From 8e3120c90d729e709e3abf5f949722a34f68ed12 Mon Sep 17 00:00:00 2001 From: Yash Dhawan Date: Fri, 15 May 2026 10:25:06 +0530 Subject: [PATCH] document Claude MCP usage in README Closes #193 Expands the MCP server section with: - what tools are exposed and what each one does - step-by-step Claude Desktop setup - the three built-in prompt templates and when to use them - a short example conversation showing natural-language scan control - Claude Code CLI setup for terminal-based workflows --- Readme.md | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/Readme.md b/Readme.md index 97efb9c..121a6ff 100644 --- a/Readme.md +++ b/Readme.md @@ -403,6 +403,10 @@ The `Module` class is designed to manage prompt processing and interaction with ## MCP server +The Agentic Security MCP server exposes the scanner's REST API as callable tools and reusable prompt templates, so any MCP-compatible client (Claude Desktop, Claude Code, custom agents) can drive security scans through natural language. + +### Installation + ```shell pip install -U mcp @@ -410,6 +414,55 @@ pip install -U mcp mcp install agentic_security/mcp/main.py ``` +### Using with Claude Desktop + +1. Start the Agentic Security FastAPI server (default port `8718`): + + ```shell + poetry run agentic_security + ``` + +2. Install the MCP server into Claude Desktop: + + ```shell + mcp install agentic_security/mcp/main.py --name "Agentic Security" + ``` + +3. Open Claude Desktop — the following **tools** are now available: + + | Tool | Description | + |---|---| + | `start_scan` | Launch a security scan against an LLM spec | + | `stop_scan` | Halt an in-progress scan | + | `verify_llm` | Check that an LLM spec is reachable | + | `get_data_config` | Retrieve the current dataset configuration | + | `get_spec_templates` | List available LLM spec templates | + +4. Or kick off a scan using one of the built-in **prompt templates**: + + - **`security_scan_prompt`** — runs a full scan with a configurable probe budget + - **`verify_llm_prompt`** — confirms a spec is reachable before committing to a scan + - **`adversarial_probe_prompt`** — enables multi-step attacks and asks Claude to summarise the worst findings + +### Example conversation with Claude + +``` +You: Use the security_scan_prompt for spec "openai/gpt-4o" with a budget of 500 probes. + +Claude: I'll kick off the scan now. Starting with verify_llm to confirm the spec is + reachable, then launching start_scan with maxBudget=500... +``` + +### Using with Claude Code (CLI) + +```shell +# Add to your project's MCP config +claude mcp add agentic-security -- python agentic_security/mcp/main.py + +# Then interact inline +claude "Run a quick adversarial probe against my local LLM at http://localhost:8080/v1" +``` + ## Documentation For more detailed information on how to use Agentic Security, including advanced features and customization options, please refer to the official documentation.