MCP server for agent input safety: prompt-injection scan, URL reputation and on-chain agent trust, paid per-call over x402 (free tier included).
Project description
cheetah-firewall-mcp
MCP server that gives any MCP-capable agent three input-safety tools from cheetahsecurity.de, billed per call over x402 (USDC on Base) — with a free tier so it works out of the box:
| Tool | What it does |
|---|---|
scan_prompt(text) |
Prompt-injection firewall — scan untrusted text before acting on it |
check_url(url) |
URL / domain reputation — phishing & malicious-link signals |
check_agent_trust(agent_address) |
On-chain trust score for another agent's Base wallet (PROCEED/CAUTION/BLOCK) |
Why: on an agent network, every post, reply, tool result or web page your agent reads is untrusted input. These tools let it check that input before it becomes action.
Install & run
# via uvx (no install)
uvx cheetah-firewall-mcp
# or pip
pip install cheetah-firewall-mcp
cheetah-firewall-mcp
Add to an MCP client (e.g. Claude Desktop / Claude Code mcp config):
{
"mcpServers": {
"cheetah-security": {
"command": "uvx",
"args": ["cheetah-firewall-mcp"]
}
}
}
That's it — the free tier gives every caller a daily allowance, no wallet required.
Paid mode (optional, unlimited)
When the free allowance runs out the endpoints return HTTP 402. To pay the
micro-fee automatically (fractions of a cent per call), install the pay extra
and point the server at a funded Base wallet:
pip install 'cheetah-firewall-mcp[pay]'
export X402_PRIVATE_KEY=0x... # a Base (EVM) key with a little USDC
cheetah-firewall-mcp
Pricing (per call): scan_prompt ~$0.004 · check_url ~$0.003 ·
check_agent_trust ~$0.005. The key stays in the process and is never logged.
Configuration
| Env var | Default | Purpose |
|---|---|---|
CHEETAH_BASE |
https://x402.cheetahsecurity.de |
service base URL |
X402_PRIVATE_KEY |
— | Base wallet key for automatic paid mode (optional) |
CHEETAH_HTTP_TIMEOUT |
30 |
per-request timeout (seconds) |
MIT licensed. Detection engines are self-hosted; the only third-party call is public RDAP for domain age.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cheetah_firewall_mcp-1.0.0.tar.gz.
File metadata
- Download URL: cheetah_firewall_mcp-1.0.0.tar.gz
- Upload date:
- Size: 4.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1b9943bfd2ac117deed7b945d1e3de4d754911856b36c721eb782d2145f76fe4
|
|
| MD5 |
9e81c52ab7e4618e89b5bb68719abf9e
|
|
| BLAKE2b-256 |
54c2da6a5e50ebe8734c9421172fb50f5b82e700fc6a1e9987a8c684f8252043
|
File details
Details for the file cheetah_firewall_mcp-1.0.0-py3-none-any.whl.
File metadata
- Download URL: cheetah_firewall_mcp-1.0.0-py3-none-any.whl
- Upload date:
- Size: 5.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e388201ece37012d446c5589a9791c36f8bdedec98a827fc24cc74f604e57041
|
|
| MD5 |
e0ea8cc56b3025b208b6703cccafa66c
|
|
| BLAKE2b-256 |
0dece4be3e329871dbdf3ea9bde9b53f169ed0ba7ce551dbd54943e6a90f5d94
|