MCP Server
Use rust-doctor as an MCP server with Claude Code, Cursor, VS Code, and other AI tools.
What is MCP?
MCP (Model Context Protocol) is a standard for connecting AI assistants to external tools. rust-doctor includes a built-in MCP server that lets AI assistants scan your code, explain rules, and suggest fixes.
Setup
Automatic setup (recommended)
The fastest way to configure the MCP server for any supported agent:
rust-doctor setupThe wizard auto-detects installed agents (Claude Code, Cursor, Windsurf), lets you pick which ones to configure, and writes the correct config file automatically.
Claude Code
claude mcp add --transport stdio -s user rust-doctor -- npx -y rust-doctor --mcpCursor
Add to .cursor/mcp.json:
{
"mcpServers": {
"rust-doctor": {
"command": "npx",
"args": ["-y", "rust-doctor", "--mcp"]
}
}
}Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"rust-doctor": {
"command": "npx",
"args": ["-y", "rust-doctor", "--mcp"]
}
}
}VS Code
Add to .vscode/settings.json:
{
"mcp": {
"servers": {
"rust-doctor": {
"type": "stdio",
"command": "npx",
"args": ["-y", "rust-doctor", "--mcp"]
}
}
}
}Available tools
The MCP server exposes 4 read-only tools:
| Tool | Description |
|---|---|
scan | Scan a project directory — returns diagnostics + score |
score | Quick pass/fail — returns only the health score |
explain_rule | Explain any rule by name with examples and fix guidance |
list_rules | List all available checks with categories and severities |
Prompts
The MCP server includes structured workflow prompts that guide AI assistants through complex tasks:
deep-audit
Comprehensive 6-phase expert audit that goes far beyond linting:
- Discovery — Explores codebase architecture, dependencies, patterns
- Static Analysis — Runs rust-doctor scan with full diagnostics
- Deep Code Review — Manual review against a 50+ item expert checklist (error handling, ownership, type design, async correctness, security hardening, dependency health)
- Best Practices Research — Searches the web for current Rust best practices relevant to the issues found
- Synthesis Report — Cross-references all findings into a structured report with before/after code
- Decision — Offers three choices: implement all fixes, generate a PRD, or manual prompt
health-check
Quick 4-phase workflow: scan → prioritized remediation plan (P0–P3) → confirmation → fix.
Security
The MCP server applies these security constraints:
- Read-only — never modifies source files
- Path restriction — scanned directory must be under
$HOME - Timeout — 5-minute maximum per scan
- Offline mode — network-dependent checks are disabled by default
- No project config — ignores
rust-doctor.tomlto prevent config injection from untrusted projects - Path sanitization — absolute paths are stripped from error messages