SmeltSecSmeltSec
    Features
    |Security
    |How It Works
    |Pricing
    |Docs
    |Blog
    |About
    npm
    1. Home
    2. /
    3. Docs
    Documentation

    Build with SmeltSec

    Everything you need to generate, secure, maintain, and monitor MCP servers.

    Quick start

    Five questions most people ask first

    The fastest path from zero to a running SmeltSec pipeline.

    Install the CLI globally with `npm install -g @smeltsec/cli`, or run one-off commands via `npx @smeltsec/cli`. The package is MIT-licensed and works on macOS, Linux, and Windows (WSL). No Docker image required.
    Server code generation targets Python 3.11 (FastMCP) and TypeScript (MCP TypeScript SDK). Source-code analysis via Tree-sitter covers Python, TypeScript, JavaScript, Go, Rust, Java, and Ruby. Additional targets are rolling out on Team and Enterprise plans.
    Yes. The Free plan includes unlimited local generation, all 15 free scanners in Gate 1, quality scoring, and config sync for one machine. Gate 2 behavioral analysis is the only paid step (≈ $0.02 per scan) and is only run on Team plans and above.
    For a medium REST API (12–20 endpoints) the full eight-step pipeline finishes in under 60 seconds. Large repos with hundreds of files can take a few minutes, most of it spent in Tree-sitter parsing.
    The CLI and core libraries live at github.com/smeltsec. The npm packages (@smeltsec/cli, @smeltsec/core, @smeltsec/proxy, @smeltsec/sync) are all open source under MIT. Only the behavioral analysis backend is closed.
    🚀

    Quick Start

    quick-start

    Install the CLI

    npm install -g @smeltsec/cli
smeltsec --version

    Generate your first server

    # From a GitHub repo
smeltsec generate --from github:owner/repo

# From an OpenAPI spec
smeltsec generate --from ./openapi.yaml

# From a natural language description
smeltsec generate --prompt "Create a Stripe MCP server"

    What happens during generation

    Source analysis via Tree-sitter AST parsing
    Gate 1 security scan (SAST, secrets, CVEs)
    MCP server code generation (FastMCP or TypeScript SDK)
    Gate 2 security scan (tool poisoning, behavioral analysis)
    Quality + security scoring with report cards
    Client config generation (Claude Desktop, Cursor, VS Code, etc.)

    Install the config

    # Auto-install config for Claude Desktop
smeltsec config install --client claude_desktop

# Or copy manually
cp ./mcp-server/claude_desktop_config.json ~/.config/claude/

    Ready to build?

    Generate your first MCP server in under 60 seconds.

    Product

    FeaturesSecurityPricingHow It WorksDocumentation

    Resources

    Quick StartAPI ReferenceCLI ReferenceLeaderboardBlogChangelogGitHubnpm (@smeltsec/cli)npm (@smeltsec/core)

    Company

    PrivacyTerms
    SmeltSec
    © 2026 SmeltSec. Open source CLI · Proprietary SaaS.
    PrivacyTerms