# Shield Protect digital identities and infrastructure by scanning for data breaches, malicious URLs, and compromised credentials. Secure interactions by detecting prompt injection attacks and evaluating plug… ## Quick Start ```bash # Connect this server (installs CLI if needed) npx -y @smithery/cli@latest mcp add ShieldAPI/shieldapi-mcp # Browse available tools npx -y @smithery/cli@latest tool list ShieldAPI/shieldapi-mcp # Get full schema for a tool npx -y @smithery/cli@latest tool get ShieldAPI/shieldapi-mcp shieldapi.check_password # Call a tool npx -y @smithery/cli@latest tool call ShieldAPI/shieldapi-mcp shieldapi.check_password '{}' ``` ## Direct MCP Connection Endpoint: `https://shieldapi-mcp--shieldapi.run.tools` **Optional config:** - `shieldapiUrl` (query) — ShieldAPI server URL - `walletPrivateKey` (query) — Wallet private key for x402 USDC payments. Without this, runs in free/demo mode (3 calls/day). ## Tools (9) - `shieldapi.check_password` — Check if a password has been exposed in data breaches (900M+ HIBP hashes). Returns breach count and exposure status. - `shieldapi.check_password_range` — k-Anonymity password range lookup via HIBP. Returns all matching hash suffixes and their breach counts for the given 5-… - `shieldapi.check_email` — Check if an email has been exposed in known data breaches. Returns breach list, dates, and compromised data types. - `shieldapi.check_domain` — Analyze domain reputation: DNS records, blacklist status (Spamhaus, SpamCop, SORBS), SPF/DMARC configuration, and SSL c… - `shieldapi.check_ip` — Analyze IP reputation: blacklist presence, Tor exit node detection, reverse DNS, and geolocation data. - `shieldapi.check_url` — Scan a URL for phishing, malware, and brand impersonation. Uses URLhaus database and heuristic analysis. - `shieldapi.full_scan` — Comprehensive security scan that auto-detects the target type (URL, domain, IP, or email) and runs all applicable check… - `shieldapi.check_prompt` — Detect prompt injection attacks in text. Scans for 200+ patterns across 8 categories including encoding tricks, multi-l… - `shieldapi.scan_skill` — Scan an AI skill/plugin for supply chain risks across 8 categories based on Snyk ToxicSkills taxonomy: data exfiltratio… ```bash # Get full input/output schema for a tool npx -y @smithery/cli@latest tool get ShieldAPI/shieldapi-mcp ``` ## Prompts (2) - `security_assessment` (target, depth) — Run a comprehensive security assessment on a target (URL, domain, IP, or email). Uses multiple ShieldAPI tools to build… - `quick_check` (input) — Auto-detect the input type and run the appropriate security check. Accepts any URL, domain, IP, email, password hash, o…