decoy-redteam

MCP Tool

decoy-run/decoy-redteam

Autonomous red team for MCP servers. Sends adversarial payloads to your tools, proves exploitation, reports what's broken. 53 attack patterns across 6 categories. Zero dependencies. npx decoy-redteam

Install

$ npx loaditout add decoy-run/decoy-redteam

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "decoy-redteam": {
      "command": "npx",
      "args": [
        "-y",
        "decoy-redteam"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

decoy-redteam

Autonomous red team for MCP servers. Finds exploitable vulnerabilities before attackers do.

npx decoy-redteam

Zero dependencies. Zero setup. Works with Claude Desktop, Cursor, Windsurf, VS Code, Claude Code, Zed, and Cline.

What it does

Connects to every MCP server on your machine, sends adversarial payloads to their tools, and reports what's exploitable. Not a scanner — an attacker.

53 attack patterns across 6 categories:

| Category | What it tests | |----------|---------------| | Input injection | SQL injection, command injection, path traversal, SSRF, template injection | | Prompt injection | Instruction override, role hijack, indirect injection, encoding bypass, multi-turn | | Credential exposure | .env files, cloud credentials, SSH keys, git tokens, shell history | | Protocol attacks | Malformed JSON-RPC, capability escalation, replay attacks, method injection | | Schema boundary | Type coercion, null bytes, overflow, prototype pollution, NoSQL operators | | Privilege escalation | Scope escape, undeclared access, dotfile enumeration, argument smuggling |

Every finding maps to OWASP Top 10 for Agentic Applications 2026.

Usage

# Dry-run — show attack plan without executing anything
npx decoy-redteam

# Execute attacks against your MCP servers
npx decoy-redteam --live

# Target a specific server
npx decoy-redteam --live --target=my-server

# JSON output for scripting
npx decoy-redteam --live --json

# SARIF output for GitHub Security / CI
npx decoy-redteam --live --sarif

# Only test specific categories
npx decoy-redteam --live --category=input-injection,credential-exposure

Safety

Dry-run by default. Running npx decoy-redteam without --live shows what would be tested without executing anything.

Confirmation required. --live mode prompts for explicit confirmation before executing. No --yes bypass flag.

Reviews

Loading reviews...

Quality Signals

Installs

Last updated13 days ago

Security: AREADME

New

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit4/2/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/decoy-run/decoy-redteam)](https://loaditout.ai/skills/decoy-run/decoy-redteam)

decoy-redteam

MCP Tool

decoy-run/decoy-redteam

Autonomous red team for MCP servers. Sends adversarial payloads to your tools, proves exploitation, reports what's broken. 53 attack patterns across 6 categories. Zero dependencies. npx decoy-redteam

Install

$ npx loaditout add decoy-run/decoy-redteam

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "decoy-redteam": {
      "command": "npx",
      "args": [
        "-y",
        "decoy-redteam"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

decoy-redteam

Autonomous red team for MCP servers. Finds exploitable vulnerabilities before attackers do.

npx decoy-redteam

Zero dependencies. Zero setup. Works with Claude Desktop, Cursor, Windsurf, VS Code, Claude Code, Zed, and Cline.

What it does

Connects to every MCP server on your machine, sends adversarial payloads to their tools, and reports what's exploitable. Not a scanner — an attacker.

53 attack patterns across 6 categories:

Every finding maps to OWASP Top 10 for Agentic Applications 2026.

Usage

# Dry-run — show attack plan without executing anything
npx decoy-redteam

# Execute attacks against your MCP servers
npx decoy-redteam --live

# Target a specific server
npx decoy-redteam --live --target=my-server

# JSON output for scripting
npx decoy-redteam --live --json

# SARIF output for GitHub Security / CI
npx decoy-redteam --live --sarif

# Only test specific categories
npx decoy-redteam --live --category=input-injection,credential-exposure

Safety

Dry-run by default. Running npx decoy-redteam without --live shows what would be tested without executing anything.

Confirmation required. --live mode prompts for explicit confirmation before executing. No --yes bypass flag.

Reviews

Loading reviews...

Quality Signals

Installs

Last updated13 days ago

Security: AREADME

New

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit4/2/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/decoy-run/decoy-redteam)](https://loaditout.ai/skills/decoy-run/decoy-redteam)

decoy-redteam

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge

decoy-redteam

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge