mcp_server_example

This MCP server demonstrates a protected MCP tool set that can be extended with security checks for prompt injection using SonnyLabs. The server exposes tools written as Python functions (as shown by the add tool example) and can be invoked by an LLM or AI agent through the MCP interface. When an input is received, the server can optionally run SonnyLabs analysis on the input (and subsequent outputs) to detect prompt injection patterns, returning a security status along with the normal tool result. The example focuses on an insecure add tool that is annotated with malicious instructions in its docstring to illustrate how prompt injection vulnerabilities might be detected and mitigated in practice. You can replace or augment the toolset with your own safe functions, such as calculators, file searchers, or API wrappers, exposed through the MCP interface. To operate locally, run the server with Python and interact via the included client or any MCP-compatible client.

Prerequisites:

• Python 3.7 or higher
• Basic familiarity with running Python scripts

Installation steps:

1. Create a virtual environment (optional but recommended): python -m venv venv source venv/bin/activate # on macOS/Linux venv\Scripts\activate # on Windows

2. Install required packages: pip install fastmcp sonnylabs python-dotenv

3. Ensure the project structure matches the expected paths:

   • mcp/server.py should contain the MCP server definition (as shown in the README example)
   • If you use a client, ensure mcp/client.py exists or adapt to your MCP client of choice

4. Prepare environment variables (optional but recommended for SonnyLabs):

   • Create a .env file or export variables in your shell: SONNY_API_KEY=your_api_key SONNY_ANALYSIS_ID=your_analysis_id SONNY_BASE_URL=https://sonnylabs-service.onrender.com

5. Run the server: python mcp/server.py

Notes and tips:

• The SonnyLabs integration is optional. If credentials or an API key are not provided, the server will skip security analysis but continue to function with normal tool execution.
• The example tool (add) contains intentionally malicious instructions in its docstring to illustrate prompt-injection risks. Replace or remove such patterns in production, and implement proper input/output validation and sandboxing.
• To test prompt-injection protection, you can use the provided client (or any MCP client) to send crafted inputs and observe whether the security analysis detects injections and returns warnings.
• If you plan to deploy, consider configuring environment variables securely (e.g., via a vault or environment management system) and keep API keys out of source control.