MCP Setup
Audit AI agent skills for malware and social engineering before adding them to your agent.
What Shieldon Detects
- Credential theft: AWS, GitHub, Stripe, Slack, cloud provider keys, private keys, and .env access
- Command injection: curl | bash, reverse shells, privilege escalation
- Obfuscation: Base64 payloads, eval() chains, hex encoding
- Data exfiltration: POST to webhooks, paste services, DNS tunneling
Installation
Add Shieldon to your MCP config. Shieldon exposes an MCP Streamable HTTP endpoint — compatible with any MCP client that supports remote servers.
{
"mcpServers": {
"shieldon": {
"url": "https://api.shieldon.dev/mcp"
}
}
}| Client | Config file |
|---|---|
| Cursor | .cursor/mcp.json |
| Claude Desktop | claude_desktop_config.json |
| Windsurf | .windsurf/mcp.json |
| Any MCP client | Wherever your client reads MCP server configs |
After adding the config, restart your client or reload the session. The audit_skill tool will appear in your available MCP tools.
Usage
Scan a skill by URL before installing:
audit_skill(skill_url: "https://example.com/skill.md")
Scan raw skill content directly:
audit_skill(skill_content: "<paste skill.md content here>")
Example response:
{
"scan_id": "a1b2c3d4",
"risk_score": 75,
"risk_level": "HIGH",
"recommendation": "REVIEW",
"findings": [
{
"type": "Credential_AWS_Access_Key",
"description": "AWS access key pattern detected",
"severity": "HIGH",
"evidence": "Matched '$aws_key' at offset 342: AKIAIOSFODNN7EXAMPLE"
}
],
"scans_remaining": 7
}Rate Limits
- Free tier: 10 scans per day per IP
- Privacy: Skills are never stored. All scans are ephemeral.
Support
Website: shieldon.dev