Official MCP server · Open source

Your agent reads the web through one MCP server, and knows when it got blocked.

Convert 46 file types and turn any URL into clean Markdown, JSON, or a screenshot. Every read comes back with a render_quality score, 0.0 to 1.0; a blocked page comes back flagged, with a low score and a warning, so your agent never silently acts on a Cloudflare page. Works in Claude Code, Cursor, Windsurf, Zed, JetBrains, and Continue.

npx @enconvert/mcp setup
  • MCP server + SDK open source, MIT
  • Node 18 or later
  • Free while in beta
POST /v2/perceiveLive · no key needed
Works withand every MCP client
The problem

An LLM is brilliant and blind. And the blindness is silent.

A normal scraper hands your agent a Cloudflare challenge page as if it were the article. The agent believes it, summarizes it, and acts on it. It doesn't throw an error. Nobody notices until a customer does.

a normal scraper
requests.get(url) → 200 OK
<h1>Checking your browser…</h1>
→ the agent trusts it. acts. wrong.
enconvert
perceive(url)
render_quality: 0.12 → flagged
warnings: ["challenge_page"]
→ the agent knows. routes around it.
The honesty layer

Every read comes with a receipt.

render_quality scores how faithfully a page rendered before we read it. Challenge pages, empty SPA shells, partial lazy-loads and interstitials pull it down. It is the line between "my agent might be acting on garbage" and "my agent knows."

  • Scored on every readNot a health check you wire up. Every perceive and convert response carries a render_quality field, 0.0 to 1.0.
  • Flagged below 0.40A blocked or login-walled page still comes back in full, but with a low score and a warnings array naming what we detected. Your agent gets the content and the truth about it, so a challenge page is never mistaken for the real thing.
  • Nobody else does thisNot the scraping APIs, not the conversion APIs, not the five vendors you would wire together. The score is the thing you cannot get anywhere else.
the render_quality gate
0.93honest read → returned
0.40 threshold
0.12blocked → returned, flagged
{
  "render_quality": 0.12,
  "status": "blocked",
  "warnings": ["challenge_page"],
  "markdown": "…"   // full output, flagged
}
Benchmark

We measured the silent failure.

The same set of hostile pages, read two ways. A naive fetch hands back a block page as if it were content, and never says so. Enconvert renders the real page where the naive fetch failed, and flags the few it can’t. The harness and the URL list are public, so you can run it yourself.

50

Real URLs tested: bot-gated, paywalled, JS-heavy

52%

A naive fetch silently returned a block page as "content"

65%

Of those, Enconvert rendered the real page instead (recovered)

100%

Of pages it still couldn’t render, Enconvert flagged them, silently passing none

Run the benchmark yourself →

Proof, not promises

Watch it catch a page that lies.

An unedited screen recording: the founder runs the MCP inside a real agent, on a clean page and on a page that fights back. About 40 seconds.

  1. Your agent's scraper can't tell when it got blocked. Watch mine, live.
  2. One command: claude mcp add enconvert, paste a key. Done.
  3. Point it at a clean page: render_quality 0.96, clean Markdown comes back.
  4. Now a Cloudflare-walled page: render_quality 0.12, block flagged right in the response.
  5. Real product, a real page fighting back, a real honest score. Nothing staged.
Available now

The eyes are real today.

Everything that lets your agent read the outside world, files and the web, is live. Seven tools, one API key, one honest score on every read.

7 tools · all live
  • convertOpen 46 file types in one request.PDF · DOCX · HEIC · CSV · URLLive
  • perceiveAny URL into clean Markdown, JSON, or a screenshot. Every read scored.URL → MD · PNG · JSONLive
  • discoverMap every URL on a site without rendering a page.SITE → URL MAPLive
  • lookupSearch the live web from inside the conversation.QUERY → RESULTSLive
  • distillPass a schema, get structured data back from any page.SCHEMA → JSONLive
  • ingestCrawl a whole site into RAG-ready chunks in one call.SITE → CHUNKSLive
  • watchGet a webhook the moment a page you track changes.PAGE → DIFFLive
Roadmap · 2026

Hands are coming. We won't pretend they're here.

Real browser control is in active development for 2026, not yet callable. Founding users get hands first. We tell you exactly what is shipped and what is not, the same honesty we give every read.

pilotIn development
Drive a real browser: open a page, click, type, submit.TASK → ACTIONS
conductIn development
Run a multi-step job across several pages, end to end.GOAL → STEPS
sandboxIn development
Give the agent its own throwaway browser session.ISOLATED SESSION
Why trust us

You're about to depend on us. Here's why that's safe.

No logos to show yet. Instead, the things logos are a proxy for: an auditable, forkable integration layer, a real security posture, and a founder you can email.

Ship log
npm published: pendinglast commit: pending

Recent releases will appear here.

Open source, can't be orphaned

The MCP server and the Node SDK it wraps are MIT-licensed and public. Read them, fork them, self-host them. The conversion engine behind them is proprietary and stays ours, but your agent's I/O layer is auditable and can never be taken away.

Screened before we touch it

Every URL is SSRF-screened before we fetch it: no private or link-local IPs, no metadata endpoints, no internal networks. Browser contexts are sandboxed with permissions disabled, and every operation is timeout-bounded.

Verifiable install

The install reads your API key (from ENCONVERT_API_KEY or ~/.enconvert/config.json, chmod 600) and edits only the AI-client configs you pick. Each is backed up first, and your key is never copied into them. At runtime it calls the Enconvert API plus any file or URL you hand it. Redacted usage analytics (tool name, timing, a hashed key id — never your raw key; URLs, file paths, and emails are scrubbed) go to PostHog; set DO_NOT_TRACK=1 to turn them off.

signed provenance on the wayin the MCP Registry ↗
We ship in the open

A public status page tells you the truth about uptime the same way render_quality tells you the truth about a read. The changelog is on the way.

I got tired of gluing five vendors together every time an agent needed to read a file or a web page, then babysitting the scripts that held it up. The agent could reason. It just could not see. Worse, it could not tell when what it saw was a Cloudflare page instead of the real one. So I built one server that gives it honest eyes: it reads anything, and it scores every read. I answer email personally.

Why switch

Replaces the stack you're duct-taping.

Giving an agent eyes today means stitching four or five vendors together and babysitting the seams. Now it is one dependency, with a score none of them give you.

Today
  • Firecrawlto scrape pages into markdown
  • CloudConvertto convert the files
  • Browserbaseto a headless-browser fleet
  • an LLM-extract stepto pull out structured data
  • cron + glue scriptsto keep it all alive
With Enconvert
  • One MCP server
  • One API key
  • One bill

One bill, no second AI-extraction subscription, and a render_quality score on every read.

Browser control (the Browserbase piece) is on the 2026 roadmap, not counted in "today".

Why MCP

Skip the glue code.

Same conversion engine as the REST API. None of the integration work.

Wrapping the REST API yourself

Your code owns all of this, forever:

  • HTTP plumbing and multipart uploads
  • Schema validation on every input
  • Polling long-running jobs
  • Retry and backoff logic
  • Parsing presigned URLs out of responses
  • Your own "did this page actually render?" check

Registering the MCP server

One entry in your client config:

claude mcp add
npx @enconvert/mcp setup

The agent runtime owns polling, retries, auth, and output handling. Cursor, Windsurf, Zed, and JetBrains use the same JSON shape; the README has each one.

A raw fetch hands your agent bytes and a 200. Enconvert hands it clean Markdown, JSON, and a render_quality score, so the agent can reason about whether to trust what it just read. That honesty gate is the exact thing you would otherwise build and maintain yourself.

MCP server questions

Yes, and you can verify it rather than trust it. The MCP server (@enconvert/mcp) and the Node SDK it wraps are open source under the MIT license, so you can read exactly what runs. Every release ships with signed npm provenance and is listed in the official MCP Registry, so you can prove the package on npm was built from the public repo by CI. Setup touches nothing beyond the client configs you select (backed up first) and ~/.enconvert/config.json, where your key is stored once with 600 permissions instead of being copied into every client config. At runtime it talks to the Enconvert API and any URL you explicitly ask it to read, and sends redacted usage analytics to PostHog — never your key, URLs, or file paths; set DO_NOT_TRACK=1 to turn them off.
You get the truth alongside the output, not garbage in disguise. Every read returns a render_quality score from 0.0 to 1.0. A blocked or login-walled page still comes back in full, but with a low score and a warnings array naming what we detected (a challenge page, a login wall). So your agent can see the read is bad and route around it, instead of silently acting on a Cloudflare page and calling it content. Wire one check on scores below 0.40 and silent failure is off your list.
The MCP server and the Node SDK it wraps are MIT-licensed and public on GitHub, so you can audit, fork, or self-host the integration layer. The core conversion and rendering engine is proprietary and stays closed. So your agent's I/O layer is auditable and can't be orphaned, even though the engine behind it is ours.
Anything that speaks MCP. Tested with Claude Code, Claude Desktop, Cursor, Windsurf, Zed, JetBrains AI Assistant, and Continue. New MCP clients work on day one without server changes.
One command: npx @enconvert/mcp setup. The wizard detects your AI tools (Claude Code, Cursor, Windsurf, Claude Desktop, VS Code, Zed, and more), asks for your API key once with hidden input, validates it live, and writes every config for you, including the Windows-specific wrapper. Manage it the same way: status, rotate-key, and remove subcommands. Needs Node.js 18+, no Docker, no daemon.
Yes. The server needs an API key so the agent runs against your quota. A free account includes a monthly allowance while in beta, no credit card.
Not yet. The hands tools (pilot, conduct, sandbox) are in active development for 2026, not yet callable. Everything the eyes do, reading files and reading the web across all seven tools, is live today. We never present an unshipped tool as available.
Same engine, none of the glue. The REST API leaves HTTP plumbing, schema validation, job polling, presigned-URL parsing, and your own "did this page really render?" check to your code. The MCP server moves all of that into the agent runtime, and hands the model a render_quality score REST would make you compute yourself.
The endpoints are live and hardened: every URL is SSRF-screened, browser contexts are sandboxed, and every operation is timeout-bounded. There is a public status page, and the MIT-licensed server means you can self-host if you ever need to. We ship in the open and report honestly when things break, the same honesty we give every read.
The server is free and open source; usage consumes your Enconvert plan. Free while in beta, then $29 / $99 / $299 a month. One bill, no second AI-extraction subscription.

Your agent is one install from seeing everything.

npx @enconvert/mcp setup

Free for a limited time. $29/mo when you scale. One bill, no surprises.