WatchTower
Cost tracking + security scanning for AI builders
Watchtower MCP
Cost tracking + security scanning for AI builders. An MCP server for Claude Code.
Watchtower runs alongside your AI coding agent and gives you visibility into what you're spending and whether your deployed apps are secure.
Install
npm install -g watchtower-mcp
Add to your Claude Code MCP config (~/.claude/settings.json):
{
"mcpServers": {
"watchtower": {
"command": "watchtower-mcp"
}
}
}
Restart Claude Code. You now have 8 new tools available.
Tools
Cost Tracking
| Tool | What it does |
|---|---|
watchtower_log_usage | Log token usage from an API call to track costs |
watchtower_spend | View spending summary (today / week / month) with model breakdown |
watchtower_budget | Set daily/weekly/monthly budget alerts |
Security Scanning
| Tool | What it does |
|---|---|
watchtower_scan_headers | Scan a deployed URL for missing security headers (CSP, HSTS, etc.) |
watchtower_scan_secrets | Scan source code for hardcoded API keys and tokens |
watchtower_scan_supabase | Audit Supabase tables for missing Row Level Security policies |
Dashboard
| Tool | What it does |
|---|---|
watchtower_status | Quick overview of spending + recent security findings |
watchtower_scan_history | View history of past security scan results |
Usage
Once installed, just ask Claude:
"What's my API spend this week?"
"Scan my project for hardcoded secrets"
"Check the security headers on https://myapp.vercel.app"
"Set a $5 daily budget alert"
"Audit my Supabase database for missing RLS policies"
How It Works
- Cost tracking: Logs token usage to a local SQLite database at
~/.watchtower/watchtower.db. Calculates costs using current Anthropic pricing. Supports budget alerts. - Security scanning: Runs checks against your live URLs, source code, and databases. Findings are persisted locally so you can track them over time.
- No external services: Everything runs locally. No data leaves your machine.
Supported Models
Claude Opus 4.6, Sonnet 4.6, Haiku 4.5, and Sonnet 3.5. Unknown models fall back to Sonnet pricing.
Requirements
- Node.js 18+
- Claude Code (or any MCP-compatible client)
psql(optional, for Supabase RLS scanning)
License
MIT
เซิร์ฟเวอร์ที่เกี่ยวข้อง
Scout Monitoring MCP
ผู้สนับสนุนPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
ผู้สนับสนุนAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Cisco NSO MCP Server
An MCP server for Cisco NSO that exposes its data and operations as MCP primitives.
MiniMax MCP
Interact with MiniMax's powerful APIs for text-to-speech, voice cloning, and video/image generation.
MCP Server Template
A template for creating MCP servers using Python.
oyemi-mcp
MCP server for the Oyemi semantic lexicon. Provides deterministic word-to-code mapping and valence/sentiment analysis for AI agents like Claude, ChatGPT, and Gemini.
ClipToWSL
Enables AI coding agents to read Windows clipboard contents, including text and images, from within the Windows Subsystem for Linux (WSL).
EVE Online ESI MCP Server
An MCP server for interacting with the EVE Online ESI (EVE Swagger Interface) API.
Web3 Assistant MCP
A secure, multi-chain toolkit for interacting with blockchain smart contracts.
Sentry
Interact with the Sentry API to monitor application errors and performance.
Kirha MCP Gateway
An MCP server that provides seamless access to Kirha AI tools.
ClawGuard Shield
Security scanner for AI agents — detects prompt injection attacks with 245 patterns across 15 languages in under 10ms