Can I run MCP Risk Analyzer locally without paying?
Yes. The MCP Risk Analyzer Operator Pack ships a free local CLI (mcp-risk score manifest.json --json) that executes the identical six-factor ruleset against files on disk. You pay only for the hosted /api/agent-services/mcp-risk/score endpo…
Can I run MCP Risk Analyzer locally without paying?
Answer
Yes. The MCP Risk Analyzer Operator Pack ships a free local CLI (mcp-risk score manifest.json --json) that executes the identical six-factor ruleset against files on disk. You pay only for the hosted /api/agent-services/mcp-risk/score endpoint (5 cents per call via x402) or when you purchase the pack itself for the SKILL.md, test fixtures, and integration examples.
Related workflows
Pair MCP risk scores with DestructGuard command blocking at runtime and ReviewQueue for human review of ambiguous tool additions. Export the scored findings JSON alongside your agent session JSONL so IncidentScribe timelines include the pre-install risk evidence. Re-score any server after manifest changes before promoting to production agents.
Next steps
POST the manifest to /api/agent-services/mcp-risk/score (x402) for hosted scoring or install the Operator Pack CLI and run mcp-risk score manifest.json locally. Apply the concrete fix recommendations, re-export the manifest, and re-score until risk is medium or low. Store requestId with your session audit for compliance.
FAQ
Can I run MCP Risk Analyzer locally without paying?
Yes. The MCP Risk Analyzer Operator Pack ships a free local CLI (mcp-risk score manifest.json --json) that executes the identical six-factor ruleset against files on disk. You pay only for the hosted /api/agent-services/mcp-risk/score endpoint (5 cents per call via x402) or when you purchase the pack itself for the SKILL.md, test fixtures, and integration examples.