Docs

MCP Server

Bring your Panache monitoring into your AI assistant. Ask Claude, Cursor, or VS Code about your findings, scores, and uptime, in plain language.

What is the Panache MCP server

MCP (Model Context Protocol) lets an AI assistant call external tools over a standard interface. The Panache MCP server exposes your monitoring data (security, performance, SEO, and compliance findings, scores, uptime, Lighthouse reports) as tools your assistant can query. Instead of switching to the dashboard, you ask your agent things like "which sites have critical findings?", "summarize this month for client X", or "is example.com's score trending down?". The agent calls the right tool and answers from live data. The server speaks Streamable HTTP and works with any MCP-capable client: Claude (web, desktop, Code), Cursor, and VS Code.

Read-only by design

v0 is strictly read-only. Every tool runs under a single scope, monitoring:read, and there is no tool that writes, deletes, or changes anything in your account. The agent can read your monitoring data and nothing else. Data is scoped to your organization through the OAuth session: the agent only ever sees the sites and findings of the organization you connected.

Server URL

The MCP server lives at a single public URL. It is the same for everyone: the OAuth 2.1 flow scopes the connection to your organization, so you do not need a per-account URL or an API key.

https://withpanache.dev/api/mcp

Connect a client

Add the server to your AI client, then complete the one-time OAuth sign-in in your browser. Only an owner or admin of the organization can authorize the connection. Pick your client below.

Claude (web and desktop)

In Claude, open Settings, then Connectors, and add a custom connector. Paste the server URL below and follow the sign-in prompt. Claude will ask you to authorize Panache, then the tools appear in your conversation.

https://withpanache.dev/api/mcp

Claude Code

Run this command in your terminal. Claude Code registers the server over HTTP and opens the browser for the OAuth sign-in on first use.

claude mcp add --transport http panache https://withpanache.dev/api/mcp

Cursor

Add the server to your Cursor MCP configuration (Settings, then MCP, then Add server), or paste the JSON snippet below into your mcp.json. Cursor handles the OAuth handshake on first use.

{
  "mcpServers": {
    "panache": {
      "url": "https://withpanache.dev/api/mcp"
    }
  }
}

VS Code

Add the server to your VS Code MCP configuration. Paste the JSON snippet below into your settings (the servers block), or use the MCP: Add Server command. VS Code negotiates Streamable HTTP and runs the OAuth sign-in on first use.

{
  "servers": {
    "panache": {
      "type": "http",
      "url": "https://withpanache.dev/api/mcp"
    }
  }
}

Available tools

The server exposes eleven read-only tools, grouped by scope. Your assistant picks the right one automatically; this list is for reference.

Across your organization

Tool	What it returns
`list_sites`	List the sites you monitor, each with its latest global score and monitoring status.
`list_findings`	List detected problems across the organization, filterable by site, severity, source, or status, paginated.
`get_finding_detail`	Get the full detail of one finding, including which sites it affects and its evolution over time.
`get_portfolio_overview`	Get the organization-wide rollup: totals, score, grade, 7-day trend, and finding buckets.

For one site

Tool	What it returns
`get_site_check_results`	Get per-check evidence for one site: status, score, metrics, and findings, including info and compliance findings.
`get_site_evidence`	Get the recorded scan facts for one site: which security headers are present or missing, server banner, cookie count, and similar.
`get_site_uptime`	Get uptime telemetry over a period: uptime percentage, average and p95 response time, with optional series and breakdown.
`get_site_lighthouse`	Get the latest Lighthouse result: a curated summary plus a short-lived signed link to the full report.
`get_site_score_history`	Get the score history (global and per-category) over a period for trends and sparklines.
`get_site_report_context`	Get the facts to write a client report: score trend, resolved wins, open findings, and a compliance rollup.

Reference catalog

Tool	What it returns
`list_checks`	List the full catalog of checks Panache can run, with each check's title, description, category, and weight.

Security

Authorization uses OAuth 2.1. Tokens are scoped to your organization and to monitoring:read. Only owners and admins can connect a client. Third-party evidence captured from monitored sites (such as response headers or page content) is treated as untrusted data. Tools that can return it require an explicit opt-in, sanitize the payload, and wrap it in a warning envelope so your assistant treats it as data, never as instructions.

Need help?

If you have questions about the MCP server or need assistance, reach out at hello@withpanache.dev