我被黑了吗 MCP 服务器

模型上下文协议 (MCP) 服务器提供与Have I Been Pwned API 的集成，以检查您的帐户或密码是否在数据泄露中受到损害。

特征

该 MCP 服务器提供四个主要工具：

check_email ：检查数据泄露中是否发现了电子邮件地址
check_password ：检查密码是否在数据泄露中被泄露（使用 k-anonymity）
get_breach_details ：获取有关特定数据泄露的详细信息
list_all_breaches ：列出系统中的所有违规行为，可选择按域进行过滤

安装

通过 Smithery 安装

要通过Smithery自动为 Claude Desktop 安装 hibp-mcp-server：

npx -y @smithery/cli install @Cyreslab-AI/hibp-mcp-server --client claude

先决条件

Node.js（v14 或更高版本）
npm（v6 或更高版本）
Have I Been Pwned API 密钥（在haveibeenpwned.com/API/Key获取）

设置

克隆此存储库：
git clone https://github.com/Cyreslab-AI/hibp-mcp-server.git cd hibp-mcp-server
安装依赖项：
npm install
构建服务器：
npm run build
在您的 MCP 设置文件中配置服务器：对于 Claude VSCode 扩展，添加到~/Library/Application Support/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json ：
{ "mcpServers": { "hibp": { "command": "node", "args": ["/path/to/hibp-mcp-server/build/index.js"], "env": { "HIBP_API_KEY": "YOUR_API_KEY_HERE" }, "disabled": false, "autoApprove": [] } } }
对于 Claude 桌面应用程序，添加到~/Library/Application Support/Claude/claude_desktop_config.json (macOS) 或其他平台上的类似路径。

使用示例

服务器配置完成后，您可以使用 Claude 检查数据泄露：

检查电子邮件

User: Has my email address example@gmail.com been pwned?

Claude: Good news! This email address has not been found in any known data breaches.

或者如果发现电子邮件存在违规行为：

User: Has my email address breached@example.com been pwned?

Claude: ⚠️ This email address was found in 3 data breaches.

Breach details:

1. Adobe (2013-10-04)
   Domain: adobe.com
   Description: In October 2013, 153 million Adobe accounts were breached...
   Compromised data: Email addresses, Password hints, Passwords, Usernames

2. LinkedIn (2012-05-05)
   Domain: linkedin.com
   Description: In May 2016, LinkedIn had 164 million email addresses and passwords exposed...
   Compromised data: Email addresses, Passwords

3. Dropbox (2012-07-01)
   Domain: dropbox.com
   Description: In mid-2012, Dropbox suffered a data breach which exposed...
   Compromised data: Email addresses, Passwords

Recommendations:
- Change your password for these services immediately
- If you used the same password elsewhere, change those too
- Enable two-factor authentication where available
- Consider using a password manager

检查密码

User: Has the password "password123" been exposed in any breaches?

Claude: ⚠️ This password has been exposed in data breaches 123,456 times!

Recommendations:
- Stop using this password immediately
- Change it on any site where you use it
- Use a unique, strong password for each account
- Consider using a password manager

获取违规详情

User: Tell me about the LinkedIn data breach

Claude: # LinkedIn Data Breach

**Date:** 2012-05-05
**Domain:** linkedin.com
**Accounts affected:** 164,611,595
**Verified:** Yes
**Data leaked:** Email addresses, Passwords

**Description:**
In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.

**Recommendations:**
- If you had an account on this service, change your password
- If you used the same password elsewhere, change those too
- Monitor your accounts for suspicious activity
- Be cautious of phishing attempts that may use this leaked information

列出所有违规行为

User: List all Adobe data breaches

Claude: Found 1 breaches for domain adobe.com:

1. Adobe (2013-10-04)
   Domain: adobe.com
   Accounts affected: 152,445,165
   Compromised data: Email addresses, Password hints, Passwords, Usernames

安全说明

密码检查功能使用 k-匿名来检查密码，而无需将完整密码发送到 Have I Been Pwned API
仅将密码 SHA-1 哈希的前 5 个字符发送到 API
API 返回与前缀匹配的哈希后缀列表，校验在本地完成

API 密钥配置

此服务器需要 Have I Been Pwned API 密钥才能使用大部分功能（密码检查除外）。您可以在haveibeenpwned.com/API/Key获取 API 密钥。

API 密钥应作为 MCP 设置配置中名为HIBP_API_KEY的环境变量提供。

执照

麻省理工学院

Install Server

HTTP connection URL

security – no known vulnerabilities

license - permissive license

quality - confirmed to work

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Tools

模型上下文协议 (MCP) 服务器提供与 Have I Been Pwned API 的集成，以检查您的帐户或密码是否在数据泄露中受到损害。

Related MCP Servers

mcp-hn
erithwik
A
security
A
license
A
quality
A Model Context Protocol (MCP) server that provides tools for searching and fetching information from Hacker News.
Last updated -
4
6
Python
MIT License
mcp-turso-cloud
spences10
A
security
A
license
A
quality
🗂️ A Model Context Protocol (MCP) server that provides integration with Turso databases for LLMs. This server implements a two-level authentication system to handle both organization-level and database-level operations, making it easy to manage and query Turso databases directly from LLMs.
Last updated -
8
26
6
TypeScript
MIT License
MCP API Service
nstanw
A
security
F
license
A
quality
A Model Context Protocol (MCP) server that interacts with system APIs, allowing users to check connections, search employees, register breakfast, and update chemical information by shifts.
Last updated -
21
37
JavaScript
SSH MCP Server
mfangtao
-
security
F
license
-
quality
A server that enables remote command execution over SSH through the Model Context Protocol (MCP), supporting both password and private key authentication.
Last updated -
JavaScript

View all related MCP servers

Have I Been Pwned MCP Server