npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@wigu/mcp-doctor

v0.4.0

Published

Diagnose, secure, and benchmark your MCP servers

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

wiguwigu

Keywords

mcpmodel-context-protocolclidiagnosticsclaudecursor

Readme

MIT License Node >= 18 npm npm downloads

mcp-doctor

Diagnose, secure, and benchmark your MCP servers.

Zero-config CLI that auto-discovers MCP server configs across Claude Code, Cursor, VS Code, Windsurf, and Claude Desktop — then tests connections, flags security issues, and benchmarks latency in seconds.

Why?

MCP servers are becoming the backbone of AI-assisted development. But as you add more servers across more tools, things break silently:

  • Servers go down and you don't notice until a tool call fails mid-conversation
  • Secrets leak — API keys hardcoded in config files, tokens visible in process args
  • Slow servers drag down your entire AI workflow without you realizing it
  • Configs drift between tools — what works in Cursor might be broken in Claude Desktop

mcp-doctor gives you a single command to check everything, across every tool, in seconds.

Quick Start

npx @wigu/mcp-doctor doctor

That's it. No config needed — it finds your servers automatically.

Commands

| Command | Description | | ------- | ----------- | | doctor | Run all checks at once (scan + security + bench) | | scan | Test all MCP server connections | | security | Audit configs for security issues | | bench | Benchmark server response times | | serve | Run as an MCP server (stdio transport) |

All commands support --json for machine-readable output.

doctor — Full checkup (recommended)

Runs scan, security, and bench in one go and prints a summary.

mcp-doctor doctor

# JSON output for CI/scripts
mcp-doctor doctor --json

scan — Test all MCP server connections

Discovers configs and verifies each server responds to a JSON-RPC handshake.

$ mcp-doctor scan

  ┌─────────────────────────────────────────┐
  │           mcp-doctor v0.3.0             │
  │   Diagnose · Secure · Benchmark         │
  └─────────────────────────────────────────┘

  ✔ Found 3 server(s)

  ┌──────────────┬────────────┬─────────┐
  │ Server       │ Source     │ Status  │
  ├──────────────┼────────────┼─────────┤
  │ filesystem   │ Claude     │ ✔ OK    │
  │ postgres     │ Cursor     │ ✔ OK    │
  │ slack        │ VS Code    │ ✘ FAIL  │
  └──────────────┴────────────┴─────────┘

security — Audit configs for security issues

Checks for leaked secrets, overly broad permissions, and risky command patterns.

$ mcp-doctor security

  ⚠  2 issues found

  ┌──────────┬──────────┬───────────────────────────────┐
  │ Severity │ Server   │ Issue                         │
  ├──────────┼──────────┼───────────────────────────────┤
  │ HIGH     │ postgres │ Plaintext password in config  │
  │ MEDIUM   │ slack    │ Token visible in args         │
  └──────────┴──────────┴───────────────────────────────┘

bench — Benchmark server response times

Measures JSON-RPC round-trip latency for every configured server.

$ mcp-doctor bench

  ┌──────────────┬──────────┬────────┐
  │ Server       │ Latency  │ Rating │
  ├──────────────┼──────────┼────────┤
  │ filesystem   │ 12ms     │ fast   │
  │ postgres     │ 87ms     │ ok     │
  │ slack        │ timeout  │ —      │
  └──────────────┴──────────┴────────┘

MCP Server Mode

mcp-doctor can also run as an MCP server itself, exposing scan, security, bench, and doctor as tools your AI assistant can call directly.

{
  "mcpServers": {
    "mcp-doctor": {
      "command": "npx",
      "args": ["@wigu/mcp-doctor"]
    }
  }
}

When invoked without arguments and stdin is piped, it automatically starts in server mode using stdio transport. You can also explicitly run:

mcp-doctor serve

This means your AI assistant can diagnose its own MCP infrastructure on demand.

GitHub Action

Use mcp-doctor in CI to catch broken servers and leaked secrets automatically:

- name: Check MCP servers
  uses: realwigu/mcp-doctor@main
  with:
    command: doctor
    fail-on-error: "true"

The action outputs JSON via ${{ steps.mcp-doctor.outputs.result }} for downstream processing.

JSON Output

All commands support --json for structured output — useful for CI pipelines, dashboards, or scripting:

mcp-doctor doctor --json | jq '.summary'
{
  "servers": 3,
  "healthy": 2,
  "securityIssues": 1,
  "avgLatencyMs": 45
}

Supported Tools

| Tool | Config Auto-Detected | | --------------- | -------------------- | | Claude Code | ✅ | | Claude Desktop | ✅ | | Cursor | ✅ | | VS Code | ✅ | | Windsurf | ✅ |

mcp-doctor reads each tool's config file from its standard location and merges all discovered servers into a single view.

What It Checks

  • Connection health — JSON-RPC initialize handshake against every server
  • Security issues — plaintext secrets, tokens in args, dangerous shell commands
  • Latency benchmarks — round-trip timing with fast / ok / slow ratings

Install

# Run directly (no install needed)
npx @wigu/mcp-doctor scan

# Or install globally
npm install -g @wigu/mcp-doctor
mcp-doctor scan

Requires Node.js 18+.

Contributing

Contributions are welcome! Open an issue or submit a pull request.

  1. Fork the repo
  2. Create a feature branch (git checkout -b my-feature)
  3. Commit your changes
  4. Open a PR

License

MIT