Skip to content

Agent Usage

Jump to bottom
dev-mondoshawan edited this page Jun 21, 2026 · 2 revisions

Agent Usage

The MCPShield agent is a Python CLI tool that scans your machine for MCP server configurations and reports them to the central dashboard.

Installation

pip install mcpshield-agent

Verify:

mcpshield --version

Commands

configure — Set up API credentials

mcpshield configure --api-key mcp_sk_YOUR_KEY --api-url https://your-instance

Stores credentials locally. See Configuration File Locations below.

scan — Discover and report MCP servers

mcpshield scan

Scans all known MCP config paths, calculates risk scores locally, and reports results to the dashboard.

Dry run (scan without sending data):

mcpshield scan --dry-run

Generate a local report file:

mcpshield scan --report

status — Check agent configuration

mcpshield status

Shows current API URL, key status, and last scan time.

list — List discovered servers locally

mcpshield list

Displays servers found in the last scan without hitting the API.

Configuration File Locations

OS Path
Windows %LOCALAPPDATA%\MCPShield\config.json
macOS ~/Library/Application Support/MCPShield/config.json
Linux ~/.config/mcpshield/config.json

Scanned MCP Config Paths

Windows

  • %APPDATA%\Claude\claude_desktop_config.json
  • %APPDATA%\Cursor\User\globalStorage\saoudrizwan.claude-dev\settings\cline_mcp_settings.json
  • %APPDATA%\Windsurf\mcp_settings.json

macOS

  • ~/Library/Application Support/Claude/claude_desktop_config.json
  • ~/.cursor/mcp.json

Linux

  • ~/.config/Claude/claude_desktop_config.json
  • ~/.config/cursor/mcp.json

Example Output

Scanning for MCP servers...

MCP Servers Found:
┌────────────┬─────────────────────────────────────────┬──────────┬───────┐
│ Name       │ Type                                    │ Risk     │ Score │
├────────────┼─────────────────────────────────────────┼──────────┼───────┤
│ postgres   │ unknown                                 │ critical │ 85    │
│ filesystem │ @modelcontextprotocol/server-filesystem │ medium   │ 35    │
│ github     │ @modelcontextprotocol/server-github     │ low      │ 18    │
└────────────┴─────────────────────────────────────────┴──────────┴───────┘

Reported to MCPShield dashboard.

Privacy

The agent captures environment variable names only — values and secrets are never transmitted. Credential detection works by matching variable name patterns (e.g. DATABASE_URL, POSTGRES_PASSWORD) — not by reading their contents.

MCPShield Wiki

Getting Started

User Guide

Technical Reference

Clone this wiki locally