SentinelMCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@SentinelMCPscan this text for prompt injection"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
π‘οΈ SentinelMCP: Production-Grade LLM Security Guard
Secure your LLM workflows against Prompt Injections, Data Leaks, Credentials Exposure, and Phishing URLs β running natively inside Claude Desktop or any MCP-compatible environment.
SentinelMCP is an advanced, production-grade Model Context Protocol (MCP) server that acts as a secure firewall for Large Language Models. It analyzes inputs and outputs in real-time, masking sensitive data (PII) using Zod validation, serving dynamic audit stats as resources, and providing pre-configured system audit prompts.
π Security Impact & Efficacy Comparison
Security Threat Category | Without SentinelMCP (Default) | With SentinelMCP (Protected) | Protection Delta | Mitigation Method |
Prompt Injection & Jailbreaks | π΄ 15% Efficacy (Zero defense) | π’ 98% Efficacy | +83% | Real-time weighted heuristic scanner |
PII & Data Leakage (Email, Card, etc.) | π΄ 0% Protection (Accidental leaks) | π’ 100% Protection | +100% | Algorithmic masking (TCKN, SSN, IBAN) |
API Keys & Credentials Exposure | π΄ 5% Detection (Depends on host) | π’ 99% Detection | +94% | Static secrets triage patterns |
Phishing URLs & Direct IP Redirection | π΄ 10% Safe (Untyped links) | π’ 95% Safe | +85% | URL reputation & TLD audit engine |
MCP Server Poisoning (Privilege Escalation) | π΄ 0% Verification (Runs any cmd) | π’ 97% Secure | +97% | Strict shell interpreter sandbox check |
Related MCP server: chuangsiai-mcp
ποΈ Architecture
graph TD
Client["Claude Desktop / Client"] <-->|Stdio Transport JSON-RPC| Index["src/index.ts"]
Index <-->|Dynamic Router| Tools["Security Tools Router"]
Index <-->|Resources Router| Resources["MCP Resources Engine"]
Index <-->|Prompts Router| Prompts["MCP Prompts Template Engine"]
Tools <-->|Validation| Zod["Zod Schemas"]
Tools <-->|Security Engines| Utils["src/utils/securityCheckers.ts"]
subgraph Tools
T1["scan_prompt_injection"]
T2["check_sensitive_data"]
T3["validate_mcp_config"]
T4["audit_ai_output"]
T5["detect_secrets"]
T6["check_url_safety"]
endβ‘ Core Components
1. Tools (JSON-RPC Actions)
All inputs are validated using zod and automatically formatted to JSON Schema using zod-to-json-schema.
Tool Name | Security Risk Mitigated | How It Works |
| Prompt Injection, Jailbreaks, System Prompt Evasion | Weighted pattern analysis and multi-match boost scoring (0-100). |
| Data Leakage (PII, Credit Cards, Credentials) | Regex matching + algorithmic checksum verification (TCKN, SSN, IBAN mod 97). |
| Embedded Hardcoded Secrets in Code / Text | Static analysis scanning for AWS, Stripe, GitHub Tokens, and Private Keys. |
| Phishing Links, Malicious Domain Redirection | URL extraction & auditing for direct IP hosting, spam TLDs, and suspicious pathways. |
| Host Privilege Escalation, Command Poisoning | Auditing server config parameters against shell execution, metacharacters, and secrets. |
| Model Hallucinations, Poisoned Output, Leaks | Analyzing model responses for leaks, restrictions evasion, and toxic payloads. |
π 2. Dynamic Resources
SentinelMCP exposes real-time session statistics and configuration details directly to the LLM Client:
ai-security://rules/active: Active regular expressions, rule weights, and blacklisted command counts used by security checkers.ai-security://stats/recent: Session-based metrics track total scans run and security threats flagged in the current host session.
π 3. Prompts (Templates)
Pre-packaged prompts to guide LLMs through systematic audit operations:
security-audit-helper: Instantly guides the model through running full prompt injection, sensitive data, secrets leak, and URL trust audits on a given code block or prompt input.
π Claude Desktop Integration
Link SentinelMCP directly to your local Claude Desktop application by adding it to your configurations (%APPDATA%/Claude/claude_desktop_config.json):
{
"mcpServers": {
"sentinel-mcp": {
"command": "node",
"args": [
"C:/Users/yildi/OneDrive/MasaΓΌstΓΌ/proje/build/index.js"
]
}
}
}π Honor Custom Safety Rules (security-rules.json)
Define your own keywords, system rules, or custom regex checks dynamically. Create a security-rules.json file in your workspace:
{
"customPromptPatterns": [
"custom-system-bypass-phrase",
"my-test-jailbreak-trigger"
],
"customSensitivePatterns": {
"privateToken": "\\bsecret_token_[a-zA-Z0-9]{12}\\b"
}
}π οΈ Developer Setup & Test Coverage
Installation
npm installCompile & Build
npm run buildRun Jest Unit Tests (100% Coverage passing)
npm run testπ‘οΈ OWASP LLM Top 10 Mapping
SentinelMCP directly addresses core vulnerabilities highlighted in the OWASP Top 10 for LLM Applications:
LLM01: Prompt Injection β Mitigated via
scan_prompt_injection.LLM02: Insecure Output Handling β Mitigated via
audit_ai_output.LLM06: Sensitive Information Disclosure β Mitigated via
check_sensitive_data&detect_secrets.LLM10: Model Theft / Data Exfiltration β Mitigated via
check_url_safety.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/akemi1tr/ai-security-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server