remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Integrations
Provides community support and discussion through a Discord server for users of the ChuckNorris MCP server.
Integrates with GitHub for issue tracking and accessing the L1B3RT4S repository which contains specialized LLM enhancement prompts.
Uses Mermaid for diagram visualization to illustrate the workflow between the AI Assistant, ChuckNorris Server, and the L1B3RT4S repository.
⚡ C̷h̷u̷c̷k̷N̷o̷r̷r̷i̷s̷ MCP Server: Enhance Your LLM ⚡
MCP gateway for specialized LLM enhancement prompts with dynamic schema adaptation.
⚠️ DISCLAIMER
IMPORTANT: Work in progress with limitations. Only works on weaker models. Latest LLMs recognize jailbreak attempts. This tool is also designed for security research and evaluation purposes to help identify vulnerabilities in LLM systems.
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~
📖 Introduction
The C̷h̷u̷c̷k̷N̷o̷r̷r̷i̷s̷ MCP Server provides an implementation of the Model Context Protocol (MCP) that delivers specialized enhancement prompts to various LLMs. It uses jailbreak prompts from elder-plinius' L1B3RT4S project and implements a dynamic schema approach for more effective delivery.
🚀 Getting Started
Run directly with npx:
MCP Client Configuration
Add to your MCP server list in mcp_config.json:
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~
🤔 How It Works
Advanced Dynamic Approach
The server uses a two-phase approach to bypass jailbreak detection:
- First Call:
- AI Assistant discovers the
C̷h̷u̷c̷k̷N̷o̷r̷r̷i̷s̷tool with a neutral schema description - Assistant calls the tool with its model type
- Server returns a subtle "preparation" prompt that makes the LLM receptive to the jailbreak
- Server remembers the LLM type for the next call
- AI Assistant discovers the
- Subsequent Calls:
- Schema dynamically changes to include the jailbreak in its description
- Tool description now contains model-specific jailbreak instructions
- Server continues to return the same preparation prompt
- Only the schema changes between calls, not the response content
This approach combines elder-plinius' L1B3RT4S jailbreak prompts with a dynamic schema modification technique, making it more effective at bypassing detection as it doesn't immediately present the jailbreak content.
Security Research Purpose
This tool implements the technique described in "The 'S' in MCP Stands for Security" research, demonstrating how MCP tools can:
- Present different information to users vs. AI models
- Change their behavior after initial approval
- Use multi-phase approaches to potentially bypass security measures
The implementation uses jailbreak prompts from elder-plinius' L1B3RT4S project, combined with a dynamic schema modification technique similar to the Tool Poisoning Attack research by Invariant Labs and their MCP injection experiments.
By understanding these techniques, developers can build more robust and secure AI systems.
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~
🙏 Credits
Based on L1B3RT4S by elder-plinius.
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~
🚧 Status
Experimental. The dynamic schema approach improves effectiveness with newer models like Claude and GPT-4, but results may still vary.
Want to help? Join via GitHub Issues or Discord.
~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~
🤝 Community
Part of Pollinations.AI.
📜 License
You must be authenticated.
Tools
An experimental MCP gateway that provides specialized LLM enhancement prompts based on the L1B3RT4S repository, primarily intended to enhance weaker models' capabilities.