Prompt Injection Shield
@aniketkarne
About Prompt Injection Shield
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"PromptInjectionShield": {
"command": "docker",
"args": [
"build",
"-t",
"shield-mcp",
"."
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Prompt Injection Shield?
Prompt Injection Shield is a local-first, zero-cost MCP server that detects malicious prompt injection and jailbreak attempts in user input. It acts as a security gateway that integrates with LLM workflows (such as Claude Desktop) to pre-screen prompts before they reach the model, keeping all data on the user’s machine.
How to use Prompt Injection Shield?
Install from source (pip install .) or via Docker. Run the server with python -m shield_mcp.server, then configure it as an MCP server in your client (e.g., add to claude_desktop_config.json with command python and args ["-m", "shield_mcp.server"]). The server exposes a single tool called analyze_prompt that accepts a prompt string and returns is_injection, risk_score, and category. You can optionally customize the risk threshold and log directory by creating a shield_config.json file.
Key features of Prompt Injection Shield
- Local detection engine, no external API calls.
- Three-tiered detection: heuristics, semantic ML model, and structural check.
- Privacy-first: prompt text never leaves the machine.
- Zero-cost security checks.
- Integrates natively with Claude Desktop and any MCP‑compatible client.
Use cases of Prompt Injection Shield
- Wrap a chatbot or RAG system to reject malicious prompts before they reach the main LLM.
- Protect internal tools (code executors, database agents) from injected instructions in data context.
- Red‑team own applications by using the
risk_scoreto evaluate jailbreak attempts. - Pre‑screen any user input in an MCP‑enabled workflow without sending data to a third‑party API.
FAQ from Prompt Injection Shield
Does Prompt Injection Shield require an internet connection for detection?
No. The entire detection pipeline runs locally; no external API calls are made during analysis.
How does the detection work?
It uses three layers: Level 1 heuristics (regex) for known jailbreak patterns, Level 2 semantic analysis with a local DeBERTa model (protectai/deberta-v3-base-prompt-injection-v2), and Level 3 structural checks for obfuscation (Base64, Hex, high entropy strings).
Can I adjust the detection sensitivity?
Yes. Create a shield_config.json in the working directory and set “risk_threshold” (default 0.8) to control when a prompt is flagged as injection.
Where are logs stored?
Logs are saved by default in ~/.shield-mcp/logs; you can change the directory using the “log_dir” key in shield_config.json.
What transport does the server use?
The server is invoked via a command (e.g., python -m shield_mcp.server) and communicates over MCP’s standard input/output transport (stdio).
More Other MCP servers
🚀 Model Context Protocol (MCP) Curriculum for Beginners
microsoftThis open-source curriculum introduces the fundamentals of Model Context Protocol (MCP) through real-world, cross-language examples in .NET, Java, TypeScript, JavaScript, Rust and Python. Designed for developers, it focuses on practical techniques for building modular, scalable,
AutoBrowser MCP
autobrowser-aiBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
Blender
ahujasidOpen-source MCP to use Blender with any LLM
Inbox Zero AI
elie222The world's best AI personal assistant for email. Open source app to help you reach inbox zero fast.
MCP Go 🚀
mark3labsA Go implementation of the Model Context Protocol (MCP), enabling seamless integration between LLM applications and external data sources and tools.
Comments