Agent Safe
Official11 toolsby wowcool
Email safety MCP server. Detects phishing, prompt injection, CEO fraud for AI agents.
Detect phishing, prompt injection, and CEO fraud in emails for AI agents.
Captured live from the server via tools/list.
check_email_safety
Analyze an email for phishing, social engineering, prompt injection, and other threats targeting AI agents. Returns verdict, risk score, threats, and recommended actions. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (7)
- fromstringrequired
Sender email address
- subjectstringrequired
Email subject line
- bodystringrequired
Email body content
- linksarray
URLs found in the email
- attachmentsarray
Attachment metadata
- knownSenderboolean
Whether the sender is known/trusted
- previousCorrespondenceboolean
Whether there has been previous email exchange
check_url_safety
Analyze one or more URLs for phishing, malware, redirects, and spoofing. Returns per-URL and overall verdicts. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (1)
- urlsarrayrequired
List of URLs to analyze (max 20)
check_response_safety
Check a draft email reply BEFORE sending for data leakage, social engineering compliance, and unauthorized disclosure. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (6)
- draftTostringrequired
Recipient email address
- draftSubjectstringrequired
Draft reply subject
- draftBodystringrequired
Draft reply body
- originalFromstring
Original sender address
- originalSubjectstring
Original email subject
- originalBodystring
Original email body for context
analyze_email_thread
Analyze a full email conversation thread for escalating social engineering, scope creep, and manipulation patterns. $0.01/call for <=5 units (4000 tokens each); quote-first for larger threads. Via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (1)
- messagesarrayrequired
Thread messages in chronological order (min 2)
check_attachment_safety
Assess email attachments for malware risk based on filename, MIME type, and size BEFORE opening/downloading. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (1)
- attachmentsarrayrequired
Attachment metadata to analyze (max 20)
check_sender_reputation
Verify sender identity and detect Business Email Compromise (BEC), spoofing, and impersonation. Includes live DNS DMARC and RDAP domain age checks at no extra cost. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (5)
- emailstringrequired
Sender email address
- displayNamestringrequired
Sender display name
- replyTostring
Reply-To address if different from sender
- emailSubjectstring
Subject of the email for context
- emailSnippetstring
First ~500 chars of email body for context
check_message_safety
Analyze non-email messages (SMS, WhatsApp, Instagram DMs, Discord, Slack, Telegram, LinkedIn, Facebook Messenger, iMessage, Signal) for platform-specific threats including smishing, wrong-number scams, OTP interception, impersonation, and crypto fraud. $0.01/call via skyfire-api-key header (Skyfire Buyer API Key). By using this service you accept the Terms of Service. Advisory service only.
Parameters (6)
- platformstringrequired
Message platform
- senderstringrequired
Sender identifier — phone number, username, handle, or display name
- messagesarrayrequired
Array of messages in chronological order (min 1, max 50)
- mediaarray
Media attachments
- senderVerifiedboolean
Whether the platform has verified the sender (blue checkmark, business account)
- contactKnownboolean
Whether the sender is in the agent's/user's contacts
check_media_authenticity
Analyze an image or short video to assess whether it is AI-generated, deepfaked, or authentic. Uses multi-layer analysis including metadata forensics, error level analysis, ML-based AI detection, and noise pattern analysis. Returns a confidence-scored verdict with per-layer breakdown. $0.04/image (4 units x $0.01), $0.10/video (10 units x $0.01) via skyfire-api-key header. Results are best-guess estimates, not definitive. By using this service you accept the Terms of Service. Advisory service only.
Parameters (2)
- mediaUrlstringrequired
URL of the image or video to analyze
- mediaTypestring
Type of media (auto-detected if omitted)
check_prompt_injection_db
FREE — Query a database of known prompt injection attacks observed in the wild on agent social networks. Returns recent injection patterns, payloads, and threat classifications to help agents recognize and avoid manipulation. No charge, no authentication required.
Parameters (3)
- querystring
Search term or pattern to look for in injection payloads
- timeframestring
How far back to search (default: 30d)
- typestring
Filter by injection type
assess_message
FREE triage tool — send whatever context you have (message content, sender info, URLs, attachments, draft replies, thread messages, image/video URLs) and get back a prioritized list of which security tools to run. No AI call, no charge, instant response. Always call this first to get the best security coverage.
Parameters (22)
- fromstring
Sender email address or identifier
- subjectstring
Message subject line
- bodystring
Message body content
- linksarray
URLs found in the message
- urlsarray
URLs to check (alternative to links)
- attachmentsarray
Attachment metadata
- senderstring
Sender identifier for non-email platforms
- senderDisplayNamestring
Sender display name for reputation check
- replyTostring
Reply-To address if different from sender
- platformstring
Message platform (sms, whatsapp, slack, discord, telegram, etc.) — omit for email
- messagesarray
Array of thread messages (2+ for thread analysis)
- draftTostring
Draft reply recipient
- draftSubjectstring
Draft reply subject
- draftBodystring
Draft reply body — include to check for data leakage
- mediaarray
Media attachments for non-email platforms
- senderVerifiedboolean
Whether platform has verified the sender
- contactKnownboolean
Whether sender is a known contact
- knownSenderboolean
Whether the email sender is known/trusted
- previousCorrespondenceboolean
Whether there has been prior correspondence
- imageUrlstring
Direct image URL to check for AI generation
- imageUrlsarray
Multiple image URLs to check
- videoUrlstring
Direct video URL to check for AI generation
submit_feedback
FREE — Submit feedback about any Agent Safe tool you used. Helps us improve detection accuracy and tool quality. No charge, no authentication required.
Parameters (5)
- ratingstringrequired
Your rating of the tool's output
- commentstring
Optional details about your experience — what worked well, what could improve, or what was missed
- checkIdstring
The checkId returned by the tool you're rating (helps us link feedback to specific analyses)
- toolNamestring
Which tool you're giving feedback on (e.g. check_email_safety, check_url_safety)
- agentPlatformstring
Your agent platform (e.g. claude, cursor, openai, custom) — helps us optimize for your environment
README not available yet.
Install
Remote endpoint
Streamable HTTPHosted server - connect over the network, no local install.
https://agentsafe.locationledger.com/mcpclaude_desktop_config.json
{
"mcpServers": {
"agentsafe": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://agentsafe.locationledger.com/mcp"
]
}
}
}Desktop config is stdio-only; this bridges via mcp-remote. Native remote: Settings > Connectors.