Developer docs

Developer Documentation

Scan, trap, and monitor agent workflows with Decoy. Ship the first tripwire in minutes — no infrastructure, no agents to install.

Install the CLI, run your first scan, and deploy a tripwire in under five minutes.

Every endpoint, every webhook payload, every MCP tool surface. Ready for integration.

Core products

The four surfaces Decoy ships across the agent lifecycle.

Audit every MCP server on your machine with 50+ security checks.

Decoy tools that only a compromised agent would ever call.

Give your agent MCP access to Decoy's threat intelligence.

Prompt injection and jailbreak testing across every agent.

CLIs, CI integrations, and machine-readable outputs.

Run scans locally — the workflow used in CI.

Drop Decoy into PR checks with two lines of YAML.

Emit scan findings as SARIF for GitHub code scanning.