The tool I was actually building

I've been building mcp-tollbooth, a small CLI that scans your local MCP config (Claude Desktop, Claude Code, Cursor, VS Code) and answers a boring but real question: how many tokens are your MCP servers silently costing you before your agent does anything useful?

A handful of servers can eat 50,000+ tokens of context budget before you've typed a single message, and most people have no idea which of their installed servers are the expensive ones — or that they've installed the same capability twice under two different names.

That's it. That's the pitch. Not a security scanner — there's already tooling for that. Just the token-budget problem, clearly labeled as an estimate, not a measurement.

While building the "known package" lookup table, though, I ran into something I wasn't looking for.