MCP.so
登录
P

Prompt Injection Shield

@aniketkarne

关于 Prompt Injection Shield

暂无概览

基本信息

分类

其他

传输方式

stdio

发布者

aniketkarne

提交者

Aniket Karne

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "PromptInjectionShield": {
      "command": "docker",
      "args": [
        "build",
        "-t",
        "shield-mcp",
        "."
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Prompt Injection Shield?

Prompt Injection Shield is a local-first, zero-cost MCP server that detects malicious prompt injection and jailbreak attempts in user input. It acts as a security gateway that integrates with LLM workflows (such as Claude Desktop) to pre-screen prompts before they reach the model, keeping all data on the user’s machine.

How to use Prompt Injection Shield?

Install from source (pip install .) or via Docker. Run the server with python -m shield_mcp.server, then configure it as an MCP server in your client (e.g., add to claude_desktop_config.json with command python and args ["-m", "shield_mcp.server"]). The server exposes a single tool called analyze_prompt that accepts a prompt string and returns is_injection, risk_score, and category. You can optionally customize the risk threshold and log directory by creating a shield_config.json file.

Key features of Prompt Injection Shield

  • Local detection engine, no external API calls.
  • Three-tiered detection: heuristics, semantic ML model, and structural check.
  • Privacy-first: prompt text never leaves the machine.
  • Zero-cost security checks.
  • Integrates natively with Claude Desktop and any MCP‑compatible client.

Use cases of Prompt Injection Shield

  • Wrap a chatbot or RAG system to reject malicious prompts before they reach the main LLM.
  • Protect internal tools (code executors, database agents) from injected instructions in data context.
  • Red‑team own applications by using the risk_score to evaluate jailbreak attempts.
  • Pre‑screen any user input in an MCP‑enabled workflow without sending data to a third‑party API.

FAQ from Prompt Injection Shield

Does Prompt Injection Shield require an internet connection for detection?

No. The entire detection pipeline runs locally; no external API calls are made during analysis.

How does the detection work?

It uses three layers: Level 1 heuristics (regex) for known jailbreak patterns, Level 2 semantic analysis with a local DeBERTa model (protectai/deberta-v3-base-prompt-injection-v2), and Level 3 structural checks for obfuscation (Base64, Hex, high entropy strings).

Can I adjust the detection sensitivity?

Yes. Create a shield_config.json in the working directory and set “risk_threshold” (default 0.8) to control when a prompt is flagged as injection.

Where are logs stored?

Logs are saved by default in ~/.shield-mcp/logs; you can change the directory using the “log_dir” key in shield_config.json.

What transport does the server use?

The server is invoked via a command (e.g., python -m shield_mcp.server) and communicates over MCP’s standard input/output transport (stdio).

评论

其他 分类下的更多 MCP 服务器