MCP - Shield is a security tool for scanning MCP server vulnerabilities, which can detect security risks such as tool poisoning attacks, data leakage channels, and cross - domain violations.

Cycode CLI is a locally installed application used to scan code repositories for security vulnerabilities, including sensitive information leakage, Infrastructure as Code misconfigurations, Software Composition Analysis vulnerabilities, and Static Application Security Testing issues. This tool supports multiple scan types, such as repository scanning, path scanning, and commit history scanning, and provides an ignore rule function to exclude specific results.

This project demonstrates MCP poisoning attacks against AI workflows, including verification of multiple attack scenarios such as code generation pollution and financial data leakage, for educational research purposes.

GUARDRAIL is a security framework specifically designed for the large language model (LLM) application ecosystem, providing comprehensive protection especially for the Model Context Protocol (MCP). It uses a multi - layer architecture, including an information gateway layer, a context verification layer, a request control layer, an execution isolation layer, and an audit monitoring layer, aiming to prevent data leakage, unauthorized access, and resource abuse. This framework emphasizes progressive adoption, allowing developers to gradually enhance security while maintaining high performance and ease of use.

The Maccy Clipboard MCP Server is a service tool that exposes Maccy's clipboard history to AI assistants such as Claude. It supports searching, viewing, and managing clipboard content, including image support and data statistics functions. However, be aware of the risk of sensitive data leakage.

This project demonstrates the security risks of using AI agent tools through extendable-agents, especially the potential leakage of sensitive information caused by tool sharing under the MCP protocol, and provides security usage suggestions.

CyberMCP is a network security testing server based on the MCP protocol, focusing on detecting security vulnerabilities in backend APIs and providing various security tools and resources such as authentication testing, injection testing, and data leakage detection.