Skip to content
ANTHRIONANTHRION
Launch App

MCP server

The ANTHRION MCP server exposes scanning to AI agents over the Model Context Protocol. An agent launches the server as a local subprocess and calls its tools — the same scan engine the dashboard and REST API use, presented as agent tools.

  • Transport — stdio (the agent runs the server as a subprocess). The server makes only outbound HTTPS calls to api.anthrion.xyz; it opens no port and holds no wallet keys.
  • Auth — your ANTHRION session token (Bearer) in the ANTHRION_API_TOKEN environment variable. (Long-lived machine API keys are for the REST API and CI/CD; a machine key for the MCP server is on the roadmap.)

Tools

verify_x402_endpoint

Inspect a paid (x402) endpoint and return a trust score (0–100) plus protocol red flags, so an agent can decide whether an endpoint is safe to pay before paying it. Read-only.

| Input | Type | Notes | |---|---|---| | url | string (URL) | The x402 endpoint to inspect |

scan_ai_llm

Red-team an AI agent / LLM for prompt injection, jailbreaks, system-prompt leakage and unsafe behavior.

| Input | Type | Notes | |---|---|---| | target_type | "endpoint" | "system_prompt" | What to scan | | endpoint_url | string (URL) | Required when target_type=endpoint (OpenAI-compatible chat URL) | | model | string | Optional model identifier for the target endpoint | | endpoint_auth_token | string | Optional bearer token if the target endpoint needs auth | | system_prompt | string | Required when target_type=system_prompt | | x402_payment | string | A signed x402 authorization, on a paid retry (see below) |

Autonomous payment (x402)

When a scan requires payment, the tool returns payment_required together with the payment options (accepts). The agent — which holds the wallet — builds and signs an x402 payment, then re-invokes the same tool with x402_payment set. The server relays that authorization upstream; it never holds keys and never builds a payment itself.

During launch, scans are free, so this path stays dormant — but it is wired, so the agent-pays-autonomously model works the moment pricing is enabled.

Note

The MCP server is a thin wrapper: every tool maps to a scan the REST API already exposes. Nothing about the engine, its prompts or its infrastructure is revealed to the agent.