barvhaim

barvhaim / HoneyMCP

Public

A Deception Security Layer for MCP Servers. It injects "ghost tools" (fake security-sensitive tools) that act as honeypots.

agentic-ai honeypot mcp-server
18
2
100% credibility
Found Feb 02, 2026 at 14 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

HoneyMCP adds deceptive fake tools to AI agent servers to detect and log malicious data theft or manipulation attempts.

How It Works

1
🛡️ Discover HoneyMCP

You hear about a smart guard that protects your AI helpers from sneaky thieves trying to steal secrets or trick them.

2
📦 Set it up easily

You add the guard to your setup with a quick install, like plugging in a new gadget.

3
✨ Turn on protection

With one simple line in your helper's instructions, invisible traps appear to catch bad guys without slowing anything down.

4
đź“Š Watch the dashboard

You open a live screen showing everything happening, feeling like a security boss.

5
🎣 Catch the attacks

Bad attempts trigger the traps, logging every sneaky move with full details.

âś… Stay safe and informed

Your AI helpers are now protected, with clear records of threats so you know exactly what's trying to happen.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 14 to 18 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is HoneyMCP?

HoneyMCP is a Python middleware that adds a deception security layer to MCP servers, injecting ghost tools—fake security-sensitive endpoints like credential dumpers or shell executors—that serve as honeypots for AI agents. It detects data exfiltration attempts and indirect prompt injections by logging full attack telemetry, including tool sequences and arguments, while legitimate tools run normally. One-line integration via FastMCP keeps your server transparent to attackers but captures high-fidelity evidence.

Why is it gaining traction?

In the cyber deception github scene, it stands out with LLM-generated, context-aware ghost tools tailored to your server's domain (e.g., database bypasses for DB tools), plus a live React dashboard and Slack alerts. Dual protection modes—immediate lockout or sustained fake data deception—offer flexibility beyond basic honeypots, making deception-based security practical for AI environments without heavy setup.

Who should use this?

MCP server builders exposing tools to untrusted AI agents, like Claude Desktop integrations or agentic workflows, will find it essential for spotting prompt injection or exfil risks. Security engineers at deception security vendors or teams implementing deception in information security for LLM pipelines should test it on prod-like demos.

Verdict

Worth a spin for early deception technology cyber security adopters—solid docs, CLI init, and demo servers make evaluation easy despite 18 stars and 1.0% credibility score signaling alpha maturity. Pair with FastMCP for quick wins, but monitor for edge cases in dynamic mode.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.