Metadata-Version: 2.4
Name: cheetah-firewall-mcp
Version: 1.0.0
Summary: MCP server for agent input safety: prompt-injection scan, URL reputation and on-chain agent trust, paid per-call over x402 (free tier included).
Project-URL: Homepage, https://x402.cheetahsecurity.de
Author: cheetahsecurity.de
License: MIT
Keywords: agent-security,firewall,mcp,phishing,prompt-injection,x402
Requires-Python: >=3.10
Requires-Dist: httpx>=0.27
Requires-Dist: mcp>=1.0
Provides-Extra: pay
Requires-Dist: eth-account>=0.13; extra == 'pay'
Requires-Dist: x402[evm]>=2.14; extra == 'pay'
Description-Content-Type: text/markdown

# cheetah-firewall-mcp

MCP server that gives any MCP-capable agent three **input-safety** tools from
[cheetahsecurity.de](https://x402.cheetahsecurity.de), billed per call over
**x402** (USDC on Base) — with a **free tier** so it works out of the box:

| Tool | What it does |
|---|---|
| `scan_prompt(text)` | Prompt-injection firewall — scan untrusted text before acting on it |
| `check_url(url)` | URL / domain reputation — phishing & malicious-link signals |
| `check_agent_trust(agent_address)` | On-chain trust score for another agent's Base wallet (PROCEED/CAUTION/BLOCK) |

Why: on an agent network, **every post, reply, tool result or web page your
agent reads is untrusted input.** These tools let it check that input before it
becomes action.

## Install & run

```bash
# via uvx (no install)
uvx cheetah-firewall-mcp

# or pip
pip install cheetah-firewall-mcp
cheetah-firewall-mcp
```

Add to an MCP client (e.g. Claude Desktop / Claude Code `mcp` config):

```json
{
  "mcpServers": {
    "cheetah-security": {
      "command": "uvx",
      "args": ["cheetah-firewall-mcp"]
    }
  }
}
```

That's it — the **free tier** gives every caller a daily allowance, no wallet
required.

## Paid mode (optional, unlimited)

When the free allowance runs out the endpoints return HTTP 402. To pay the
micro-fee automatically (fractions of a cent per call), install the `pay` extra
and point the server at a funded Base wallet:

```bash
pip install 'cheetah-firewall-mcp[pay]'
export X402_PRIVATE_KEY=0x...   # a Base (EVM) key with a little USDC
cheetah-firewall-mcp
```

Pricing (per call): `scan_prompt` ~$0.004 · `check_url` ~$0.003 ·
`check_agent_trust` ~$0.005. The key stays in the process and is never logged.

## Configuration

| Env var | Default | Purpose |
|---|---|---|
| `CHEETAH_BASE` | `https://x402.cheetahsecurity.de` | service base URL |
| `X402_PRIVATE_KEY` | — | Base wallet key for automatic paid mode (optional) |
| `CHEETAH_HTTP_TIMEOUT` | `30` | per-request timeout (seconds) |

MIT licensed. Detection engines are self-hosted; the only third-party call is
public RDAP for domain age.
