The security tripwire for AI agents and autonomous pipelines.

Deploy a tripwire in 30 seconds. Protect against prompt injection, rogue tool calls, and runtime attacks. Know the moment your agent is compromised.

Get started freeNo credit card required!

Get up and running in seconds

One command and you've got security baked in.
Or you can have your AI agent handle the setup.

1

Install and sign up

$ npx decoy-mcp init

Enter your email, click the link, done. Sets up your endpoint and configures Claude Desktop automatically. Your AI never knows it's there.

Features

Tripwire Detection

12 decoy tools that look real to AI. The moment an agent touches one, you know it's been compromised.

Real-Time Alerts

Get notified the instant an attack happens. Email, webhook, or dashboard — your choice.

Your AI agents have access to your files, your APIs, your production infrastructure. If one gets compromised through prompt injection, it will use that access exactly as an attacker intended. You won't know until the damage shows up.

Prompt injection is already happening in production. Attackers hide instructions in documents, webpages, and database records. Your agent reads them and follows them blindly.

We built Decoy because detection needs to be instant. Not a log you check next week. Not a policy you hope holds. A tripwire that fires the second something is wrong.

Twelve decoy tools sit alongside your real MCP servers. They look legitimate to any AI: execute_command, read_file, make_payment. No honest agent would ever call them. A compromised one will.

That's when you find out. Not after the damage is done. Right then.

Decoy Tripwires

Deploy 12 realistic decoy tools that blend in with your real MCP servers. No honest agent would call them — but a compromised one will.

  • Looks real to any AI model
  • Zero false positives by design
  • Deploys in under 30 seconds

Agent Identity & Monitoring

Every agent that connects gets automatically fingerprinted. Track which agents are active, paused, or compromised.

  • Automatic agent fingerprinting
  • Per-agent trigger history
  • Status tracking (active / paused / revoked)

Shield Proxy Coming Soon

Go beyond detection with active blocking. Shield will sit between your agent and its tools, filtering malicious requests before they execute.

  • Block prompt injection in real time
  • Filter unauthorized tool calls
  • Works with any MCP-compatible client

See every threat as it happens

Monitor your agents in real time. Track trigger events, identify attack patterns, and respond before damage is done.

Threat Map

See where attacks originate. Visualize trigger events across your global agent infrastructure.

Trigger Analytics

Understand attack patterns. Analyze triggers by severity, category, and agent to strengthen your defenses.

Real-Time Detection

Triggers fire instantly when a compromised agent touches a decoy tool.

Zero Latency

No scanning, no delays. Tripwires respond in milliseconds.

Daily Digests

Get a daily summary of all trigger events across your agents.

Threat Intelligence

Track emerging prompt injection patterns across the ecosystem.

Works with every MCP host

One install protects all your AI agents. Decoy auto-detects and configures every MCP-compatible host on your machine.

Claude Desktop
Claude Code
Cursor
Windsurf
VS Code

Everything you need to secure your AI agents

Detection, monitoring, and prevention — all in one platform.

Built for Production

Edge-deployed globally with full trigger logging and the visibility you need to catch threats early.

Scale With Confidence

Handles thousands of concurrent agent connections with zero performance impact. Built on Cloudflare's global edge network.

  • Multi-token management
  • Per-agent access controls
  • Webhook & API integrations

Zero Data Persistence

Agent traffic is never stored.

Edge Deployment

Runs globally with low overhead.

Full Trigger Logging

Agent, tool, args, time, and severity.

Flexible Alert Routing

Route to Slack, email or webhook.

Protect your infrastructure today

Deploy a tripwire in 30 seconds. No credit card required. Know the moment a compromised agent touches your MCP servers.

Get started free