JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 65
  • Score
    100M100P100Q100954F
  • License Apache-2.0

⚠️ Pre-release — wait for 1.0.0 before relying on this. Currently under active development; APIs and behaviour may change without notice. SPYS MCP client — local stdio bridge + reverse tunnel for AI-driven pentest tools (Claude Code, Cursor, etc).

Package Exports

  • @spys/mcp
  • @spys/mcp/dist/cli.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@spys/mcp) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@spys/mcp

⚠️ PRE-RELEASE — NOT YET FUNCTIONAL. Active development. Wait for 1.0.0 before installing — earlier versions (including this one) will not work end-to-end against production. Watch the npm page or the repo release feed for the 1.0.0 announcement.

MCP bridge to Spys.io — AI-native pentest toolkit with 90+ offensive security tools.

What it is

Connects your MCP-compatible AI client (Claude Desktop, Cursor, Cline, custom agents) to Spys.io infrastructure. Your agent gets access to a full pentest toolkit through a single MCP server.

Production-ready infrastructure for agentic pentesting: rewritten and enhanced versions of the tools red teamers actually use, plus custom-built tooling, paired with one of the largest curated knowledge bases of vulnerabilities, detection methodologies, and attack vectors. Built for AI agents from the ground up.

Zero setup — add the MCP, paste your token, start working. No local installs, no dependency hell, no environment juggling.

What's inside

  • 90+ tools covering recon, web exploitation, network attacks, AD, cloud, post-exploitation, and reporting
  • AI-augmented execution — AI works alongside each tool during runtime: refines parameters, recovers from errors, and optimizes results on the fly. Outputs are structured and agent-ready, no raw stdout parsing required.
  • Context-efficient discovery — semantic search over the toolset (1.5K tokens) instead of dumping all tools into context (20K tokens)
  • Actionable error responses — when something fails, the agent knows exactly what happened and what to do next. No guessing, no retry loops on vague "something went wrong" messages.
  • Rewritten & custom-built tools — standard offensive tooling (sqlmap, nuclei, ffuf, BloodHound, hashcat, etc.) rewritten for AI orchestration, plus proprietary tools built from scratch for capabilities you won't find elsewhere

Tool categories

Recon & OSINT · Network & ports · TLS & crypto · Web & HTTP · Injection & vuln scanning · Active Directory · Post-exploit & C2 · Cloud · SAST/SCA · Reporting · Knowledge base

First-time setup (one-time)

npx -y @spys/mcp login spys_<your-token>
sudo npx -y @spys/mcp install        # macOS / Linux — sudo prompt
                                     # Windows — UAC prompt instead

install puts a privileged service on your machine that owns a TUN device + NAT. Same one-time-elevation model as Tailscale, WireGuard, Mullvad. Daily use needs no further prompts.

Configure your MCP client

{
  "mcpServers": {
    "spys": {
      "command": "npx",
      "args": ["-y", "@spys/mcp", "mcp"]
    }
  }
}

Daily run is unprivileged: the mcp subcommand connects to the local service and pipes scan traffic out through your machine's network. The target sees your IP — never the SPYS server.

Supported platforms

Linux x64 / arm64 · macOS x64 / arm64 · Windows 10+ x64 / arm64.

Diagnostics

spys-mcp doctor       # token + endpoint + daemon health, JSON output
spys-mcp status       # current config
spys-mcp uninstall    # reverse install