MCP server.
aislop ships as an MCP server. Add one block to your agent's config and the model can call aislop_scan / aislop_fix / aislop_why / aislop_baseline directly — every project, every session, no per-repo install.
The aislop-mcp binary ships in the same npm package as the CLI. Wire it into your agent's MCP config once and the agent can self-check on every turn — no terminal command, no per-repo install. Stays local: stdio transport, your code never leaves the machine.
MCP vs hooks vs handoff
Three integration shapes. They stack — pick the ones that match how your team works.
additionalContext. Hook docs.aislop fix --<agent> opens the agent with all remaining diagnostics as a prompt. Handoff docs.MCP is pull (agent-initiated); hooks are push (always-on). Use both — MCP gives the agent agency to scan when it suspects a regression; hooks guarantee a scan even when the agent doesn't think to ask.
Install
Add the aislop entry to your agent's MCP config and restart the agent. First call downloads the package via npx (~3s cold, instant after).
Claude Desktop
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"aislop": {
"command": "npx",
"args": ["-y", "aislop-mcp"]
}
}
} Cursor
~/.cursor/mcp.json (or per-project .cursor/mcp.json)
{
"mcpServers": {
"aislop": {
"command": "npx",
"args": ["-y", "aislop-mcp"]
}
}
} Claude Code
~/.claude/mcp.json for global, .mcp.json in repo root for project-scoped.
{
"mcpServers": {
"aislop": {
"command": "npx",
"args": ["-y", "aislop-mcp"]
}
}
} Codex CLI (TOML)
~/.codex/config.toml
[mcp_servers.aislop] command = "npx" args = ["-y", "aislop-mcp"]
Pinned version: replace aislop-mcp with aislop-mcp@0.9.4. Pre-installed locally: pnpm add -D aislop, then point command at ./node_modules/.bin/aislop-mcp.
Tools
Four tools the agent can call. All run locally; the server reads your project files via the same engines as the CLI.
aislop_scan read-only Run the engines on the project, return score + counts + top findings. Use before claiming work is done.
{ path?: string }{ score, counts, findings[≤25], languages, frameworks, fileCount }aislop_fix writes files Apply mechanical fixes (formatting, unused imports, narrative comments, duplicate imports). Runs a fresh scan before and after, so the response carries the score delta.
{ path?: string, force?: boolean }{ ok, fixed, scoreBefore, scoreAfter, delta, remaining, counts, findings, elided }force: true runs aislop fix --force: writes package.json overrides and may delete unused files. Off by default.
aislop_why read-only Look up an aislop rule. Returns the engine + a deep-link into the /patterns reference for full bad/good examples.
{ rule_id: string }{ id, engine, docs, hint }aislop_baseline read-only Read the project's baseline (the score the per-edit hook compares against). Useful when deciding whether to set up regression tracking.
{ path?: string }{ exists, score?, lastScanAt?, fileCount?, hint? }How it works
- The agent host (Claude Desktop, Cursor, Codex) reads your
mcp.jsonon startup. - It spawns
npx -y aislop-mcpas a child process, piped over stdin/stdout. - The agent sends JSON-RPC messages:
initialize,tools/list,tools/call. - aislop-mcp answers from the same engines as the CLI:
aislop_scanruns in-process;aislop_fixspawnsaislop fixfor the actual mutations. - When the agent process exits, aislop-mcp exits too. Nothing persists outside
.aislop/.
Transport is stdio only — there is no network listener, no auth, no remote endpoint. Your code never leaves the machine. (A hosted variant is on the roadmap as a separate transport for the scanaislop.com hosted product; not in this release.)
Discovery surfaces
The MCP server itself is local stdio, not a hosted JSON-RPC endpoint. The website still exposes machine-readable discovery so agents can find the right docs, skill, and metadata without scraping the UI.
Curated index of the core docs, product pages, research pages, and install commands.
Linkset JSON for the site, API docs, terms, privacy policy, feed, sitemap, and agent resources.
A discoverable skill that tells coding agents how to run aislop before they hand work back.
Responsible-disclosure routes for vulnerability reports in the open-source CLI and hosted surfaces.
Verifying the install
After restarting your agent, ask it:
Use aislop_scan to score this project, then explain the top 3 findings.
The agent should respond with a score (0–100), counts of errors / warnings / fixable, and a summary of the top findings. If it doesn't see aislop_scan as a tool, the most common cause is the agent host wasn't restarted after editing the MCP config.
Recommended workflow
MCP plus the per-edit hook is the strongest combination. Each plays a distinct role:
Hook fires after every Edit/Write. The agent sees regressions in aislop.hook.v2 envelope and self-corrects.
The model calls aislop_scan via MCP to get the full project picture, not just the touched file.
Agent calls aislop_fix to clear what's mechanically fixable. Saves tokens — no need to ask the model to format imports or remove dead comments.
Troubleshooting
- Tool not visible after install: restart the agent host. Most agents only read
mcp.jsonat startup. npxhangs on first call: first run downloads the package (~3s). If your network is slow, pre-install withpnpm add -D aislopand point the config at./node_modules/.bin/aislop-mcp.- Tool returns an error: the response includes
isError: trueand a JSON body with the message. The most common cause is callingaislop_baselineon a project that hasn't runaislop hook baselineyet — the response then says{ exists: false, hint }. - Want stdout/stderr from the spawned
aislop fix: not exposed yet. Callaislop fixin your terminal directly when you need the raw output.
Related
- Agent hooks — per-edit forced scan, complementary to MCP
- Agent handoff —
aislop fix --<agent>for one-shot fix prompts - AI Slop patterns — the rule catalogue
aislop_whydeep-links into - Commands reference — same engines as the MCP tools, called from the terminal