            # App entry point
│   ├── ipc/                # IPC channel handlers
│   └── services/           # Core logic
│       ├── staticAuditor.ts
│       ├── registryChecker.ts
│       ├── runtimeMonitor.ts
│       ├── auditLogger.ts
│       └── sandboxServer.ts
├── preload/
│   └── index.ts            # contextBridge API
├── renderer/               # React frontend
│   ├── pages/              # One page per feature
│   └── components/         # Shared UI components
└── shared/
    └── types.ts            # Shared TypeScript types

Tech Stack

  • Electron — desktop app shell
  • React + TypeScript — UI
  • Tailwind CSS — styling
  • @modelcontextprotocol/sdk — MCP client and server
  • better-sqlite3 — local audit log persistence
  • electron-vite — build tooling

License

MIT

快速设置
此服务器的安装指南

安装包 (如果需要)

npx @modelcontextprotocol/server-mcp-servers-checker

Cursor 配置 (mcp.json)

{ "mcpServers": { "benamorfarouk-mcp-servers-checker": { "command": "npx", "args": [ "benamorfarouk-mcp-servers-checker" ] } } }