Introduction

Decoy is a security platform for AI agents and MCP servers. It ships three surfaces you compose to fit your stack: a static scanner, runtime tripwires, and an MCP-native threat intelligence service.

This guide gets you from zero to a working scan and deployed tripwire. If you'd rather browse by product, head to the product overview.

Install the CLI

Decoy ships as a zero-dependency npx-runnable binary — no global install, no daemon, nothing to uninstall later.

npx decoy-scan

On first run, the CLI discovers every MCP server configured on your machine (Claude Desktop, Cursor, VS Code, and more) and runs the full check suite against each one.

Run a scan

decoy-scan exits 0 on clean runs, 1 on high-risk findings, and 2 on critical or poisoning findings. Drop it into CI without any extra glue.

Deploy a tripwire

Tripwires are decoy tools your agent never needs to call — but a prompt injection almost always will. Any invocation gets captured, attributed to the offending prompt, and surfaced in the Decoy console.

See the Tripwire overview for the trigger model and a walkthrough of the default tool set.

Where to next

• Decoy Scan — CLI configuration, CI patterns, SARIF
• Decoy Tripwire — tool catalog, telemetry shape
• Decoy Guard — MCP server, API, webhooks