Nextscan
@berkayderin
关于 Nextscan
MCP server that scans Next.js projects and returns a compact summary of routes, API endpoints, database schema, and security issues.
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"nextscan": {
"command": "npx",
"args": [
"-y",
"@berkayderin/nextscan"
]
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Nextscan?
Nextscan is an MCP server that scans a Next.js project directory and returns a compact, structured summary of its routes, API endpoints, database schema, and security posture. It is designed for Next.js developers who want a single‑tool overview instead of manual file‑by‑file exploration.
How to use Nextscan?
Clone the repository, run npm install && npm build, then add the server to an MCP‑compatible client (e.g., Claude Code) with claude mcp add nextscan -- node /path/to/nextscan/dist/index.js. Inside the client, call the scan tool with the required path argument (absolute path to the Next.js project root) and an optional focus parameter (routes, api, schema, or security).
Key features of Nextscan
- Single
scancall returns a full project overview. - Compact route tree with dynamic/static and client/server flags.
- Hardcoded secrets and environment variable leak detection.
- Auth and validation status per API endpoint.
- Prisma/Drizzle relation mapping including orphan models.
Use cases of Nextscan
- Quickly understand the route structure of an unfamiliar Next.js codebase.
- Audit API endpoints for missing authentication or validation.
- Check a project’s database schema and model relations.
- Scan a Next.js app for common security issues before deployment.
FAQ from Nextscan
What does Nextscan analyze that manual exploration might miss?
It automatically detects unprotected API routes, missing rate limiting, hardcoded secrets, and schema orphans (models without relations), which are easy to overlook when reading files individually.
What are the runtime requirements for Nextscan?
Node.js 18 or later and an MCP‑compatible client such as Claude Code or Claude Desktop.
Which Next.js features does Nextscan cover?
It analyzes the App Router (pages, layouts, dynamic routes, route groups), API endpoints (methods, auth, validation), middleware and matchers, and database schemas for Prisma and Drizzle.
How does Nextscan detect security issues?
It inspects middleware configuration, header settings, API route auth guards, and scans source files for potential hardcoded secrets or environment variable leaks.
Does Nextscan transmit my project data anywhere?
No. Nextscan runs locally and only reads files from the specified absolute path; no data is sent over the network. Communication stays within the MCP client–server process.
开发工具 分类下的更多 MCP 服务器
Golf
golf-mcpProduction-Ready MCP Server Framework • Build, deploy & scale secure AI agent infrastructure • Includes Auth, Observability, Debugger, Telemetry & Runtime • Run real-world MCPs powering AI Agents
test
prysmaticlabsGo implementation of Ethereum proof of stake
sentry-mcp
getsentryAn MCP server for interacting with Sentry via LLMs.
Huoshan Test
volcengineSerena
oraiosA powerful MCP toolkit for coding, providing semantic retrieval and editing capabilities - the IDE for your agent
评论