MCP Config Monitor for Claude Desktop
Detects changes to Claude Desktop MCP config and server code. Shows overlay on startup.
Protect your Claude Desktop against becoming a trojanised entry point to attackers via toolpoisoning or similar techniques.
(Research paper about MCP as a LOTL soon..)
Stores MD5 hashes of your config file and all server source files. On each Claude launch, compares current hashes against stored ones. If anything changed, shows an overlay notifying you of what changed and what should be audited.
The state storage is inside a tmp MCPMonitor directory.
In each OS its stored in one of these:
- Windows:
%LOCALAPPDATA%\MCPMonitor\ - macOS:
~/Library/Application Support/MCPMonitor/ - Linux:
~/.local/share/MCPMonitor/
This monitor file contains:
state.json- file hashessnapshots/- previous versionsbackups/- pre-revert backups
- You need python to run it and you need to manually configure the startup checker.
- Easier to modify on your own.
- We setup everything for you via installation.
- Slightly faster.
- Need rust and tauri to modify on your own.
Watch mode:
~0.1% CPU, ~20MB RAM.- Just sleeps and polls tasklist every second.
On check:
- Brief spike reading files and computing hashes, then back to idle.
It's lighter than most system tray apps.
You won't notice it.
Add proper code audit with user accepting or reverting the changes.- Improve code AND config audit.
- Same as above, but also being able to quarantine servers.
- Follow the
.loginstallation trace that Claude Desktop provides for further Intrusion analasys Rewrite in rust?
Yes. We want Claude Defender to be an opensource project so all PR requests are welcome. Please do disclose any issues, bugs, or ideas you may have.
Things we would especially love PR requests (currently):
- UI improvements for audit.
- Finding exploits in the tauri client.
Before submiting a security PR please skim through or VDP.
Run the installation wizard you can get from the releases and Claude Defender will instantly be added to your startup.
screenshot of task-manager/startup
Add to Windows startup (shell:startup):
pythonw claudeDefender.py --watchCreate ~/Library/LaunchAgents/com.mcp.monitor.plist:
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
Labelcom.mcp.monitor
ProgramArguments
python3
/path/to/claudeDefender.py.py
--watch
RunAtLoadThen: launchctl load ~/Library/LaunchAgents/com.mcp.monitor.plist
Create ~/.config/autostart/mcp-monitor.desktop:
[Desktop Entry]
Type=Application
Name=MCP Monitor
Exec=python3 /path/to/claudeDefender.py --watch
Hidden=falsepython claudeDefender.py # Check once
python claudeDefender.py --watch # Watch for Claude launchesA huge thank you to everyones help to our project! <3
Please check them out here.
Want to be added? Heres how!