Shipcheck MCP
JSON →Run Shipcheck repo risk scans from MCP coding agents.
Install
npx --yes Tools · 1
- scan_repository Scans a JavaScript/TypeScript repository for launch risks such as exposed env vars, unsigned webhooks, missing security evidence, debug routes, missing CI, loose dependencies, thin release docs, and other issues. Supports text, markdown, json, and sarif output formats. Severity levels: info, low, medium, high.