Stop reinstalling and reconfiguring the same MCP servers every time you switch AI clients.
Install and audit 70+ MCP servers once — GitHub, Slack, Linear, Stripe, Firecrawl and more. Use them across Claude Code, Cursor, Windsurf, Copilot, and Gemini, with local protection against risky tools and actions. One npx curatedmcp install, no cloud account required.
Or browse the 70-server catalog — every server risk-classified before it's listed.
Works across the AI clients your team already runs
One command. Every client. Audited and firewalled before it runs.
Switch clients tomorrow — it's already there. No re-setup.
Five things you do every week — before and after installing the agent.
| What you want to do | The painful way | The CuratedMCP way |
|---|---|---|
| Install an MCP tool | Manually edit hidden JSON config files for each AI client. | Run one command. Active across every client instantly. |
| Switch AI clients | Re-authenticate, copy env vars, reconfigure your stack. | Your tools follow you from Cursor to Claude Code to Gemini. |
| Verify server safety | Cross your fingers, read raw GitHub source, hope no key leaks. | Risk-classified and screened locally before installation. |
| Control permissions | Third-party MCP servers get blind, unrestricted access. | Local firewall blocks dangerous file or network actions. |
| Share a stack with your team | Slack a JSON snippet and pray nobody mis-pastes it. | One config URL — every reload reflects the latest allowlist. |
Install an MCP tool
Manually edit hidden JSON config files for each AI client.
Run one command. Active across every client instantly.
Switch AI clients
Re-authenticate, copy env vars, reconfigure your stack.
Your tools follow you from Cursor to Claude Code to Gemini.
Verify server safety
Cross your fingers, read raw GitHub source, hope no key leaks.
Risk-classified and screened locally before installation.
Control permissions
Third-party MCP servers get blind, unrestricted access.
Local firewall blocks dangerous file or network actions.
Share a stack with your team
Slack a JSON snippet and pray nobody mis-pastes it.
One config URL — every reload reflects the latest allowlist.
Same mission — governed MCP — two entry points depending on where you are.
For individual developers
A free, open-source CLI that installs in 30 seconds. Audit your AI clients for risky MCP servers, run a unified hub across every IDE, and add a local action firewall — all without a cloud account.
For engineering organisations
A team-level governance dashboard. Approve which MCP servers your engineers can install, push one allowlist across every AI client they run, and see every tool call in a tamper-proof audit log.
One CLI that runs locally — no signup, no cloud dependency. Audit risks in 30 seconds, then run it as your MCP hub, add a firewall, and sync your team's governance policy.
npx curatedmcp audit# free · runs offline · nothing leaves your machine
curatedmcp auditScan every AI client on this machine. Flags credential leaks, unverified servers, risky tool permissions.
curatedmcp runOne MCP hub. Add it to Claude, Cursor, Windsurf, Copilot or Gemini once — every server you add appears in all of them.
curatedmcp guardLocal-first action firewall. Intercepts every MCP tool call before it executes. Block, alert, or require approval.
curatedmcp syncConnect to your team's control plane. Pull the org allowlist and report your local audit upstream.
MCP adoption just crossed the “it's everywhere” threshold. Every AI-forward eng org is hitting these three problems simultaneously.
Engineers install MCP servers across Claude Code, Cursor, and Copilot without IT visibility. One risky server — unverified publisher, credential in env, unrestricted filesystem — gives an AI agent keys to production. The Agent audits what's installed today. The Control Plane prevents it tomorrow.
Your team uses Claude Code, Cursor, Windsurf, and Copilot simultaneously. Each has its own MCP config. The Control Plane pushes one allowlist to all of them via a single team config URL — remove a server here and every developer's next reload reflects it instantly.
MCP is the new npm — and the same supply-chain attacks are coming. Every server in the CuratedMCP catalog is human-reviewed, risk-classified (Read-only / Read-write / Executes commands / Network egress), and credential-handling audited before it can be added to any team's allowlist.
Four steps — the first one takes 30 seconds and costs nothing.
Run `npx curatedmcp audit` — it scans Claude Desktop, Cursor, Claude Code, and Windsurf configs in under 30 seconds and flags risky servers by severity. Free, offline, no account.
Free · no signupBrowse the 70+ human-reviewed servers in the catalog. Filter by risk level (Read-only / Read-write / Executes commands). Add what your team actually needs. One team config URL — developers paste it once.
Team planThe agent's `guard` command wraps any MCP server in a local firewall. Block unapproved tool calls before they execute. Policy is defined once and synced to every developer running `curatedmcp sync`.
Agent + Team planEvery tool call logged — who called it, which IDE, what arguments (hashed locally, never exfiltrated). Filter by server, by user, by blocked vs. allowed. Export to CSV. Prove compliance.
Team planThe Control Plane
Built for Heads of Platform Engineering and AppSec leads rolling out Claude Code, Cursor, or Copilot at 50–500 engineers. Set policy once, enforced everywhere.
Approve which MCP servers your engineers can use. One team config URL distributes the allowlist. Remove a server and every developer's next sync reflects it.
Every MCP tool invocation captured — server, tool name, caller, IDE, timestamp. Blocked calls logged separately. Filter and export to CSV or SIEM.
70+ human-reviewed servers, each rated by risk level (Read-only / Read-write / Executes commands / Network egress). Filter the whole catalog to Read-only in one click.
Okta / Azure AD / Google Workspace. Owner / Admin / Member roles. Run the control plane in our cloud or fully on-prem. Shipping with our first design partners.
Design partner program — limited seats
We scan your dev fleet, set up the allowlist and audit policy, and stand up the control plane for your org. SSO + per-tool-call audit included for design partners.
The policy library
The same rigor that rejected dozens of risky servers is what backs the policy templates your admins import. Risk-classified, credential-handling audited, ready to allowlist.
Official Azure integration — manage resources, deployments, storage, and identity across Azure
Official GitHub integration — manage repos, issues, pull requests, and workflows from your AI agent
Advanced web scraping with JavaScript rendering, PDF support, and autonomous research agents
Official AWS integration — DynamoDB, S3, Lambda, EC2, and the full AWS cloud via natural language
Official Vercel integration — manage deployments, logs, env vars, and projects from your AI agent
Official Figma integration — access design files, components, and tokens directly in your AI coding workflow
Try the agent free in your browser, or tour the live control plane demo — no account, no credit card.
Ready to roll it out across your org? See the 60-day pilot →