mcp-security-toolkit

by x0base

Overview Schema Related Servers Score Discussions

Python

Remote

interactsh_stop

Terminates a registered interactsh-client session and deletes its log file to clean up residual data.

Instructions

Stop a previously-registered interactsh-client session and clean up.

Terminates the spawned interactsh-client process (best-effort) and removes the session descriptor. The log file is removed by default (set delete_log=False to keep it for post-mortem).

Args: token: token returned by interactsh_register. delete_log: also remove the session log file (default True).

Returns: {"stopped": bool, "log_removed": bool, "note": str | None}

Input Schema

TableJSON Schema

Name	Required	Description	Default
`token`	Yes
`delete_log`	No

Implementation Reference

src/mcp_security_toolkit/tools/interactsh.py:299-352 (handler)

The core handler for the interactsh_stop tool. Validates token, reads the session file, sends SIGTERM to the process group, optionally deletes the log file (with path traversal protection), removes the session descriptor, and returns a status dict.

def interactsh_stop(token: str, delete_log: bool = True) -> dict:
    """Stop a previously-registered interactsh-client session and clean up.

    Terminates the spawned `interactsh-client` process (best-effort) and
    removes the session descriptor. The log file is removed by default
    (set `delete_log=False` to keep it for post-mortem).

    Args:
        token: token returned by `interactsh_register`.
        delete_log: also remove the session log file (default True).

    Returns:
        {"stopped": bool, "log_removed": bool, "note": str | None}
    """
    if not _validate_token(token):
        return {"error": "invalid token format (expected 12 hex chars from interactsh_register)"}

    sp = _session_path(token)
    if not sp.exists():
        return {"error": f"unknown token: {token}"}

    try:
        session = json.loads(sp.read_text())
    except (OSError, json.JSONDecodeError) as e:
        return {"error": f"failed to read session: {e}"}

    stopped = False
    pid = session.get("pid")
    if isinstance(pid, int) and pid > 0:
        try:
            os.killpg(os.getpgid(pid), signal.SIGTERM)
            stopped = True
        except (ProcessLookupError, PermissionError, OSError):
            stopped = False

    log_removed = False
    if delete_log:
        log = Path(session.get("log_path", ""))
        # Defense in depth: never unlink anything outside our sessions dir,
        # even if a tampered session descriptor points elsewhere.
        if log.exists() and _path_is_inside(log, SESSIONS_DIR):
            try:
                log.unlink()
                log_removed = True
            except OSError:
                log_removed = False

    sp.unlink(missing_ok=True)

    return {
        "stopped": stopped,
        "log_removed": log_removed,
        "note": None if stopped else "process already exited or no permission to signal",
    }

src/mcp_security_toolkit/server.py:36-36 (registration)
Registers interactsh_stop as an MCP tool on the FastMCP server.
```
mcp.tool()(interactsh.interactsh_stop)
```
src/mcp_security_toolkit/tools/interactsh.py:51-52 (helper)
Validates token format (12 hex characters) before stop processing.
```
def _validate_token(token: str) -> bool:
    return isinstance(token, str) and bool(TOKEN_REGEX.match(token))
```

src/mcp_security_toolkit/tools/interactsh.py:94-100 (helper)

Returns the filesystem path for a session descriptor JSON file.

def _session_path(token: str) -> Path:
    SESSIONS_DIR.mkdir(parents=True, exist_ok=True)
    try:
        os.chmod(SESSIONS_DIR, 0o700)
    except OSError:
        pass
    return SESSIONS_DIR / f"{token}.json"

src/mcp_security_toolkit/tools/interactsh.py:59-65 (helper)

Defense-in-depth check ensuring log deletion doesn't escape the sessions directory.

def _path_is_inside(child: Path, parent: Path) -> bool:
    """True iff resolved `child` is at or below resolved `parent`."""
    try:
        child.resolve().relative_to(parent.resolve())
        return True
    except (ValueError, OSError):
        return False

Tool Definition Quality

A4.8/5.0

Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, but description fully discloses behavior: terminates process, removes session descriptor, default log removal, best-effort nature, and return format.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Description is concise (two paragraphs) with no fluff. Well-structured: brief summary then detailed args/returns.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, description includes return values. All parameters and behavior documented. Sibling tools provide context. Complete for a clean-up tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema has 0% description coverage; description explains both parameters: token usage and delete_log default/behavior, adding essential meaning beyond schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action (stop), resource (interactsh-client session), and cleanup. It distinguishes from siblings like interactsh_register and interactsh_poll.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies when to use (after registration), but lacks explicit usage vs alternative tools. However, context from sibling names makes it clear.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/x0base/mcp-security-toolkit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server