How do I install MCP-Dandan - MCP Security Framework?

Install MCP-Dandan - MCP Security Framework with a single command: npx mdskills install 82ch/mcp-dandan. This downloads the skill files into your project and your AI agent picks them up automatically.

What platforms support MCP-Dandan - MCP Security Framework?

MCP-Dandan - MCP Security Framework works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Gemini Cli, Amp, Roo Code, Goose. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

← Back to MCP servers

MCP-Dandan - MCP Security Framework

Name: MCP-Dandan - MCP Security Framework: AI Agent Skill
Rating: 8 (1 reviews)
Author: 82ch

Verified

MCP ServerSecurityIntermediate

MCP-Dandan is an integrated monitoring service that observes MCP (Model Context Protocol) communications and detects security threats in real time. It features a modern desktop UI built with Electron for easy monitoring and management. Currently, MCP-Dandan is listed in well-known MCP-related open-source collections and can be found in the following repositories: - Awesome MCP Servers – Security -

by @82ch0Updated 1 weeks ago

Add this skill

npx mdskills install 82ch/mcp-dandan

Fork & Edit

Skill Advisor8.0

Comprehensive MCP security framework with multi-engine threat detection and real-time monitoring UI

+Implements five distinct security engines covering injection, PII, exfiltration, and tool poisoning
+Provides cross-platform Electron desktop UI with interactive tutorial and real-time blocking
+Documents installation clearly with npm scripts for unified dependency management
-Lacks configuration examples for MCP client integration and proxy setup
-Does not specify network port requirements or firewall considerations for monitoring

SKILL.md

Edit in Browser

1# MCP-Dandan - MCP Security Framework
2<p align="center">
3  <a href="LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="License"></a>
4  <img src="https://img.shields.io/badge/python-3.8+-blue.svg" alt="Python">
5  <img src="https://img.shields.io/badge/electron-35+-green.svg" alt="Electron">
6</p>
7<p align="center">
8  <img width="124" height="124" alt="image" src="https://github.com/user-attachments/assets/679e148e-b328-4ebe-b301-d8c17f7e4e93" />
9 
10</p>
11<p align="center">MCP-Dandan</p>
12 
13 
14 
15## Overview
16 
17MCP-Dandan is an integrated monitoring service that observes MCP (Model Context Protocol) communications and detects security threats in real time. It features a modern desktop UI built with Electron for easy monitoring and management.
18 
19Currently, MCP-Dandan is listed in **well-known MCP-related open-source collections** and can be found in the following repositories:
20- [Awesome MCP Servers – Security](https://github.com/punkpeye/awesome-mcp-servers?tab=readme-ov-file#security)
21- [Awesome MCP Security – Tools & Code](https://github.com/Puliczek/awesome-mcp-security?tab=readme-ov-file#%E2%80%8D-tools-and-code)
22 
23 
24 
25https://github.com/user-attachments/assets/928686ab-a5aa-4486-8d8e-d4a9592adc3e
26 
27 
28## Features
29 
30- **Real-time MCP Traffic Monitoring**: Intercepts and analyzes MCP communications
31- **Multi-Engine Threat Detection**:
32  - Command Injection Detection
33  - File System Exposure Detection
34  - PII Leak Detection(custom rules supported)
35  - Data Exfiltration Detection
36  - Tools Poisoning Detection (LLM-based)
37- **Desktop UI**: Electron-based application with interactive dashboard
38- **Interactive Tutorial**: Built-in tutorial system for new users
39- **Blocking Capabilities**: Real-time threat blocking with user control
40- **Cross-Platform**: Supports Windows, macOS, and Linux
41 
42## Quick Start
43### Installation
44 
45```bash
46# Clone the repository
47git clone https://github.com/82ch/MCP-Dandan.git
48cd MCP-Dandan
49 
50# Install all dependencies (Python + Node.js)
51npm run install-all
52```
53 
54### Running the Application
55 
56```bash
57# Start both server and desktop UI
58npm run dev
59```
60 
61The server will start on `http://127.0.0.1:8282` and the Electron desktop app will launch automatically.
62 
63## Project Structure
64<img width="4726" height="4052" alt="image" src="https://github.com/user-attachments/assets/b37e688a-71a2-499b-b6be-45b3bd6ac6d4" />
65 
66 
67 
68 
69## Detection Engines
70 
71### 1. Command Injection Engine
72Identifies potential command injection patterns in tool calls.
73 
74### 2. File System Exposure Engine
75Monitors unauthorized file system access attempts.
76 
77### 3. PII Leak Engine (custom rules supported)
78Detects potential PII leakage with built-in rules and optional user-defined customization.
79 
80### 4. Data Exfiltration Engine
81Identifies suspicious data transfer patterns.
82 
83### 5. Tools Poisoning Engine (LLM-based)
84Uses semantic analysis to detect misuse of MCP tools:
85- Compares tool specifications vs actual usage
86- Scores alignment (0-100) with detailed breakdown
87- Auto-categorizes severity: none/low/medium/high
88 
89### Engine Setting
90<p align="center">
91</p>
92 
93https://github.com/user-attachments/assets/3d6f2304-0a6b-492e-9f2d-bba76df98b4c
94 
95 
96<p align="center">
97Input your <b>MISTRAL_API_KEY</b> to enable the Tools Poisoning Engine, and configure detection settings as needed.
98</p>
99 
100 
101## Desktop UI Features
102 
103- **Real-time Dashboard**: Monitor MCP traffic and threats in real time
104- **Interactive Tutorial**: Learn how to use the system with step-by-step guides
105- **Blocking Interface**: Review and control threat blocking actions
106- **Settings Panel**: Configure detection engines and system behavior
107- **Chat Panel**: Interact with the system and view logs
108 
109https://github.com/user-attachments/assets/19bcbdfb-c893-468d-a8a6-1c7b70a1c7b7
110 
111> ## Full Documentation  
112> For detailed explanations and technical documentation, please refer to the  
113> **[MCP-Dandan Wiki](https://github.com/82ch/MCP-Dandan/wiki)**.
114>
115> **Have questions or suggestions?**  
116> Please visit the **[Discussions](https://github.com/82ch/MCP-Dandan/discussions)** tab.
117 
118 
119 
120

Full transparency — inspect the skill content before installing.