Teeshield

v1.0.0Securitystable

Static security linter for MCP servers. Scans tool definitions for vulnerabilities (path traversal, SQL injection, SSRF), scores description quality, and auto-rewrites descriptions for safer agent tool selection.

ai-securitymcpmcp-servermcp-toolstool-safety
Share:
9
Stars
0
Downloads
0
Weekly
0/5

What is Teeshield?

Teeshield is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to static security linter for mcp servers. scans tool definitions for vulnerabilities (path traversal, sql injection, ssrf), scores description quality, and auto-rewrites descriptions for safer agent too...

Static security linter for MCP servers. Scans tool definitions for vulnerabilities (path traversal, SQL injection, SSRF), scores description quality, and auto-rewrites descriptions for safer agent tool selection.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Static security linter for MCP servers. Scans tool definitio

Use Cases

Scan MCP servers for security vulnerabilities in tool definitions.
Auto-rewrite tool descriptions for safer agent decision-making.
teehooai

Maintainer

LicenseMIT License
Languagepython
Versionv1.0.0
UpdatedApr 20, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx teeshield

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Teeshield

Teeshield (published as the spidershield package) is a static security linter and runtime guard for MCP servers. It scans tool definitions for path traversal, SQL injection, and SSRF vulnerabilities, scores description quality on an A–F scale, and can automatically rewrite unsafe tool descriptions. It also ships a Python SDK for embedding policy enforcement directly into MCP server code.

Prerequisites

  • Python 3.11 or later
  • pip package manager
  • An MCP server project whose tool definitions you want to audit
  • Optional: ANTHROPIC_API_KEY for LLM-powered description rewrites
1

Install spidershield

Install the package from PyPI. Python 3.11+ is required.

pip install spidershield
2

Scan an MCP server project

Run the scan command against your server directory. It scores tool descriptions, detects code vulnerabilities, and outputs an overall quality grade.

spidershield scan ./my-mcp-server
3

Auto-rewrite unsafe tool descriptions

Use the rewrite command to automatically improve tool descriptions flagged by the scanner. Set ANTHROPIC_API_KEY for higher-quality LLM-assisted rewrites.

export ANTHROPIC_API_KEY="sk-ant-..."
spidershield rewrite ./my-mcp-server
4

Run the agent security check

The agent-check command audits all installed MCP servers on the current machine for known security issues.

spidershield agent-check .
5

Wrap a server with the runtime proxy guard

Use the proxy or guard subcommands to run your MCP server behind a security enforcement layer that intercepts tool calls at runtime.

# Proxy mode (passthrough with filtering)
spidershield proxy -- python -m my_mcp_server

# Guard mode (subprocess enforcement)
spidershield guard -- node dist/server.js
6

Embed the SpiderGuard SDK in your server

Import SpiderGuard into your MCP server code to enforce per-call security policies programmatically.

from spidershield import SpiderGuard, Decision

guard = SpiderGuard(
    policy="balanced",
    audit=True,
    audit_dir="./logs",
    dlp="redact"
)

result = guard.check("read_file", {"path": "/etc/passwd"})
if result.decision == Decision.DENY:
    raise PermissionError(result.reason)

Teeshield Examples

Client configuration

Run spidershield as a guard wrapping your existing MCP server process inside Claude Desktop.

{
  "mcpServers": {
    "guarded-server": {
      "command": "spidershield",
      "args": ["proxy", "--", "python", "-m", "my_mcp_server"]
    }
  }
}

Prompts to try

Example prompts for using spidershield scan results inside Claude.

- "Scan the MCP servers in ./servers and list all critical vulnerabilities"
- "Rewrite the tool descriptions in my server project to improve the security score"
- "Check all installed MCP agent tools for path traversal risks"
- "What is the current security grade of my MCP server tool definitions?"

Troubleshooting Teeshield

spidershield command not found after pip install

Confirm the pip install target is on your PATH. Run python -m spidershield scan . as an alternative, or activate the virtual environment where spidershield was installed.

LLM-powered rewrites produce generic output

Set ANTHROPIC_API_KEY in your environment before running spidershield rewrite. Without it the tool falls back to rule-based rewrites which are less context-aware.

Scan reports false positives on safe tool descriptions

Switch to the permissive policy preset (spidershield scan --policy permissive) or create a custom YAML policy file and load it with --policy ./my-policy.yaml to tune detection thresholds.

Frequently Asked Questions about Teeshield

What is Teeshield?

Teeshield is a Model Context Protocol (MCP) server that static security linter for mcp servers. scans tool definitions for vulnerabilities (path traversal, sql injection, ssrf), scores description quality, and auto-rewrites descriptions for safer agent tool selection. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Teeshield?

Follow the installation instructions on the Teeshield GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Teeshield?

Teeshield works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Teeshield free to use?

Yes, Teeshield is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.

Teeshield Alternatives — Similar Security Servers

Looking for alternatives to Teeshield? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "teeshield": { "command": "npx", "args": ["-y", "teeshield"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Teeshield?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides