ghostprobe

joemunene-by/ghostprobe

★ 0 stars Python AI/LLM Updated today

Dynamic red-team probe for MCP servers, mapped to the OWASP MCP Top 10. Finds tool poisoning, hidden-instruction smuggling, and lethal-trifecta exposure.

View on GitHub → Try with Claude — $10 free →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "ghostprobe": {
      "command": "uvx",
      "args": [
        "ghostprobe"
      ]
    }
  }
}

Or install with pip: pip install ghostprobe

README Excerpt

A dynamic red-team probe for **Model Context Protocol (MCP) servers**, mapped to the [OWASP MCP Top 10](https://owasp.org/www-project-mcp-top-10/). Point it at a server (or a saved `tools/list` dump) and it finds the things that actually get agents owned: **tool poisoning**, hidden-instruction smuggling, dangerous capabilities, and the **lethal trifecta** that turns a single prompt injection into a data leak.

ghostprobe

Quick Install

README Excerpt

Related AI/LLM Servers