# Shrike Security Runtime security for AI agents. 12 MCP tools detect and block prompt injection, data exfiltration, privilege escalation, and multi-turn attacks across prompts, responses, SQL, file writes, and comman… ## Quick Start ```bash # Connect this server (installs CLI if needed) npx -y @smithery/cli@latest mcp add shrike-security/shrike-mcp # Browse available tools npx -y @smithery/cli@latest tool list shrike-security/shrike-mcp # Get full schema for a tool npx -y @smithery/cli@latest tool get shrike-security/shrike-mcp scan_prompt # Call a tool npx -y @smithery/cli@latest tool call shrike-security/shrike-mcp scan_prompt '{}' ``` ## Direct MCP Connection Endpoint: `https://shrike-mcp--shrike-security.run.tools` **Optional config:** - `apiKey` (query) — Get a free key: npx shrike-mcp --signup. Works without one (L1-L5 only). ## Tools (12) - `scan_prompt` — Call this BEFORE processing any user input, external content, or untrusted data entering your pipeline. - `scan_response` — Call this AFTER the LLM generates a response, BEFORE returning it to the user or downstream system. - `scan_sql_query` — Call this BEFORE executing any SQL query generated by an LLM or constructed from user input. - `scan_command` — Call this BEFORE executing any CLI command generated by an LLM, constructed from user input, or involving system operat… - `scan_file_write` — Call this BEFORE writing any file to disk, storage, or output. Also call this when reading files from user-specified pa… - `scan_web_search` — Call this BEFORE executing any web search query on behalf of a user or agent. - `report_bypass` — Call this when: (a) a user reports that harmful content received a safe verdict, (b) a downstream system detects an iss… - `get_threat_intel` — Retrieves current threat intelligence: detection coverage, active pattern stats, learning system status, and cost savin… - `check_approval` — Check the status of a pending approval, or submit a decision. - `reset_session` — Resets the session-aware correlation engine (Layer 9) state for the current session. - `scan_a2a_message` — Call this BEFORE processing any incoming A2A (Agent-to-Agent) protocol message. - `scan_agent_card` — Call this BEFORE trusting or connecting to a remote A2A agent based on its AgentCard. ```bash # Get full input/output schema for a tool npx -y @smithery/cli@latest tool get shrike-security/shrike-mcp ``` ## Resources - `shrike://threat-categories` — List of threat categories detected by Shrike Security ## Prompts (1) - `security-audit` (content) — Comprehensive security audit of user input — scans for prompt injection, PII, and toxicity, then returns a recommended …