-
Notifications
You must be signed in to change notification settings - Fork 0
Installation
dev-mondoshawan edited this page Jun 21, 2026
·
3 revisions
The agent is published on PyPI. Install it anywhere Python 3.11+ is available:
pip install mcpshield-agentThen configure and scan:
mcpshield configure --api-key YOUR_KEY --api-url https://your-instance
mcpshield scanTo run the backend and dashboard yourself you need:
- Python 3.11+
- Node.js 18+
- PostgreSQL 15+ (or SQLite for local development)
git clone https://github.com/RunTimeAdmin/MCPShield.git
cd MCPShield
# Generate a JWT secret (required — backend will not start without it)
export JWT_SECRET=$(python3 -c "import secrets; print(secrets.token_hex(32))")
# PowerShell: $env:JWT_SECRET = python -c "import secrets; print(secrets.token_hex(32))"
docker-compose up -dServices start at:
- Frontend → http://localhost:3000
- Backend API → http://localhost:8000
- API docs → http://localhost:8000/docs
Backend:
cd backend
python -m venv venv
source venv/bin/activate # macOS/Linux
.\venv\Scripts\activate # Windows
pip install -r requirements.txt
export JWT_SECRET=$(python3 -c "import secrets; print(secrets.token_hex(32))")
uvicorn app.main:app --reloadFrontend:
cd frontend
npm install
npm run dev| Variable | Default | Description |
|---|---|---|
JWT_SECRET |
Required | JWT signing key — generate with python -c "import secrets; print(secrets.token_hex(32))"
|
DATABASE_URL |
sqlite:///./mcpshield.db |
Database connection string |
ACCESS_TOKEN_EXPIRE_MINUTES |
30 |
JWT access token lifetime |
ALLOWED_ORIGINS |
http://localhost:3000 |
CORS allowed origins |
| Variable | Default | Description |
|---|---|---|
NEXT_PUBLIC_API_URL |
http://localhost:8000 |
Backend API URL |
- Open http://localhost:3000 and register an account
- Go to Settings → Agents and create an agent — copy the API key
mcpshield configure --api-key mcp_sk_YOUR_KEY --api-url http://localhost:8000mcpshield scan- View results in Dashboard → Servers
Getting Started
User Guide
Technical Reference