Is CutterMCP Plus safe to use?

CutterMCP Plus has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.

How do I install CutterMCP Plus?

CutterMCP Plus supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with CutterMCP Plus?

CutterMCP Plus is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is CutterMCP Plus actively maintained?

CutterMCP Plus is recently maintained — last commit was 63 days ago. It has 45 GitHub stars.

CutterMCP Plus

Name: CutterMCP Plus
Author: restkhz

by restkhz

MCP Server for Cutter

45 0 tools GitHub

No known CVEs

GPL-3.0 license

Maintained

Last commit 63d ago

Works with most clients

Transport: stdio, sse, http

0 tools

Grade F

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "cuttermcp-plus": {
      "args": [
        "<ABSOLUTE/PATH/TO>/mcp_server.py"
      ],
      "command": "python"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/cuttermcp-plus)](https://mcppedia.org/s/cuttermcp-plus)

Read me

What CutterMCP Plus does

Cutter is a powerful, user-friendly, and completely free reverse engineering tool.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

38/100across 5 weighted dimensions

How we score →

0255075100

−62

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is CutterMCP Plus safe to use?: CutterMCP Plus has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install CutterMCP Plus?: CutterMCP Plus supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with CutterMCP Plus?: CutterMCP Plus is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is CutterMCP Plus actively maintained?: CutterMCP Plus is recently maintained — last commit was 63 days ago. It has 45 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.7k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.7k 1

Mcp Gitlab96

MCP server for using the GitLab API

1.5k 12

io.github.signerlabs/shipswift96

40+ production-ready SwiftUI recipes for building full-stack iOS apps via MCP.

1.4k 3

MCP Security Weekly

Get CVE alerts and security updates for CutterMCP Plus and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "cuttermcp-plus": {
      "args": [
        "<ABSOLUTE/PATH/TO>/mcp_server.py"
      ],
      "command": "python"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/cuttermcp-plus)](https://mcppedia.org/s/cuttermcp-plus)

Read me

What CutterMCP Plus does

Cutter is a powerful, user-friendly, and completely free reverse engineering tool.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

CutterMCP+

Automated Reverse Engineering via LLMs

Cutter is a powerful, user-friendly, and completely free reverse engineering tool.

Now, combined with modern Large Language Models (LLMs), they can do even more.

🤖 “Give AI a sharp cutter!”

Demos

Demo 1: Hackthebox Behind the Scenes (Easy level illeagal instruction bypass, Level: very easy)

As demonstrated in the video below, this plugin enables Cutter to automatically solve simple reverse engineering CTF challenges(From hack the box).

The LLM can notice anti-analysis techniques such as illegal instruction ud2. In this case, ud2 jammed the decompiler and produced incomplete result.

claude-sonnet-3.7 noticed this and tried to read the assembly directly to get around it. The entire process took about a minute to find the correct answer, without human intervention.

https://github.com/user-attachments/assets/bc86df16-93e1-473f-8eb4-3161a7b4a48e

(The video has not been accelerated.)

Demo 2: Hackthebox Virtually Mad (VM analysis. Level: Medium)

This is a VM analysis challenge. You need to reverse the opcode and figure out the rules. There are functions that are called in key parts via function pointers, so these are not listed by cutter.

So, the more intelligent `claude-opus-4' was used.

With prompt: Let's do a CTF reverse analysis challenge. virtually.mad. this is an ELF file. Cutter MCP is ready for you. You can call cutter to help you complete the challenge.

With no intervention claude-opus-4 completed the challenge using cutter.

Demo 3: ShellcodeEncrypt2DLL (Malware sample, VirusTotal 0/72)

It can also assist in malware analysis workflows, helping you accelerate tasks or extract key information.

In my previous project, there was a shellcode loader that achieved a VirusTotal score of 0/72 (ehmm...at that time I mean), but it was unable to withstand analysis by LLMs.

The analysis results from claude-opus-4 are completely correct, and the function has been renamed, a guess has been made: Hey, this is a shellcode loader.

The entire process took a few minutes and also required no human intervention.

Available functionality:

list_functions() function_detail() list_globals() list_strings() list_segments() list_vars() list_entry_points()

decompile() disasm_text() disasm_json() disasm_by_func_text() disasm_by_func_json()

xrefs_to()

rename_function() rename_local_variable() set_comment() set_local_variable_type()

current_address() current_function()

read_bytes()

How to use?

First, make sure that cutter and python3 are installed.

Dependencies:

pip install -r requirements.txt

requirements.txt is used for the standalone mcp_server.py wrapper.

The Cutter plugin itself is mcp_plugin.py. It now uses Python's standard library HTTP server so it does not require FastAPI, Pydantic, or Starlette inside Cutter's embedded Python.

Cutter plugin:

mcp_plugin.py runs inside Cutter and exposes a local HTTP API that mcp_server.py uses.

Default local endpoints:

http://127.0.0.1:8000/api/v1 http://127.0.0.1:8000/api/v1/health http://127.0.0.1:8000/docs

Run Cutter
Go to Edit -> Preferences -> Plugins
You can find the plugin directory location in the dialog.
Copy mcp_plugin.py to the <cutter_plugins>/python folder(not the mcp_server.py)
Restart your cutter

MCP Host:

For example (in cline, cursor etc) in MCP config file.

STDIO mode:


... [View full README on GitHub](https://github.com/restkhz/CutterMCP-plus#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

38/100across 5 weighted dimensions

How we score →

0255075100

−62

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is CutterMCP Plus safe to use?: CutterMCP Plus has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under GPL-3.0.
How do I install CutterMCP Plus?: CutterMCP Plus supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with CutterMCP Plus?: CutterMCP Plus is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is CutterMCP Plus actively maintained?: CutterMCP Plus is recently maintained — last commit was 63 days ago. It has 45 GitHub stars.