Blog
Product Update··2 min read

Scan From the Homepage, Share the Results

You can now scan any MCP server from vigile.dev in under 10 seconds and share a trust card with your team. Here's what we built and why.

We kept hearing the same friction: developers would find Vigile, want to try it, and then have to figure out the CLI before they could see a single result. The homepage said "Scan. Score. Secure." but the fastest path to actually scanning something required opening a terminal.

That felt wrong. So we fixed it.

Scan from the homepage, share the results

The primary CTA on vigile.dev now drops you straight into a quick scan. Paste a GitHub URL, get a trust card back in seconds.

That trust card is shareable — it lives at its own URL, so you can drop it in a PR comment, a Slack channel, or send it to your team lead. Every card includes the Trust Score, detected patterns, and a breakdown of what was found.

If the results make you want to dig deeper, the card links directly into the investigation workflow where you can explore findings pattern by pattern.

Try it yourself

Go scan something right now. Here's what it looks like when you scan the official MCP servers repo:

Trust card for modelcontextprotocol/servers →

The whole loop — homepage to scan to shareable result — takes about 10 seconds.

Why shareable trust cards matter

Security tools are usually solo experiences. You run a scan, you read the output, you decide what to do. But in practice, security decisions are team decisions. A developer finds a risk, but the team lead approves the dependency. A contractor recommends an MCP server, but the security engineer needs to vet it.

Trust cards make that handoff trivial. Instead of copying CLI output into a Slack message, you send a link. The person on the other end sees the same scored, structured result you saw — no Vigile account required.

This is also how we think Vigile grows. Not through ad spend or cold outreach, but through developers sharing scan results with each other because the results are genuinely useful.

What's next

We're focused on making scan results more actionable. Right now Vigile tells you what it found. The next step is telling you exactly what to fix and how — with specific remediation steps for each detected pattern.

We're also watching how people use the quick scan flow to understand where the experience breaks down, so expect the scan surface to get faster and more informative over the next few weeks.

Full implementation details are on GitHub. The scan surface, trust cards, and workflow integration shipped today across the API and web frontend.

Vigile Team

Security research and engineering at Vigile. Building tools to protect developers from malicious AI agent tools.

Browse RegistryScan a SkillView on GitHub

More from Vigile

Security Research

Technical Advisory: Hardening the Phase 4 Acquisition Path

Announcement

Introducing Vigile: Security for the AI Agent Supply Chain