Metadata-Version: 2.4
Name: unplug-mcp
Version: 0.1.1
Summary: MCP server for Unplug — LLM defense layer for Claude Code, Cursor, and more
Project-URL: Homepage, https://unplug-ai.org
Project-URL: Repository, https://github.com/UnplugAI/unplug-mcp
Project-URL: Issues, https://github.com/UnplugAI/unplug-mcp/issues
Project-URL: Documentation, https://github.com/UnplugAI/unplug-mcp#readme
Author: Chirag Gupta
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: ai-safety,claude,cursor,guardrails,llm,mcp,prompt-injection
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Topic :: Security
Requires-Python: >=3.11
Requires-Dist: mcp>=1.0
Requires-Dist: unplug-ai>=0.3.1
Provides-Extra: agent
Requires-Dist: httpx>=0.27; extra == 'agent'
Requires-Dist: unplug-ai[ml]; extra == 'agent'
Provides-Extra: dev
Requires-Dist: httpx>=0.27; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.4; extra == 'dev'
Requires-Dist: unplug-ai[ml]; extra == 'dev'
Provides-Extra: ml
Requires-Dist: unplug-ai[ml]; extra == 'ml'
Description-Content-Type: text/markdown

# Unplug MCP

Model Context Protocol server for [Unplug](https://github.com/UnplugAI/Unplug) — LLM defense layer.

Integrates with Claude Code, Cursor, Windsurf, and any MCP-compatible client.

## Installation

```bash
pip install unplug-mcp "unplug-ai>=0.3.0"
```

Optional ML span scanner:

```bash
pip install unplug-mcp "unplug-ai[ml]>=0.3.0"
```

## Usage

### Local mode (default)

Add to your MCP client configuration:

**Cursor** — `.cursor/mcp.json` or Settings → MCP:

```json
{
  "mcpServers": {
    "unplug": {
      "command": "unplug-mcp",
      "args": []
    }
  }
}
```

**Claude Desktop** — `claude_desktop_config.json`:

```json
{
  "mcpServers": {
    "unplug": {
      "command": "unplug-mcp",
      "args": []
    }
  }
}
```

### Hosted server mode

Point at your Unplug API (same wire format as `Guard(mode="server")`):

```json
{
  "mcpServers": {
    "unplug": {
      "command": "unplug-mcp",
      "env": {
        "UNPLUG_MODE": "server",
        "UNPLUG_SERVER_URL": "https://api.example.com",
        "UNPLUG_API_KEY": "up_live_xxx"
      }
    }
  }
}
```

## Tools

| Tool | Purpose |
|------|---------|
| `scan_text` | Scan user or retrieved content for injection/leakage |
| `scan_tool_result` | Scan tool output before the agent reads it |
| `check_destructive` | Gate side-effect tool calls |
| `wrap_untrusted_content` | Boundary markers + scan for RAG/web content |
| `session_status` | Session taint state for agent hardening |

## CI

- `ci.yml` — lint + pytest against PyPI `unplug-ai`
- `pr-scan.yml` — regex Guard scan on changed agent/MCP config files (via `unplug-scan-pr`)

## Development

```bash
uv sync --extra dev
uv run pytest -q
uv run unplug-mcp
```

Local SDK path override (monorepo): `tool.uv.sources` in `pyproject.toml`.
