Loading…
Paste an MCP server config or a Claude Code settings.json. The mapper classifies each tool by capability (ingest, read-sensitive, write, execute, egress) and flags the canonical exfiltration and RCE chains that indirect prompt injection would need.
Pairs with the MCP & Claude Code Auditor (which lints the same configs for misconfigurations) and the Prompt Injection Detector (the entry-point side of these chains).