WalletTriage MCP
OfficialClick on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@WalletTriage MCPCheck the risk of 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
wallettriage-mcp
MCP server for WalletTriage — real-time exploit-exposure check for EVM wallets, built for AI agents. Each query is paid via x402 (USDC on Base) signed locally by a session key: no signup, no API key, no prompts. Stateless — nothing about you or your queries is persisted.
Tools
check_address_risk(paid) — real-time risk for an EVM address: dangerous ERC20 approvals cross-referenced with a live threat feed of contracts under attack. Returnsrisk_score(0–100),risk_leveland actionablefindings.get_pricing(free) — service status and current price per query.
Related MCP server: rugmunch-base
Setup (Claude Desktop, Claude Code, Cursor)
Requires Node 20+. Add to your MCP config (e.g. claude_desktop_config.json):
{
"mcpServers": {
"wallettriage": {
"command": "npx",
"args": ["-y", "wallettriage-mcp"],
"env": {
"GATEWAY_URL": "https://api.wallettriage.com",
"EVM_PRIVATE_KEY": "0xREPLACE_WITH_SESSION_WALLET_PRIVATE_KEY",
"MAX_PAYMENT_ATOMIC": "100000"
}
}
}
}Fund the session wallet with a few USDC on Base. Use a dedicated, low-balance wallet — never your main key. It only signs gasless EIP-3009 USDC payments; WalletTriage never holds or moves funds.
EVM_PRIVATE_KEY is the wallet's private key (0x + 64 hex), not its address.
No ETH needed — payments are gasless (EIP-3009). Test connectivity first with the
free get_pricing tool before funding.
Then ask your agent: "Check the risk of 0xd8dA… before I interact with it."
Troubleshooting
unable to verify the first certificate(common on Windows / corporate networks): your antivirus or proxy intercepts TLS and Node doesn't use the system certificate store by default. Add"NODE_OPTIONS": "--use-system-ca"to theenvblock. Never disable TLS verification — payments travel in headers and must not be tamperable.EVM_PRIVATE_KEY is malformed: the value must be0x+ 64 hex characters (the private key of the session wallet). Check for placeholder text, missing0xor stray whitespace.Gateway unreachable:GATEWAY_URLdefaults tohttps://api.wallettriage.com. If you overrode it (e.g. to a local gateway), make sure that host is reachable and running.
Environment variables
Variable | Required | Default | Purpose |
| yes | — | Session key that signs x402 payments (USDC on Base) |
| no |
| WalletTriage API base URL. Defaults to production; set |
| no |
| Refuses any 402 requirement above this cap (atomic USDC units, 6 decimals) |
| no |
| Default chain: eth, base, polygon, arbitrum, optimism, bsc |
Local development
npm install
cp .env.example .env # set EVM_PRIVATE_KEY
npm start # runs src/server.ts via tsx (stdio)Point at a local gateway with GATEWAY_URL=http://localhost:4021, or test with
the MCP Inspector:
npx @modelcontextprotocol/inspector npx tsx src/server.tsnpm run build emits dist/server.js (the published bin).
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/wallettriage/wallettriage-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server