Pyrasp

Name: Pyrasp
Author: rbidou

by rbidou

PyRASP is a Runtime Application Self Protection package for Python-based Web Servers (Flask, FastAPI and Django), Serverless Functions (AWS Lambda, Azure and Google Cloud Functions) and MCP Servers (FastMCP)

35 0 tools GitHub

No known CVEs

No license

Stale

Last commit 186d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "pyrasp": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/pyrasp)](https://mcppedia.org/s/pyrasp)

Read me

What Pyrasp does

PyRASP is a Runtime Application Self Protection package for Python-based Web Servers (Flask, FastAPI and Django) and Serverless Functions (AWS Lambda, Azure and Google Cloud Functions). It protects against the main attacks web applications are exposed to, from within the application. It is also capable of providing basic telemetry such as cpu and memory usage, as well as requests count. Additionally, PyRASP implements Zero-Trust Application Access for critical applications, ensuring only up-to-d

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

25/100across 5 weighted dimensions

How we score →

0255075100

−75

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Pyrasp safe to use?: Pyrasp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Pyrasp?: Pyrasp can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with Pyrasp?: Pyrasp is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Pyrasp actively maintained?: Pyrasp is less actively maintained — last commit was 186 days ago. It has 35 GitHub stars.

Similar servers

Others in security

View all →

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.7k 3

Evil Mcp Server91

An evil MCP server used for redteam testing

30 1

Atomic Red Team Mcp90

MCP server for Atomic Red Team

123 5

io.github.peacprotocol/peac90

Signed receipts for agent, API, and MCP interactions. Portable and offline-verifiable.

11 5

MCP Security Weekly

Get CVE alerts and security updates for Pyrasp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

What is PyRASP ?

PyRASP is a Runtime Application Self Protection package for Python-based Web Servers (Flask, FastAPI and Django) and Serverless Functions (AWS Lambda, Azure and Google Cloud Functions). It protects against the main attacks web applications are exposed to, from within the application. It is also capable of providing basic telemetry such as cpu and memory usage, as well as requests count. Additionally, PyRASP implements Zero-Trust Application Access for critical applications, ensuring only up-to-date authorized browsers can connect.

PyRASP provides full agentic AI security by protecting MCP servers tools from malicious inputs injections and data leaks (PII and credentials) that would result from unexpected processing. It also defend LLM frontends against malicious prompt injection attempts.

It can operate using a local configuration file or get it from a remote/cloud server. Logs and telemetry (optional) can be sent to remote servers as well, and threats information can be shared across agents.

One specificity of PyRASP relies on the fact that it does not use signatures. Instead it will leverage decoys, thresholds, system and application internals as well as machine learning for detection.

AWS Lambda Functions are no longer supported since version 0.8.3

Frequently Asked Questions

Is Pyrasp safe to use?

Pyrasp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Pyrasp?

Pyrasp can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with Pyrasp?

Pyrasp is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is Pyrasp actively maintained?

Pyrasp is less actively maintained — last commit was 186 days ago. It has 35 GitHub stars.

What is PyRASP ?

AWS Lambda Functions are no longer supported since version 0.8.3

Documentation

Full documentation
Release Notes
Web Site

Contacts

Renaud Bidou - renaud@paracyberbellum.io