MCP · CURSOR

Cursor QA testing: give Cursor a QA engineer via MCP

Add one MCP server and Cursor can test any URL. The agent loop drives a real browser; plain code grades the evidence into a verdict. Free audit, no card.

Free audit — no signup, no card. The same run Cursor triggers through MCP.

We pointed this audit at 49 Show HN launches: 78% had a critical bug on day one.

cursor — agent
you ▸ run a QA audit on https://myapp.com
cursor ▸ calling tool prufa_run_audit { url: "https://myapp.com" }
↳ real browser · public pages · evidence captured
✓ VERIFIED critical tracking.none_detected · / · 10:14:22Z
✓ VERIFIED warning security.missing_csp · headers
· ADVISORY opinion hero CTA placement (not counted)
report https://prufa.dev/r/k7m2qx · Measured F · Works A
In Cursor's chat the agent calls prufa_run_audit and reads back an evidence-gated verdict — verified findings counted, the advisory note labeled and excluded.

Can Cursor actually QA-test my site?

Cursor will happily write you a Playwright test, but that leaves you owning a suite you have to author, fix, and re-run. What you actually want after the agent ships a change is simpler: point it at the running site and ask "is this broken?" Out of the box Cursor has no eyes on your live app — it can't open the page, watch the network, or tell you the signup button does nothing. (If you built the app with Cursor in the first place, here's how to test a vibe-coded app.)

Prufa ships an MCP server that gives Cursor exactly that tool. You add it to Cursor's mcp.json once. Then you ask the agent to test a URL and it calls prufa_run_audit: a managed agent loop opens a real browser, navigates the public pages, and records everything over CDP — every analytics beacon, console error, cookie, and response code, plus a DOM snapshot. Then deterministic code grades the captured evidence against declarative specs. The LLM navigates; it never decides whether a link is broken or a beacon is correct — captured traffic is asserted against a spec, so the same input gives the same verdict. That's why an agent-triggered result is trustworthy enough to act on. Prefer to drive it from your own code instead of the Cursor agent? The same audit runs over the HTTP API. See how Prufa verifies a flow without letting the model grade the result.

How do I add a QA MCP server to Cursor?

Three steps: install and register the server, restart Cursor, then ask the agent to test a URL. Evidence — not the model — keeps the score.

  1. Install it, then add the server to mcp.json

    Run pip install prufa-mcp, then drop the stdio config below into ~/.cursor/mcp.json (global) or .cursor/mcp.json (project root), or use Settings > Tools & MCP > New MCP Server. The free audit needs no key — PRUFA_API_TOKEN is optional; the paid, card-first part is persistent monitors and saved flows.

  2. Quit and reopen Cursor

    MCP servers load only at startup, so a full restart is required — closing the window is not enough. After reopening, prufa appears in Tools & MCP with prufa_run_audit and prufa_get_report available to the agent.

  3. Ask Cursor to test a URL — evidence keeps the score

    Say 'Run a QA audit on https://myapp.com.' The agent calls prufa_run_audit and reads back the report: six sections graded A–F. Counts and grades come from VERIFIED findings only; ADVISORY observations are labeled and excluded. There is no composite 0–100 score — we don't fake precision.

The Cursor mcp.json config for Prufa

Real and copy-pasteable. Install first with pip install prufa-mcp, then add this stdio entry. The env / API-key line is optional — the free audit needs none.

~/.cursor/mcp.json
{
  "mcpServers": {
    "prufa": {
      "command": "prufa-mcp",
      "env": { "PRUFA_API_TOKEN": "prk_..." }
    }
  }
}
Official Cursor MCP docs
  • Install it first. pip install prufa-mcp — the config points command at the installed prufa-mcp console script (stdio).
  • No key needed for the free audit. The env block is optional. prufa_run_audit and prufa_get_report run anonymously — no card, no PRUFA_API_TOKEN. Set a key only for persistent monitors and saved flows (paid, card-first); it's a workspace bearer token — an agent can self-provision a free, no-card trial one via prufa_setup_workspace (it just needs the human's email), or a human can mint one in the dashboard for a persistent workspace.
  • Where it lives. ~/.cursor/mcp.json applies to every project; a project-root .cursor/mcp.json wins on a name collision — handy for committing a shared setup, but a stale project entry can shadow your global one.
  • Restart, don't reload. Cursor reads MCP config only at startup. After editing mcp.json, fully quit and reopen Cursor, then check Settings > Tools & MCP for a green prufa.
  • Keep secrets in env, not args. Args can leak into logs and transcripts; the env block doesn't.
  • Remote/HTTP isn't live yet. prufa-mcp runs locally over stdio today. A hosted url-based endpoint is planned, not yet available — use the stdio config above, not an npx/uvx form the live docs don't list.

What Cursor reads back from prufa_run_audit

Verified and advisory findings ship in separate tiers, never interleaved. Counts and grades come from the verified tier only; advisory is a labeled opinion that counts toward nothing.

app.prufa.dev/r/k7m2qx
✗ critical ✓ verified No analytics events detected on any page
tracking.none_detected · / · 2026-07-01T10:14:22Z

Your product is shipping blind — no events fired across the public pages.

✗ critical ✓ verified Canonical points to a different host
seo.canonical_host_mismatch · /pricing · 2026-07-01T10:14:31Z

Search engines are told the real page lives somewhere else.

! warning ✓ verified No Content-Security-Policy header set
security.missing_csp · headers · 2026-07-01T10:14:25Z

Nothing constrains which scripts the page may load — XSS has no backstop.

opinion Hero copy may bury the primary CTA

A judgment call, not a verified fact — excluded from every count and grade.

Honest answers to the obvious objections

Where this is and isn't the right tool — including where the alternative wins.

Isn't this the same as asking Cursor to write me a Playwright test?

No. Cursor writing Playwright leaves you owning the suite — selectors to fix, fixtures to maintain, a CI job to babysit. Prufa is zero test authoring: you give it a URL and it returns broken links, dead analytics, console errors, consent state and layout breakage from a real browser run. The two are complementary — keep Playwright for the assertions you care about long-term; use the MCP server for a fast, maintenance-free "does this page work?" Where Playwright wins: precise, durable assertions on flows you control end-to-end.

Can I trust a verdict that involves an LLM enough to act on it?

The agent loop only navigates and drives the browser. Grades and severity counts are computed by deterministic code from captured evidence — the LLM never judges whether a finding is real, so the verdict is reproducible (regression-tested against a golden fixture site). LLM-judged observations ship as a separate, labeled ADVISORY tier and count toward nothing. More: agentic testing vs scripted testing.

What does it not do from Cursor yet?

Honest limits: the free audit walks public pages, not authenticated flows — saved flows and monitors are paid-tier and need a card-first workspace. Prufa does not scan for exposed secrets. The hosted remote MCP endpoint isn't live yet, so you run the stdio server locally. And the evidence-gated AI-VERIFIED path currently lives in the Gremlin chaos modality, not the standard audit — in a standard audit the lone LLM check stays advisory.

Frequently asked questions

The questions developers ask before they wire a QA MCP server into Cursor.

How do I add a QA MCP server to Cursor?

Run pip install prufa-mcp, then edit ~/.cursor/mcp.json (global, all projects) or .cursor/mcp.json (project root), or use Settings > Tools & MCP > New MCP Server. Add a stdio entry whose command is prufa-mcp, then fully quit and reopen Cursor — MCP servers load only at startup, so a reload or even closing the window is not enough. If Cursor still doesn't list the tools, check scope: a project .cursor/mcp.json wins over the global ~/.cursor/mcp.json on a name collision, so a stale project entry can shadow your global one. Cursor's agent can then call prufa_run_audit on any URL. The free audit needs no API key and no card.

What's the difference between Cursor's built-in testing and a QA MCP server?

Cursor writes and runs code, including Playwright tests you author and maintain. A QA MCP server is different: you point Prufa at a live URL and it drives a real browser through the page, captures network traffic, console errors, cookies and response codes, then grades the captured evidence. No test file to write. The agent loop navigates; deterministic code produces the verdict, so the same input gives the same result.

Is there a free QA MCP server for Cursor?

Yes. prufa-mcp is open source (Apache-2.0) and the audit tools — prufa_run_audit and prufa_get_report — run anonymously: no signup, no card, no API key. You add the stdio server to mcp.json and ask Cursor to test a URL. A PRUFA_API_TOKEN is optional and is not paid-only: a free, no-card agent-temp workspace also mints one for the setup-tier flow tools (7-day, setup-only). What's paid and card-first is persistent state — monitors and saved flows that outlive a session, plus run history.

Can Cursor's agent run a full website QA test through MCP?

Yes, within the free audit's scope. Ask Cursor to test a URL and it calls prufa_run_audit; a real browser loads the public pages and Prufa returns a graded report across six sections (Works, Fast, Found, Measured, Accessible, Compliant). The free audit walks public pages, not logged-in flows — monitoring and persistent saved flows are paid-tier and need a card-first workspace.

Give Cursor a QA tool and test your first URL

Try the free website audit from the browser first — the same run Cursor triggers through MCP, no card. Then paste the mcp.json config above, restart Cursor, and ask it to test your site. Saved flows and monitoring start on the paid tiers; see pricing.

or see pricing →