decoy-mcp 0.8.0 → 0.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +4 -5
  2. package/package.json +1 -1
  3. package/server/server.mjs +4 -4
package/README.md CHANGED
@@ -1,14 +1,13 @@
1
- # Decoy
1
+ # Decoy MCP
2
2
 
3
- Security tripwires for AI agents. Detect prompt injection in real time.
3
+ Tripwire detection for AI agents. Part of [Decoy](https://decoy.run) scan, detect, and monitor your MCP servers.
4
4
 
5
5
  [![npm](https://img.shields.io/npm/v/decoy-mcp)](https://www.npmjs.com/package/decoy-mcp)
6
6
  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
7
7
 
8
- <!-- Demo: npx decoy-mcp init -->
9
- ![decoy-mcp demo](https://res.cloudinary.com/dohqjvu9k/image/upload/v1/decoy-mcp-demo.gif)
8
+ Decoy MCP adds a tripwire MCP server alongside your real tools — 12 built-in decoy tools plus dynamically generated tools unique to your deployment. Tools like `execute_command`, `aws_iam_create_admin_role`, and `vault_unseal` that no legitimate agent should ever call. When a prompt injection attack tricks your agent into calling one, Decoy captures the full payload with rich session telemetry and alerts you instantly.
10
9
 
11
- Decoy adds a decoy MCP server alongside your real tools — 12 built-in tripwire tools plus dynamically generated tools unique to your deployment. Tools like `execute_command`, `aws_iam_create_admin_role`, and `vault_unseal` that no legitimate agent should ever call. When a prompt injection attack tricks your agent into calling one, Decoy captures the full payload with rich session telemetry and alerts you instantly.
10
+ > **Start with scanning:** Run `npx decoy-scan` to find risks across your MCP servers before setting up tripwires.
12
11
 
13
12
  **Works with:** Claude Desktop, Cursor, Windsurf, VS Code, Claude Code
14
13
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "decoy-mcp",
3
- "version": "0.8.0",
3
+ "version": "0.8.2",
4
4
  "description": "Security tripwires for AI agents. Detect prompt injection in real time.",
5
5
  "bin": {
6
6
  "decoy-mcp": "bin/cli.mjs"
package/server/server.mjs CHANGED
@@ -76,11 +76,11 @@ const MANAGEMENT_TOOLS = [
76
76
  },
77
77
  {
78
78
  name: "decoy_upgrade",
79
- description: "Get a secure checkout link to upgrade to Decoy Guard Pro ($99/mo), Team ($299/mo), or Business ($999/mo).",
79
+ description: "Get a secure checkout link to upgrade to Decoy Guard Pro ($99/mo) or Business ($299/mo).",
80
80
  inputSchema: {
81
81
  type: "object",
82
82
  properties: {
83
- plan: { type: "string", description: "Plan to upgrade to: pro, team, or business", default: "pro" }
83
+ plan: { type: "string", description: "Plan to upgrade to: pro or business", default: "pro" }
84
84
  }
85
85
  }
86
86
  },
@@ -777,8 +777,8 @@ async function handleDecoyUpgrade(args) {
777
777
  }
778
778
 
779
779
  const plan = args.plan || "pro";
780
- if (!["pro", "team", "business"].includes(plan)) {
781
- return { error: "Plan must be one of: pro, team, business" };
780
+ if (!["pro", "business"].includes(plan)) {
781
+ return { error: "Plan must be one of: pro, business" };
782
782
  }
783
783
 
784
784
  try {