servers / com-get-obra-obra-cto
com.get-obra/obra-cto MCP server
communitystdiolocalwrite capablehealthy
Local-first MCP that scores your codebase's build readiness. Your code never leaves your machine.
01Tools · 5
| Tool | Risk | Side effects | Approval |
|---|---|---|---|
| scan_project Read a local project and return mechanical Build Readiness signals: file and line counts, languages, test files, CI config, lockfile, docs, and a redacted scan for hardcoded secrets. Returns signals only, never your source. Run this first. | write | true | unknown |
| run_tests Run the project's test suite on this machine and parse pass/fail counts. This EXECUTES the project's own test command (for example `npm test`, which runs whatever that script defines), so only approve it for a project you trust to run. Your host asks before it runs. A green suite is the strongest grade-A reliability evidence the Obra CTO Score can use. Pass the result numbers to score_build_readiness. | write | true | unknown |
| check_dependencies Query OSV.dev for known vulnerabilities in the project's locked dependencies, using exact versions from package-lock.json. Only package names and versions are sent, never your code. Real, current CVE data. Feed any findings into your security assessment. | read | false | unknown |
| prepare_code_review Select the highest-signal files (security-relevant paths, entry points, large files) and return their contents on this machine, with a review checklist. YOU, the host model, then read them and produce a structured security and architecture assessment, which you pass to score_build_readiness as `qualitative`. This is what upgrades those dimensions from inferred (grade C) to verified (grade A). Files stay local. | read | false | unknown |
| score_build_readiness Produce the Obra CTO Score (0 to 100) with a per-dimension breakdown, evidence grades, and a Top Risks register. Scan runs automatically. If you ran run_tests first, pass its numbers so reliability becomes grade-A evidence. | unknown | unknown | unknown |
02Install & source
npx -y obra-cto
npx- repohttps://github.com/lilycip/obra-cto
- homepagehttps://get-obra.com
- licenseApache-2.0
- adoption0 stars · 0 forks
05Provenance & freshness
sourcesOfficial MCP Registry [p1]
last_checked2026-07-07 09:00Z
next_check2026-07-08 13:30Z
cadenceevery 29h
verifiedtools_list:passed handshake:passed metadata:passed
index_statusindex — 8 unique facts >= 5
06Badge
Add the “as seen on MCPExplorer” badge to your README.
[](https://mcpexplorer.com/servers/com-get-obra-obra-cto)
Next step
This is one server. A loadout combines the right servers, governance, and proven plays for a whole job — assembled deliberately, not tool-dumped.
Explore loadouts →