MCP.so
ログイン

Have I Been Pwned MCP Server

@Cyreslab-AI

Have I Been Pwned MCP Server について

概要はまだありません

基本情報

カテゴリ

その他

ライセンス

MIT license

ランタイム

node

トランスポート

stdio

公開者

Cyreslab-AI

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "hibp-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@smithery/cli",
        "install",
        "@Cyreslab-AI/hibp-mcp-server",
        "--client",
        "claude"
      ]
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Have I Been Pwned MCP Server?

A Model Context Protocol server that integrates with the Have I Been Pwned API to check if email addresses or passwords have been compromised in data breaches. It provides four tools for querying breach data.

How to use Have I Been Pwned MCP Server?

Install via Smithery or clone the repository, install dependencies, build, and configure the server in your MCP settings file with your HIBP_API_KEY environment variable. Once configured, use Claude or another MCP client to invoke the tools: check_email, check_password, get_breach_details, or list_all_breaches.

Key features of Have I Been Pwned MCP Server

  • Check if an email appears in known data breaches
  • Check if a password has been exposed (using k‑anonymity)
  • Get detailed information about a specific data breach
  • List all breaches, optionally filtered by domain

Use cases of Have I Been Pwned MCP Server

  • Security audits: verify if user accounts are compromised
  • Password hygiene: test passwords without revealing them fully
  • Incident response: investigate a specific breach’s scope
  • Domain monitoring: list breaches affecting a particular company

FAQ from Have I Been Pwned MCP Server

What API does the server use?

It uses the official Have I Been Pwned API. You need a valid API key, obtainable at haveibeenpwned.com/API/Key.

How is password checking secure?

The password check employs k‑anonymity: only the first 5 characters of the SHA‑1 hash are sent to the API. Hash suffix matching is completed locally.

What are the runtime requirements?

Node.js v14 or higher and npm v6 or higher are required. The server expects a HIBP_API_KEY environment variable.

Which tools are available?

Four tools: check_email, check_password, get_breach_details, and list_all_breaches.

Where is the API key configured?

In your MCP settings JSON file, add the key as an environment variable named HIBP_API_KEY.

コメント

「その他」の他のコンテンツ