Project Health Scanner
Enables scanning projects for dependency vulnerabilities, secrets, license conflicts, code quality, and git health, returning a 0-100 health score with actionable suggestions.
README
Project Health Scanner
Get a 0-100 health score for any project in seconds. Scans for dependency vulnerabilities, hardcoded secrets, license conflicts, code quality issues, and git health problems. Returns actionable fix suggestions.
Why
You push code every day but never check if your dependencies have known CVEs, if someone committed an API key, or if your licenses conflict. This tool runs one scan and tells you everything.
Install
npm i @lazymac/project-health-scanner
Quick Start
As REST API
npm start
# Server runs on http://localhost:3000
As MCP Server
Add to your Cursor/Claude Code MCP config:
{
"mcpServers": {
"project-health-scanner": {
"command": "node",
"args": ["node_modules/@lazymac/project-health-scanner/src/main.js"]
}
}
}
API Endpoints
POST /scan
Scan a project directory and get a full health report.
curl -X POST http://localhost:3000/scan \
-H "Content-Type: application/json" \
-d '{"path": "/path/to/your/project"}'
Response:
{
"score": 72,
"grade": "B",
"checks": {
"dependencies": { "score": 60, "issues": ["3 outdated packages", "1 known vulnerability"] },
"secrets": { "score": 90, "issues": ["Possible API key in config.js:14"] },
"licenses": { "score": 100, "issues": [] },
"codeQuality": { "score": 65, "issues": ["12 files over 300 lines"] },
"gitHealth": { "score": 85, "issues": ["No .gitignore found"] }
},
"suggestions": [
"Run npm audit fix to resolve 1 vulnerability",
"Rotate API key found in config.js and move to environment variable",
"Add .gitignore from github/gitignore template"
]
}
MCP Tools
| Tool | Description |
|---|---|
scan_project |
Full health scan with 0-100 score |
check_dependencies |
Dependency audit only |
detect_secrets |
Secret/API key detection only |
check_licenses |
License compatibility check |
check_code_quality |
Code quality metrics |
check_git_health |
Git repository health |
What It Checks
- Dependencies -- outdated packages, known vulnerabilities, unused dependencies
- Secrets -- API keys, passwords, tokens, private keys in source code
- Licenses -- MIT/Apache/GPL compatibility, missing license files
- Code Quality -- file sizes, complexity indicators, TODO/FIXME counts
- Git Health -- .gitignore presence, large files tracked, commit patterns
Links
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.