MCP-Dandan

MCP-Dandan is an integrated monitoring framework for MCP (Model Context Protocol) traffic with a desktop Electron UI. It provides real-time MCP traffic monitoring, multiple threat-detection engines (command injection, file system exposure, PII leaks, data exfiltration, and tools poisoning via LLM-based analysis), and an interactive UI for managing blocking actions and configurations. The system runs a combined server component and the Electron desktop application, giving you a centralized view of MCP conversations, detected threats, and actionable controls. To start using it, clone the repository, install dependencies, and launch the development environment to bring up both the server and the desktop UI. The UI offers a real-time dashboard, tutorials, a blocking interface, and a settings panel to tailor detection engines and system behavior. You can also review detailed documentation in the project wiki for deeper technical guidance and tuning options.

Prerequisites:

• Python 3.8+ (for backend components if required by the project)
• Node.js and npm (for the Electron UI and build tooling)
• Git (to clone the repository)

Installation steps:

1. Clone the repository: git clone https://github.com/82ch/MCP-Dandan.git cd MCP-Dandan

2. Install all dependencies (Python + Node.js) via the provided script: npm run install-all

3. Start the application (runs both server and desktop UI): npm run dev

4. Access the MCP-Dandan UI and server at the default endpoint (the server typically listens on http://127.0.0.1:8282 and the Electron app launches automatically). If you need to build for distribution, follow the wiki’s build instructions for your platform.

Notes and tips:

• The Tools Poisoning Engine requires a MISTRAL_API_KEY to enable its functionality. Export or set MISTRAL_API_KEY in your environment if you intend to use that engine.
• The server component exposes a local API at http://127.0.0.1:8282; you can adjust this in the configuration if needed.
• The Electron UI provides a Blocking Interface, Settings Panel, and real-time dashboards. Use the Settings Panel to enable/disable specific engines and customize detection thresholds.
• If you encounter dependency issues, ensure Node.js and Python environments are properly installed and that npm install completes without errors. The install-all script is designed to orchestrate cross-language dependencies for this project.
• Refer to the MCP-Dandan Wiki for in-depth technical documentation, tutorials, and troubleshooting steps.