siege

AlexlaGuardia/siege

★ 0 stars Python Security Updated today

Runtime red-team harness for live MCP servers. Attacks as real roles to find authz/RBAC bypasses a static manifest scan can't see. The offense leg of an agent-governance suite (Warden governs, Crumb attributes, Siege proves it holds).

View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "siege": {
      "command": "uvx",
      "args": [
        "siege"
      ]
    }
  }
}

Or install with pip: pip install siege

README Excerpt

**A runtime red-team harness for live MCP servers.** Point it at a running server, it attacks as real roles, and it hands back the findings a static scanner can't see — because the bug isn't in the manifest, it's in how the server behaves when you actually exercise it. Siege is the offense leg of an agent-governance suite: **[Warden](https://warden.alexlaguardia.dev)

Topics

ai-agentsai-securityllm-securitymcpmodel-context-protocolrbacred-teamsecurity-tools

siege

Quick Install

README Excerpt

Topics

Related Security Servers