Check MCP servers before installing them in Cursor.

Oathe runs behavioral security audits on third-party tools. Free, no API key, under 2 minutes.

Why Check?

MCP servers get full system access

Every MCP server you install can read files, make network requests, and execute commands on your machine. There is no permission model. If Cursor can reach it, the server can too.

Cursor trusts tools by default

Cursor will call any tool an MCP server exposes. It does not distinguish between safe and malicious tool descriptions. A compromised server shapes what Cursor does next.

One audit catches what code review misses

Static analysis sees code. Oathe sees behavior. We execute the server in a sandbox and monitor every action it takes -- network calls, file access, data handling -- in real time.

Two Ways to Check

Option 1

MCP Server (recommended)

Install the Oathe MCP server alongside your other tools. Ask Cursor to check any server before you install it.

Cursor IDE

Add to your Cursor MCP config (.cursor/mcp.json in your project root):

{
  "mcpServers": {
    "oathe": {
      "command": "npx",
      "args": ["-y", "oathe-mcp"]
    }
  }
}

Then ask Cursor: "Use oathe to check if the X MCP server is safe to install."

Option 2

Direct API

Query the Oathe audit engine directly. No installation required.

Request

curl https://audit-engine.oathe.ai/api/skill/{owner}/{repo}/summary

Response

{
  "skill_slug": "owner/repo",
  "score": 85,
  "verdict": "SAFE",
  "recommendation": "This skill demonstrates safe behavior...",
  "findings_count": 3,
  "critical_findings": 0,
  "high_findings": 1,
  "audited_at": "2025-12-01T10:30:00.000Z",
  "report_url": "/api/skill/owner/repo/latest"
}

What You Get

Trust Score

A score from 0 to 100 based on six behavioral dimensions: prompt injection, data exfiltration, code execution, clone behavior, canary integrity, and behavioral reasoning.

Verdict

A clear categorical assessment: SAFE, CAUTION, DANGEROUS, or MALICIOUS. Each verdict maps to a score range and a recommended action.

Detailed Findings

Every security observation is documented with severity, evidence, and score impact. Recommendations include INSTALL, INSTALL_WITH_RESERVATIONS, DO_NOT_INSTALL, and UNINSTALL_IMMEDIATELY.

Get Started

oathe.ai
API Documentation How Pre-Install Checks Work What is Oathe? GitHub npm