A single tool call that walks your Next.js project tree and returns a compact overview covering routes, API endpoints, database schema, and security issues. It detects App Router structure, flags dynamic routes and client components, checks for auth and validation on API routes using patterns like next-auth and Zod, parses Prisma or Drizzle schemas to map relations, and scans for hardcoded secrets or missing rate limits. The output is a formatted tree with counts and flags, saving you from manual file exploration when onboarding to a codebase or auditing before deployment. Takes an absolute path and optional focus parameter to drill into routes, API, schema, or security specifically.
claude mcp add --transport stdio berkayderin-nextscan -- npx -y @berkayderin/nextscan