API & CLI Quickstart
Integrate MCPShield scans into CI/CD pipelines, scripts, or your own tools using the REST API or CLI.
1. Create an API Key
- Go to API Keys & Billing in the dashboard.
- Click Create API Key, give it a name, and copy the key. It starts with
mcp_sk_. - Store it securely — the full key is only shown once.
2. Install the CLI
npm install -g mcpshield-cliAuthenticate with your API key:
mcpshield auth mcp_sk_your_key_hereRun a scan:
mcpshield scan https://github.com/owner/repo3. REST API
POST /api/v1/scan
Submit a scan and receive results synchronously.
curl -X POST https://www.mcpshield.co/api/v1/scan \
-H "Authorization: Bearer mcp_sk_your_key_here" \
-H "Content-Type: application/json" \
-d '{"target": "https://github.com/owner/repo"}'Response
{
"id": "scan_abc123",
"target": "https://github.com/owner/repo",
"grade": "B",
"score": 72,
"totalFindings": 5,
"findings": [
{
"ruleId": "TOOL_POISONING",
"severity": "high",
"title": "Tool description contains hidden instructions",
"evidence": "..."
}
]
}Rate Limits
| Tier | API Scans / Day | Dashboard Scans / Day |
|---|---|---|
| Free | 10 | 30 |
| Pro ($15/mo) | 100 | 100 |
All users are also subject to a 30-second cooldown between scans and per-IP abuse prevention limits.
Error Codes
401 Unauthorized
Missing, invalid, or revoked API key. Check your Authorization: Bearer mcp_sk_... header.
403 Forbidden
Private repo scan attempted without Pro tier or without the GitHub App installed. See Private Repo Scanning.
429 Too Many Requests
Daily scan limit reached. The Retry-After header indicates when you can try again. Upgrade to Pro for higher limits.