Shrike Security

Name: Shrike Security
Author: Shrike-Security

Shrike-Security/shrike-mcp

Run AI-agent-focused security checks—prompt injection, SQL injection, PII handling, and threat intel—from your coding agent before you ship.

Overview

Shrike Security is an MCP server for the Ship phase that scans AI agent integrations for prompt injection, SQL injection, PII isolation issues, and related threat intel.

What is this MCP server?

Prompt injection detection tailored to AI agent surfaces
SQL injection checks for data paths your agent touches
PII isolation analysis to reduce accidental exposure in tool outputs
Threat intelligence signals packaged for MCP via npx shrike-mcp (v1.1.1 stdio)
npm package shrike-mcp version 1.1.1
Documented capability areas: prompt injection, SQL injection, PII isolation, threat intel
stdio transport with npx runtime hint

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Community signal: 1 GitHub stars.

What problem does it solve?

Agent features introduce new attack surfaces, and solo builders lack a fast way to security-scan prompts, tools, and queries from inside the IDE.

Who is it for?

Solo developers shipping LLM agents, MCP tools, or RAG APIs who want automated security signals in the same session as code review.

Skip if: Non-AI CRUD apps with no model or tool calling, or teams that require a full SOC2-grade external pentest only.

What do I get? / Deliverables

After you add Shrike, your agent can surface injection, leakage, and threat findings during pre-ship security passes on agent code.

Security scan results for agent-facing code paths
Documented findings on injection, PII, and threat indicators
Pre-ship confidence pass integrated into agent-driven review

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Shrike belongs in Ship because it hardens agent-facing code and prompts right before release, not during initial idea research. Security is the canonical subphase for scanners that detect injection, data leakage, and threat patterns in agent integrations.

How it compares

Agent-focused security MCP scanner, not a general dependency CVE dashboard or hosting firewall.

Common Questions / FAQ

Who is Shrike Security for?

Builders shipping AI agents and MCP integrations who need prompt injection, SQLi, and PII checks callable from their coding agent.

When should I use Shrike Security?

Use it in Ship before release or after major agent/tool changes when you are reviewing security on branches and PRs.

How do I add Shrike Security to my agent?

Configure stdio MCP with npx and package shrike-mcp per server metadata, then run scans from your MCP-enabled client during review.