Security monitoring and access control for Model Context Protocol (MCP) servers
MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, and audit logging for AI tool usage.
View and manage trusted MCP servers with automatic discovery of Claude Desktop and Cursor configurations
Automatically scan and discover MCP servers from your AI tool configurations
Approve or block new tool calls with granular control - once, always, or never
MCP Snitch blocks suspicious requests and provides clear feedback
- Real-time interception of stdio and HTTP MCP transports
- AI-powered security analysis using GPT-3.5 for threat detection
- Pattern-based detection for sensitive data (SSH keys, credentials, system files)
- Audit logging with full request/response history
Comprehensive audit log showing all MCP tool calls with risk assessment and filtering
- Approve/Block mode - Manual approval for tool calls
- Auto-approve trusted tools - Whitelist safe operations
- Trust management - Per-server trust settings with database storage
- Risk assessment - AI analysis of tool call intentions
Configure security policies including tool control modes and threat detection
Enable AI-powered security analysis with Claude or OpenAI
Customize the AI security analysis prompt for your specific needs
Manage whitelisted and blacklisted tools for automated control
- Stdio servers - npx, Docker, local binaries
- HTTP servers - Remote MCP endpoints (GitHub MCP, etc.)
- Session management - Automatic session ID handling
- Keychain integration - Secure API key storage
Protect API keys by moving them to macOS Keychain for secure storage
- Live message viewer - See all MCP communications in real-time
- Server discovery - Automatic detection of Claude Desktop & Cursor configs
- Protection status - Visual indicators for monitored servers
- Export logs - Full audit trail for compliance
- Download the latest DMG from Releases
- Install MCP Snitch by dragging to Applications
- Launch and grant necessary permissions
- Protect your MCP servers from the main interface
# Clone the repository
git clone https://github.com/Adversis/mcp-snitch.git
cd mcp-snitch
# Build development version
./build.sh
# Run the app
./run.shSee CONTRIBUTING.md for detailed setup instructions.
MCP Snitch acts as a transparent proxy between AI applications (Claude Desktop, Cursor) and MCP servers:
Cursor β MCP Snitch Proxy β MCP Server
β
Security Analysis
Audit Logging
GuardRails Enforcement
- Wraps command-based servers (npx, docker, local binaries)
- Intercepts stdin/stdout for JSON-RPC analysis
- Transparent to both client and server
- Local HTTP proxy for remote MCP servers
- Manages session IDs automatically
- Injects authentication headers from keychain
MCP Snitch uses multiple layers of security analysis:
- Pattern Detection - Fast regex-based checks for known threats
- Trust Verification - Database lookup for trusted servers
- AI Analysis - GPT-3.5 analysis for complex tool calls
- Response Monitoring - Scans outputs for sensitive data leaks
- File system access to sensitive directories (
/etc,/System) - SSH key or credential exposure
- Unusual API calls or data exfiltration patterns
- System command execution
Trust servers to skip approval prompts:
- Settings β Servers β Trust/Untrust
- Off - No interception
- Approve - Manual approval for all tool calls
- Block - Automatic blocking with AI analysis
Store OpenAI API key securely in macOS Keychain:
- Settings β API Keys β Add Key
MCPSnitch/ # Main macOS app (SwiftUI)
βββ Views/ # UI components
βββ Models/ # Data models & database
βββ Managers/ # Business logic
MCPProxy/ # Proxy implementations
βββ mcp_proxy.swift # Stdio proxy
βββ mcp_http_proxy.swift # HTTP proxy
βββ mcp_security_common.swift # Shared security logic
- macOS 13.0 or later
- Xcode 15.0+ (for building from source)
- OpenAI API key (for AI security analysis)
This project is available under a dual-license model:
- Open Source License: GNU General Public License v3.0 (GPL-3.0) - See LICENSE file
- Commercial License: For proprietary use without GPL obligations - Contact licensing@adversis.io
- Open Source: Free use under GPL-3.0 for open source projects and personal use
- Commercial: Avoid GPL obligations for proprietary/commercial software
For commercial licensing inquiries, please contact licensing@adversis.io
THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
SECURITY NOTICE: This tool is designed for authorized security monitoring only. Users are responsible for complying with all applicable laws and regulations. Unauthorized use of this tool may result in criminal and/or civil penalties. Always ensure you have proper authorization before monitoring any systems or applications.
We welcome contributions! See CONTRIBUTING.md for guidelines.
- Issues - Report bugs or request features via GitHub Issues
- Discussions - Ask questions in GitHub Discussions
Built with:
- Swift & SwiftUI
- SQLite for trust database
- OpenAI GPT-3.5 for security analysis
- Model Context Protocol specification
Copyright Β© 2025 Adversis, LLC. Licensed under GPL-3.0 or Commercial License.