Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"app-uploadcheck-uploadcheck": {
"args": [
"-y",
"@drantoniou/uploadcheck-mcp"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Thin MCP wrapper over the hosted UploadCheck API. It does not run quality checks locally.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@drantoniou/uploadcheck-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @drantoniou/uploadcheck-mcp against OSV.dev.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in entertainment
MCP Security Weekly
Get CVE alerts and security updates for app.uploadcheck/uploadcheck and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Thin MCP wrapper over the hosted UploadCheck API. It does not run quality checks locally.
Canonical naming:
uploadcheckuploadcheck or uploadcheck-mcpexport UPLOADCHECK_API_BASE_URL="https://api.uploadcheck.app"
export UPLOADCHECK_API_KEY="<workspace_api_key>"
Use /check from Claude Code, Codex, or another slash-command capable workspace to quality check a media asset before upload.
/check ./final-upload.mp4
Small and medium local files can be sent through Render without durable storage by base64-encoding the media and passing one of:
video_base64 with video_content_typeaudio_base64 with audio_content_typemedia_base64 with media_content_type and media_kinddata_urlThe API writes the payload to a temp file, runs the gate, and deletes the temp file after processing. Use signed URLs or future direct object storage for large files.
The agent should call qc_run_local_file for a reachable local export, or qc_run_video when it already has a YouTube URL, signed URL, upload id, or base64 payload. Then poll qc_get_job, fetch qc_get_report, and list timestamped evidence plus source-level issues it can reach.
Use profile when the caller knows the media type but does not need to hand-maintain every gate. Supported values are auto, nto_long_form, generic_creator_video, shorts, audio, npo_podcast_or_audio, and thumbnail. Explicit checks still win when supplied.
For Codex, Claude Code, Cursor, or NTO/NPO production pipelines, call qc_get_pipeline_handoff first when you need the complete production runbook. It gives the launch preflight, recipe, cost-basis, estimate, media-ingress, report, marker CSV, repair-loop, and rerun sequence. Then call qc_get_pipeline_recipes when you need the current default checks and sidecar arguments, and use qc_run_local_file for the selected profile.
For NPO podcast/audio projects, call qc_get_npo_pipeline_handoff or run uploadcheck npo-pipeline-handoff --json when you need the focused audio handoff without the broader NTO recipe bundle. It includes the cost preflight, default checks, transcript/watchlist/locked-script sidecars, inline/signed media-ingress rules, marker CSV handoff, "Fix now?" prompt, and rerun-before-publish-ready rule:
{
"file_path": "/path/to/final-upload.mp4",
"profile": "nto_long_form",
"manifest_path": "/path/to/storybook.json",
"transcript_path": "/path/to/transcript.txt",
"watchlist_path": "/path/to/watchlist.json",
"expected_script_path": "/path/to/locked-script.txt",
"sidecar_dir": "/path/to/_dialogue-chunks",
"plan_id": "creator",
"cost_guardrail": "downgrade"
}
Small files are base64 encoded by the local MCP process and evaluated through Render inline. Larger files use the signed-upload path automatically unless upload_mode: "inline" or upload_mode: "signed" is specified.
Hosted media ingress can be smoke-tested from the repo before handing the MCP to another production pipeline:
UPLOADCHECK_MEDIA_INGRESS_BASE_URL=https://api.uploadcheck.app UPLOADCHECK_API_KEY=<private_bearer> npm run media-ingress:verify
When a project has a storybook, edit decision list, or visual timeline JSON, pass it as manifest_json with checks: "repeat_fatigue". UploadCheck will use it to flag exact visual reuse and source-family dominance even before a final render is reviewed.
When a project has transcript text or a script-sidecar, pass it as transcript_text or transcript_json with checks: "spoken_leaks". UploadCheck will flag spoken URLs, markdown, prompt text, stage directions, vendor/tool names, and known wrong-name substitutions without running ASR.
For customer-specific terms, pass watchlist_json with checks: "pronunciation_watchlist" plus transcript text. Watchlist entrie