squirrelscan for Codex
Audit a site's SEO, performance, and security from a Codex CLI session, or connect the MCP server directly for native tools.
Codex CLI runs shell commands as part of its normal workflow, so pointing it at squirrelscan takes about as long as installing the CLI. Tell it to audit a URL and it drives the command itself, reads the output, and starts proposing fixes.
If you want Codex to reach for audits, reports, and the issue tracker as first-class tools instead of parsed terminal text, connect the hosted squirrelscan MCP server. It's two commands: one to add the server, one to sign in.
Setup
- 1
Install the squirrelscan CLI
Local audits are free and run wherever your Codex session has shell access.
bashcurl -fsSL https://install.squirrelscan.com | sh - 2
Ask Codex to audit a site
In a Codex CLI session, describe the task in plain language. It runs the CLI and summarizes the results.
textRun squirrel audit https://example.com --format llm and tell me the top 3 issues to fix first - 3
Connect the hosted MCP server
codex mcp add registers the server, codex mcp login runs the browser OAuth flow. The token is stored encrypted, not in config.toml.
bashcodex mcp add squirrelscan --url https://mcp.squirrelscan.com/mcp codex mcp login squirrelscan - 4
Or use an API key for headless runs
For CI or a machine without a browser, skip OAuth and point Codex at an environment variable holding a squirrelscan API key.
bashcodex mcp add squirrelscan --url https://mcp.squirrelscan.com/mcp \ --bearer-token-env-var SQUIRRELSCAN_API_KEY
Frequently asked questions
- Does Codex CLI support MCP servers?
- Yes. codex mcp add writes an entry to ~/.codex/config.toml, and codex mcp login runs a PKCE browser flow that stores the token encrypted rather than in the config file.
- Can I scope squirrelscan to one project instead of every Codex session?
- codex mcp add and login only touch the global config.toml. To scope it to a single project, hand-write the same [mcp_servers.squirrelscan] block into that project's .codex/config.toml, which Codex honors once the project is trusted.
- Is auditing through Codex free?
- Local CLI audits are free. The hosted MCP server's cloud audits spend pay-as-you-go credits, and run_audit returns a cost estimate for Codex to show you before it starts anything.
- What's the difference between piping CLI output and using MCP?
- Piping squirrel report --format llm into a Codex prompt works with zero setup and is fine for one-off audits. MCP gives Codex native tools, run_audit, get_report, list_issues, so it can poll a running audit, work the issue tracker, and browse the rule catalog without you shelling out each time.
Get started
Follow the docs quickstart, or see what a finished audit looks like.