Documentation → Platform
How to run MCTS from the CLI, in CI, or via HTTP API.
New user? Complete Getting started first — you do not need every flag on day one.
| Command | Purpose |
|---|---|
mcts scan |
Security scan (default workflow) |
mcts report |
JSON → HTML dashboard |
mcts inventory |
List / scan local MCP configs |
mcts doctor |
Preflight before first scan |
Everything else (vet, pentest, fuzz, mcts-mcp, serve) is optional — see CLI reference.
| Page | Read when… |
|---|---|
| CLI Reference | You need a specific flag or subcommand |
| CI Integration | You are wiring MCTS into a pipeline |
| REST API | You need HTTP endpoints instead of the CLI |
# Daily development
mcts scan ./server.py
# CI gate (legacy)
mcts scan ./server.py --fail-on-critical --min-score 70 -o report.sarif --format sarif
# CI gate (v2 — scoring is both by default)
mcts scan ./server.py --max-absolute-risk 500 --max-risk-level high -o report.sarif --format sarif
# Share with stakeholders
mcts scan ./server.py -o report.json && mcts report report.json -o report.htmlCLI roadmap and GAP tracking: Planned CLI (not needed for normal use).