Which integrations are available for this server?

Provides tools to check active ERC-20 token approvals on Ethereum, identify risky allowances (unlimited, EOA spenders, upgradeable contracts), and generate revoke calldata. Provides tools to check active ERC-20 token approvals on Polygon, identify risky allowances (unlimited, EOA spenders, upgradeable contracts), and generate revoke calldata.

How do I use approval-guardian?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@approval-guardian check approvals for 0xabc... on ethereum" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

approval-guardian

by Baneado98

Overview Schema Related Servers Score Discussions

TypeScript

Remote

approval-guardian 🛡️

Find the token approvals draining your wallet — and get the revoke calldata.

approval-guardian is an MCP server and a pay-per-call x402 HTTP API. Give it a wallet address + chain and it returns a CLEAN / REVIEW / AT_RISK verdict listing every active ERC-20 approval, worst first, with the exact approve(spender, 0) calldata to revoke each one.

Unlimited token approvals are the #1 way DeFi wallets get drained — a single bad approve() lets a spender move your entire balance of that token, forever, in one transaction.

⚠️ Read-only risk screen, not financial advice. approval-guardian never holds a key and never moves funds. Revoking is a transaction you sign. Absence of findings is not proof of safety.

Why it exists (the moat)

To know what a wallet has approved, an agent that "just reads the chain" must:

Pull every ERC-20 Approval log the wallet ever emitted (paginated eth_getLogs with the right topic0 + owner topic, respecting per-RPC block-range caps).
For each (token, spender) pair, read the LIVE allowance() — because a later approve(0) or a spend may have changed it. Stale logs lie.
Read each token's decimals/symbol to turn a raw allowance into a human amount.
Classify the spender: is it a contract at all? a plain wallet (EOA)? an EIP-1967 upgradeable proxy whose code can be swapped behind your approval? a recognised router/permit/locker?
Score the blast radius and order the revokes.

approval-guardian batches all of that over public RPCs and returns one prioritized report. That live aggregation — not a static answer — is what an agent pays for.

Related MCP server: chain-signer

What it catches


♻️ Live allowances	only approvals with `allowance > 0` right now count — stale Approval logs are filtered out
👻 EOA spenders	approving a token to a plain wallet (not a contract) is the signature of a drainer phishing scam — flagged critical
♾️ Unlimited	infinite (`2^256-1` / `2^96-1`) allowances stay exploitable forever, in one call
🔗 Upgradeable	spender is an EIP-1967 proxy whose implementation can be replaced
✅ Known routers	recognises Uniswap / Permit2 / 1inch / 0x / PancakeSwap so you aren't scared off safe infra
🧾 Revoke calldata	every finding ships the exact `approve(spender, 0)` calldata to sign

Use as an MCP server (free)

{
  "mcpServers": {
    "approval-guardian": { "command": "npx", "args": ["-y", "approval-sentinel-mcp"] }
  }
}

Tools:

check_approvals — full approval-risk report. Params: chain, wallet, deep (optional, full history).
revoke_plan — just the ordered list of risky approvals + revoke calldata. Params: chain, wallet, minRisk.

Or connect over HTTP at POST /mcp.

Free HTTP API

GET /check?chain=base&wallet=0xYourWallet
GET /check?chain=ethereum&wallet=0x...

Returns the active approvals worst-first, each with revokeCalldata.

Pay-per-call (x402)

The /pro/* routes are gated by x402. Your agent pays $0.20 USDC per call automatically — no sign-up, no API key. The pro scan covers full on-chain history; settles on-chain (Base) to the operator wallet.

GET /pro/check?chain=base&wallet=0x...        # 402 → pay → deep report
GET /pro/revoke_plan?chain=base&wallet=0x...

Chains

Ethereum · Base · BSC · Polygon · Arbitrum — all via public, key-free RPCs.

Part of the guardian set

npm-guardian · contract-auditor · rug-check · approval-guardian

Source & docs: github.com/Baneado98/approval-guardian · MIT

Install Server

license - permissive license

quality

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Baneado98/approval-guardian'

If you have feedback or need assistance with the MCP directory API, please join our Discord server