← DocsIntegration · MCP

Norveth inside your AI assistant.

Norveth speaks the Model Context Protocol, so any MCP client — Claude, ChatGPT, Cursor, Windsurf, Cline — can analyze a repository or website and ask grounded questions about its architecture, security, and risk. One API key, eleven tools, everywhere you already work.

01

Get your API key

Sign in at norveth.app (the free plan works), open Settings → API Keys, and create a key. It starts with norveth_sk_.
02

Claude Desktop, Claude Code, Cursor, Windsurf & Cline

These run the server locally over stdio. Add this to your client's MCP config (claude_desktop_config.json, a project .mcp.json for Claude Code, or ~/.cursor/mcp.json) — you only need Node 18+.

{
  "mcpServers": {
    "norveth": {
      "command": "npx",
      "args": ["-y", "@norveth/mcp"],
      "env": { "NORVETH_API_KEY": "norveth_sk_your_key_here" }
    }
  }
}

Restart the client, then ask: “Analyze github.com/vercel/next.js with Norveth and tell me its biggest security risks.”

03

ChatGPT & Claude.ai on the web

Web clients connect to Norveth's hosted MCP endpoint directly — nothing to install. Add a connector pointing at:

https://norveth.app/api/mcp

Authenticate with your norveth_sk_ key as a Bearer token. In ChatGPT, add it under a custom connector / developer-mode MCP server; in Claude.ai, add it as a custom connector. Every call is scoped to your organization — you only ever see your own projects.

The tools

analyze_repositoryStart an analysis of a GitHub/GitLab repo or a website URL.
get_analysis_statusPoll an analysis job until it's COMPLETED.
list_projectsList or search the projects in your organization.
get_engineering_reportExecutive summary + engineering health score.
get_security_findingsDependencies with known CVEs.
search_codebaseSearch the engineering knowledge graph.
ask_about_projectAsk anything; get an answer grounded in the analysis.
list_pagesList the pages captured for an analyzed website.
get_page_sourceFetch a page's full source — raw HTML, text, and asset inventory.
get_source_treeRead a site's reconstructed source (original files from source maps + bundles).
get_site_intelligenceThe single JSON with everything: overview, tech, probes, pages, source, findings.

Prefer the terminal?

The same intelligence is available from the command line and CI with @norveth/cli, and programmatically via the REST API using the same API key.