Have I Been Pwned MCP Server
@Cyreslab-AI
About Have I Been Pwned MCP Server
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"hibp-mcp-server": {
"command": "npx",
"args": [
"-y",
"@smithery/cli",
"install",
"@Cyreslab-AI/hibp-mcp-server",
"--client",
"claude"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Have I Been Pwned MCP Server?
A Model Context Protocol server that integrates with the Have I Been Pwned API to check if email addresses or passwords have been compromised in data breaches. It provides four tools for querying breach data.
How to use Have I Been Pwned MCP Server?
Install via Smithery or clone the repository, install dependencies, build, and configure the server in your MCP settings file with your HIBP_API_KEY environment variable. Once configured, use Claude or another MCP client to invoke the tools: check_email, check_password, get_breach_details, or list_all_breaches.
Key features of Have I Been Pwned MCP Server
- Check if an email appears in known data breaches
- Check if a password has been exposed (using k‑anonymity)
- Get detailed information about a specific data breach
- List all breaches, optionally filtered by domain
Use cases of Have I Been Pwned MCP Server
- Security audits: verify if user accounts are compromised
- Password hygiene: test passwords without revealing them fully
- Incident response: investigate a specific breach’s scope
- Domain monitoring: list breaches affecting a particular company
FAQ from Have I Been Pwned MCP Server
What API does the server use?
It uses the official Have I Been Pwned API. You need a valid API key, obtainable at haveibeenpwned.com/API/Key.
How is password checking secure?
The password check employs k‑anonymity: only the first 5 characters of the SHA‑1 hash are sent to the API. Hash suffix matching is completed locally.
What are the runtime requirements?
Node.js v14 or higher and npm v6 or higher are required. The server expects a HIBP_API_KEY environment variable.
Which tools are available?
Four tools: check_email, check_password, get_breach_details, and list_all_breaches.
Where is the API key configured?
In your MCP settings JSON file, add the key as an environment variable named HIBP_API_KEY.
More Other MCP servers
IDA Pro MCP
mrexodiaAI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

Sequential Thinking
modelcontextprotocolModel Context Protocol Servers
ACI: Open-Source Infra to Power Unified MCP Servers
aipotheosis-labsACI.dev is the open source tool-calling platform that hooks up 600+ tools into any agentic IDE or custom AI agent through direct function calling or a unified MCP server. The birthplace of VibeOps.
Website
FunnyWolfAdversary simulation and Red teaming platform with AI
ICSS
chokcoco不止于 CSS
Comments