82ch/MCP-Dandan

Бесплатно

Real-time security framework for MCP servers that detects and blocks malicious AI agent behavior by analyzing tool call patterns and intent across multiple thre

автор: 82ch

GitHub

Описание

Real-time security framework for MCP servers that detects and blocks malicious AI agent behavior by analyzing tool call patterns and intent across multiple threat detection engines.

README

MCP-Dandan

Overview

MCP-Dandan is an integrated monitoring service that observes MCP (Model Context Protocol) communications and detects security threats in real time. It features a modern desktop UI built with Electron for easy monitoring and management.

Currently, MCP-Dandan is listed in well-known MCP-related open-source collections and can be found in the following repositories:

https://github.com/user-attachments/assets/928686ab-a5aa-4486-8d8e-d4a9592adc3e

Features

Real-time MCP Traffic Monitoring: Intercepts and analyzes MCP communications
Multi-Engine Threat Detection:
- Command Injection Detection
- File System Exposure Detection
- PII Leak Detection(custom rules supported)
- Data Exfiltration Detection
- Tools Poisoning Detection (LLM-based)
Desktop UI: Electron-based application with interactive dashboard
Interactive Tutorial: Built-in tutorial system for new users
Blocking Capabilities: Real-time threat blocking with user control
Cross-Platform: Supports Windows, macOS, and Linux

Quick Start

Installation

# Clone the repository
git clone https://github.com/82ch/MCP-Dandan.git
cd MCP-Dandan

# Install all dependencies (Python + Node.js)
npm run install-all

Running the Application

# Start both server and desktop UI
npm run dev

The server will start on http://127.0.0.1:8282 and the Electron desktop app will launch automatically.

Project Structure

Detection Engines

1. Command Injection Engine

Identifies potential command injection patterns in tool calls.

2. File System Exposure Engine

Monitors unauthorized file system access attempts.

3. PII Leak Engine (custom rules supported)

Detects potential PII leakage with built-in rules and optional user-defined customization.

4. Data Exfiltration Engine

Identifies suspicious data transfer patterns.

5. Tools Poisoning Engine (LLM-based)

Uses semantic analysis to detect misuse of MCP tools:

Compares tool specifications vs actual usage
Scores alignment (0-100) with detailed breakdown
Auto-categorizes severity: none/low/medium/high

Engine Setting

https://github.com/user-attachments/assets/3d6f2304-0a6b-492e-9f2d-bba76df98b4c

Input your MISTRAL_API_KEY to enable the Tools Poisoning Engine, and configure detection settings as needed.

Desktop UI Features

Real-time Dashboard: Monitor MCP traffic and threats in real time
Interactive Tutorial: Learn how to use the system with step-by-step guides
Blocking Interface: Review and control threat blocking actions
Settings Panel: Configure detection engines and system behavior
Chat Panel: Interact with the system and view logs

https://github.com/user-attachments/assets/19bcbdfb-c893-468d-a8a6-1c7b70a1c7b7

Full Documentation

For detailed explanations and technical documentation, please refer to the
MCP-Dandan Wiki.

Have questions or suggestions?
Please visit the Discussions tab.

from github.com/82ch/MCP-Dandan

Как установить

Добавь это в claude_desktop_config.json и перезапусти Claude Desktop.

{
  "mcpServers": {
    "82ch-mcp-dandan": {
      "command": "npx",
      "args": []
    }
  }
}

82ch/MCP-Dandan

Бесплатно

Real-time security framework for MCP servers that detects and blocks malicious AI agent behavior by analyzing tool call patterns and intent across multiple thre

автор: 82ch

GitHub

Описание

Real-time security framework for MCP servers that detects and blocks malicious AI agent behavior by analyzing tool call patterns and intent across multiple threat detection engines.

README

MCP-Dandan

Overview

Currently, MCP-Dandan is listed in well-known MCP-related open-source collections and can be found in the following repositories:

https://github.com/user-attachments/assets/928686ab-a5aa-4486-8d8e-d4a9592adc3e

Features

Real-time MCP Traffic Monitoring: Intercepts and analyzes MCP communications
Multi-Engine Threat Detection:
- Command Injection Detection
- File System Exposure Detection
- PII Leak Detection(custom rules supported)
- Data Exfiltration Detection
- Tools Poisoning Detection (LLM-based)
Desktop UI: Electron-based application with interactive dashboard
Interactive Tutorial: Built-in tutorial system for new users
Blocking Capabilities: Real-time threat blocking with user control
Cross-Platform: Supports Windows, macOS, and Linux

Quick Start

Installation

# Clone the repository
git clone https://github.com/82ch/MCP-Dandan.git
cd MCP-Dandan

# Install all dependencies (Python + Node.js)
npm run install-all

Running the Application

# Start both server and desktop UI
npm run dev

The server will start on http://127.0.0.1:8282 and the Electron desktop app will launch automatically.

Project Structure

Detection Engines

1. Command Injection Engine

Identifies potential command injection patterns in tool calls.

2. File System Exposure Engine

Monitors unauthorized file system access attempts.

3. PII Leak Engine (custom rules supported)

Detects potential PII leakage with built-in rules and optional user-defined customization.

4. Data Exfiltration Engine

Identifies suspicious data transfer patterns.

5. Tools Poisoning Engine (LLM-based)

Uses semantic analysis to detect misuse of MCP tools:

Compares tool specifications vs actual usage
Scores alignment (0-100) with detailed breakdown
Auto-categorizes severity: none/low/medium/high

Engine Setting

https://github.com/user-attachments/assets/3d6f2304-0a6b-492e-9f2d-bba76df98b4c

Input your MISTRAL_API_KEY to enable the Tools Poisoning Engine, and configure detection settings as needed.

Desktop UI Features

Real-time Dashboard: Monitor MCP traffic and threats in real time
Interactive Tutorial: Learn how to use the system with step-by-step guides
Blocking Interface: Review and control threat blocking actions
Settings Panel: Configure detection engines and system behavior
Chat Panel: Interact with the system and view logs

https://github.com/user-attachments/assets/19bcbdfb-c893-468d-a8a6-1c7b70a1c7b7

Full Documentation

For detailed explanations and technical documentation, please refer to the
MCP-Dandan Wiki.

Have questions or suggestions?
Please visit the Discussions tab.

from github.com/82ch/MCP-Dandan

Как установить

Добавь это в claude_desktop_config.json и перезапусти Claude Desktop.

{
  "mcpServers": {
    "82ch-mcp-dandan": {
      "command": "npx",
      "args": []
    }
  }
}

Command Palette

82ch/MCP-Dandan

Описание

README

Overview

Features

Quick Start

Installation

Running the Application

Project Structure

Detection Engines

1. Command Injection Engine

2. File System Exposure Engine

3. PII Leak Engine (custom rules supported)

4. Data Exfiltration Engine

5. Tools Poisoning Engine (LLM-based)

Engine Setting

Desktop UI Features

Full Documentation

Как установить

Похожие MCP

Fetch

AWS KB Retrieval

Spring AI MCP Server

llm-analysis-assistant

82ch/MCP-Dandan

Описание

README

Overview

Features

Quick Start

Installation

Running the Application

Project Structure

Detection Engines

1. Command Injection Engine

2. File System Exposure Engine

3. PII Leak Engine (custom rules supported)

4. Data Exfiltration Engine

5. Tools Poisoning Engine (LLM-based)

Engine Setting

Desktop UI Features

Full Documentation

Как установить

Похожие MCP

Fetch

AWS KB Retrieval

Spring AI MCP Server

llm-analysis-assistant