-
Notifications
You must be signed in to change notification settings - Fork 0
Quick Start
Get MCPShield running in 5 minutes.
pip install mcpshield-agentThe quickest way is Docker Compose:
git clone https://github.com/RunTimeAdmin/MCPShield.git
cd MCPShield
export JWT_SECRET=$(python3 -c "import secrets; print(secrets.token_hex(32))")
docker-compose up -dOr run manually — see Installation for step-by-step instructions.
- Open http://localhost:3000
- Click Register
- Enter your email, password, and organization name
- Click Create Account — you're now in the dashboard
- Go to Settings → Agents
- Click Create Agent, give it a name (e.g. "My Laptop")
- Copy the API key — it starts with
mcp_sk_and is shown only once
Important: The API key is stored as a SHA-256 hash. If you lose it, delete the agent and create a new one.
mcpshield configure --api-key mcp_sk_YOUR_KEY --api-url http://localhost:8000Expected output:
Testing connection to http://localhost:8000...
Connected successfully!
Config saved.
mcpshield scanExpected output:
Scanning for MCP servers...
Found 3 servers:
- filesystem (stdio) MEDIUM 35
- postgres (stdio) HIGH 72
- github (stdio) LOW 18
Reported to MCPShield dashboard.
Go to Dashboard → Servers to see all discovered MCP servers with risk scores and details.
"JWT_SECRET environment variable is required" Set JWT_SECRET before starting the backend. See Installation for instructions.
"Invalid API key format"
API keys must start with mcp_sk_. Make sure you copied the full key from step 4.
"Connection refused" when configuring agent
The backend isn't running or the URL is wrong. Check with: curl http://localhost:8000/health
- Agent-Usage — All agent commands and options
- Risk-Scoring — How scores are calculated
- API-Reference — Integrate MCPShield into your own tooling
Getting Started
User Guide
Technical Reference