MCP server
Use OverlayRiskWitness in Claude, Cursor, or any MCP client
OverlayRiskWitness ships a Model Context Protocol server, so an AI agent can run a vendor-independent before/after overlay scan and read the finding summary without leaving your editor or chat. Two ways to connect: the hosted HTTP endpoint, or the npm stdio server.
OverlayRiskWitness is live as an MCP server at https://overlayrisk.com/mcp and via npx -y @overlayrisk/mcp. Give it one public page URL, run that page with the overlay active and then blocked, and keep the timestamped before/after finding summary tied to that same route. If a score or statement says the page is fine, this is the step that checks what actually changed on the page. Evidence documentation, not legal advice.
Hosted endpoint (Streamable HTTP)
Point any MCP client that speaks Streamable HTTP at the hosted endpoint. It is a stateless transport, guarded the same way as the public witness API, and JSON-RPC batch requests are rejected — send one request at a time.
curl -s https://overlayrisk.com/mcp \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'npm stdio server
Prefer a local process? The same server runs over stdio via npm, which is what Claude Desktop launches for you. No install step required — npx fetches and runs it on demand.
{
"mcpServers": {
"overlayrisk-witness": {
"command": "npx",
"args": ["-y", "@overlayrisk/mcp"]
}
}
}Cursor
In Cursor, add the hosted endpoint to your MCP settings (Settings → MCP → Add new server), or drop this into your .cursor/mcp.json:
{
"mcpServers": {
"overlayrisk-witness": {
"url": "https://overlayrisk.com/mcp"
}
}
}Tools the server exposes
witness_pageRuns the free one-page witness for a public URL — loads the page with the overlay on, then off, runs axe-core both times, and returns the before/after finding summary. Same contract as POST /api/witness.
url (string) — the public page to witness
The MCP tool runs the free, no-signup witness — one page, one before/after finding. Full multi-page Risk Packets, Drift Monitor, and Agency Watch are purchased in the dashboard.
Where it's listed
- Official MCP registry
- Listed as overlayrisk-witness for discovery by MCP-aware clients.
- Glama
- Indexed on the Glama MCP directory.
- Smithery
- Publication pending; the hosted endpoint is already live and usable directly.
- Source
- github.com/mertcanvural/overlayrisk
Not using an agent? You can run the same witness from the web app — one page free, no signup. Results from the MCP tool are evidence documentation, not legal advice.