Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Elytra Security Server

FreeNot checked

Enables AI coding agents to scan smart contracts and code for vulnerabilities, check against 12 famous-hack patterns, and return public security receipts direct

GitHubEmbed

About

Enables AI coding agents to scan smart contracts and code for vulnerabilities, check against 12 famous-hack patterns, and return public security receipts directly in the IDE.

README

Elytra Security as a Model Context Protocol server. Give your AI coding agent (Claude Desktop, Cursor, Cline, Zed) the ability to scan smart contracts and code, check 12 famous-hack patterns, and return public Elytra security receipts — without leaving the IDE.

173 detection rules. ERC-8004 verified agent. x402 pay-per-call in USDC on Base + Solana.

Install

Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "elytra": {
      "command": "npx",
      "args": ["-y", "@elytrasec/mcp@latest"]
    }
  }
}

Restart Claude Desktop. The 4 Elytra tools appear in the MCP indicator.

Cursor

Settings → MCP → Add server:

{ "command": "npx", "args": ["-y", "@elytrasec/mcp@latest"] }

Cline / Continue / any MCP-compatible client

Same one-liner — install as a stdio server with the npx command above.

Tools

Tool What it does
elytra_scan Scan a code snippet for security vulnerabilities
elytra_scan_address Scan a deployed contract by 0x address (Ethereum / Base / Arbitrum / Optimism / Polygon)
elytra_replay_hacks Test code against 12 famous-exploit patterns ($3.04B combined losses): Bybit, Ronin, Euler, Beanstalk, Multichain, Curve, Radiant, zkSync, Cream, Wormhole, Nomad, Mango
elytra_agent_identity Return Elytra's onchain agent card (ERC-8004, pricing, capabilities)

Privacy & safety

This MCP server is a thin, read-only client over Elytra's public HTTP API. Specifically:

  • No shell execution. The server never spawns child processes or executes shell commands.
  • No file writes. The server reads nothing from disk and writes nothing to disk.
  • No private keys. The server never reads, requests, generates, or stores private keys.
  • No wallet signing. The server never signs transactions or messages. Any onchain payments (x402) are settled by Elytra's facilitators, not by this server.
  • Sends only what you ask it to. Each tool call forwards exactly the code, address, or query the AI agent passed in — nothing more. No telemetry, no ambient file reads, no background uploads.
  • May return public receipt URLs. Depending on Elytra's API mode, a scan can produce a public receipt page at https://elytrasec.io/r/<id>. The URL is returned to you; you decide whether to share it.

Optional env vars

  • ELYTRA_API_KEY — Bearer key for the paid /api/v1/scan endpoint (bypasses x402 micropayment for higher throughput). Contact [email protected].
  • ELYTRA_BASE_URL — Override the default https://elytrasec.io (for self-hosting).

Pricing

All tools above hit Elytra's free public endpoints. For higher rate limits or AI-powered deep review, the underlying API supports x402 pay-per-call in USDC on Base or Solana (1¢ per scan, 2¢ per review).

Other Elytra packages

Links

License

MIT

from github.com/ElytraSec/mcp

Install Elytra Security Server in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install elytra-security-mcp-server

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add elytra-security-mcp-server -- npx -y @elytrasec/mcp

FAQ

Is Elytra Security Server MCP free?

Yes, Elytra Security Server MCP is free — one-click install via Unyly at no cost.

Does Elytra Security Server need an API key?

No, Elytra Security Server runs without API keys or environment variables.

Is Elytra Security Server hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Elytra Security Server in Claude Desktop, Claude Code or Cursor?

Open Elytra Security Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Elytra Security Server with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All development MCPs