policylayer
v0.1.6
Published
Scan your MCP servers for security risks — live tool discovery + classification + shareable report
Maintainers
Readme
policylayer
Scan your MCP config. See what your AI agent can do. Get a shareable report.
Quick start
npx -y policylayerThat's it. The CLI finds your MCP config, live-scans each server, classifies every tool, and prints a report URL.
What it does
- Finds your config -- checks
.mcp.json,~/.claude.json, Claude Desktop, Cursor, VS Code, Windsurf, and Codex configs automatically - Live-scans servers -- spawns each MCP server, performs the JSON-RPC handshake, and discovers every tool with its full schema
- Classifies tools -- checks against the PolicyLayer database of 2,500+ classified tools. Unknown tools are classified locally using schema analysis, blast radius detection, and verb matching
- Generates a policy YAML -- suggested default rules for every tool, ready to use with Intercept
- Prints a report URL -- permanent, shareable, no login required
- Contributes back -- live-scanned tool data is contributed to the database so future scans are faster for everyone
Commands
npx -y policylayerOptions:
| Flag | Description |
|------|-------------|
| -d, --dir <path> | Directory to scan for config files (default: cwd) |
| -o, --output <path> | Output path for policy YAML (default: policylayer.yaml) |
| --no-live | Skip live scanning, classify from config only |
| --no-report | Skip submitting report to PolicyLayer |
| --timeout <ms> | Timeout per server in milliseconds (default: 30000) |
| --json | Output results as JSON |
Examples
# Auto-detect config and scan
npx -y policylayer
# Scan a specific directory
npx -y policylayer -d ~/projects/my-app
# Skip live scanning (faster, less detailed)
npx -y policylayer --no-live
# Output as JSON for piping
npx -y policylayer --json
# Custom policy output path
npx -y policylayer -o my-policy.yamlConfig detection
The CLI searches these paths and uses all configs found:
| Client | Path |
|--------|------|
| Claude Code (project) | .mcp.json |
| Claude Code (user) | ~/.claude.json |
| Claude Desktop | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Cursor | .cursor/mcp.json |
| VS Code | .vscode/settings.json |
| Windsurf | ~/.codeium/windsurf/mcp_config.json |
| Codex (project) | .codex/config.toml |
| Codex (user) | ~/.codex/config.toml |
Privacy
The CLI never sends your raw config. Before anything leaves your machine:
- Environment variables are stripped
- Auth tokens are removed
- Only server names, package identifiers, and tool schemas are sent
- Live-scanned tool data (names, descriptions, schemas) is contributed to improve the database
Use --no-report to skip sending anything.
Links
- Example report
- Scan your config online
- Policy library
- Intercept -- enforce limits on every MCP tool call
