Skip to main content
Glama
alberthild

ShieldAPI MCP

by alberthild
OverviewSchemaRelated ServersScoreDiscussions
JavaScript

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
SHIELDAPI_URLNoAPI base URLhttps://shield.vainplex.dev
SHIELDAPI_WALLET_PRIVATE_KEYNoEVM private key for USDC payments. If not set, the server operates in demo mode with free tier limits.

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}
prompts
{
  "listChanged": true
}

Tools

Functions exposed to the LLM to take actions

NameDescription
shieldapi.check_url

Check a URL for malware, phishing, and other threats. Uses URLhaus + heuristic analysis.

shieldapi.check_password

Check if a password hash (SHA-1) has been exposed in known data breaches via HIBP.

shieldapi.check_password_range

Look up a SHA-1 hash prefix in the HIBP k-Anonymity database.

shieldapi.check_domain

Check domain reputation: DNS records, blacklists (Spamhaus, SpamCop, SORBS), SPF/DMARC, SSL.

shieldapi.check_ip

Check IP reputation: blacklists, Tor exit node detection, reverse DNS.

shieldapi.check_email

Check if an email address has been exposed in known data breaches via HIBP.

shieldapi.full_scan

Run all security checks on a target (URL, domain, IP, or email). Most comprehensive scan.

shieldapi.scan_skill

Scan an AI agent skill/plugin for security issues across 8 risk categories (Snyk ToxicSkills taxonomy). Checks for prompt injection, malicious code, suspicious downloads, credential handling, secret detection, third-party content, unverifiable dependencies, and financial access patterns. Static analysis only — no code execution. Returns risk score (0-100), severity-ranked findings with file locations, and human-readable summary.

shieldapi.check_prompt

Detect prompt injection in text. Analyzes across 4 categories (direct injection, encoding tricks, exfiltration, indirect injection) with 200+ detection patterns. Designed for real-time inline usage before processing untrusted user input. Returns boolean verdict, confidence score (0-1), matched patterns with evidence, and decoded content if encoding obfuscation was detected. Response time <100ms p95.

Prompts

Interactive templates invoked by user choice

NameDescription
security_assessmentGenerate a security assessment report for a target (domain, URL, IP, or email)
quick_checkQuick security check — automatically detects target type and runs the right scan

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/alberthild/shield-api-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server