Summary
Connects Claude to SiteGuardian's EU-hosted monitoring API via streamable HTTP. Five tools: one anonymous scanner that grades any domain and returns top issues with a permalink, plus four authenticated tools that pull monitored domains, current status, drift events (TLS, headers, DNSSEC changes), and fix snippets for nginx, Apache, or DNS. The anonymous tool works immediately with no keys, rate-limited to 10 calls per hour. Bearer auth unlocks the monitoring tools if you're on a paid plan. Hosted on Hetzner Germany with audit logs. Reach for this when you want Claude to check site security posture or explain compliance gaps without leaving the conversation.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
SiteGuardian MCP — Examples & Client Configurations
Client configurations, copy-paste examples, and the MCP server manifest for the SiteGuardian Model Context Protocol server.
Note: This repository contains examples and client integration code only. The MCP server itself is hosted at https://mcp.siteguardian.io and is operated as a SaaS — server source is closed. Everything in this repo is MIT-licensed and free to fork.
What is the SiteGuardian MCP server?
A hosted MCP endpoint that lets Claude Desktop, Claude Code, Cursor, Windsurf, and VS Code Copilot query website-monitoring data and run security/compliance scans through natural-language tool calls.
- Endpoint:
https://mcp.siteguardian.io(or the canonicalhttps://siteguardian.io/mcp) - Transport: Streamable HTTP
- Hosting: Hetzner, Germany — EU data residency
- Documentation: https://siteguardian.io/docs/mcp
Five tools
| Tool | Auth | Purpose |
|---|---|---|
scan_domain | anonymous | One-off security scan, A–F grade + top 3 issues + permalink |
list_monitored_domains | Bearer | Domains under continuous monitoring for the account |
get_domain_status | Bearer | Current grade + active issues for a monitored domain |
get_drift_events | Bearer | Recent posture changes (TLS, DNSSEC, headers, cookies, JS hosts) |
get_fix_recommendations | Bearer + paid plan | nginx/Apache/DNS snippets + verify commands |
Try the anonymous tool (no setup required)
curl -X POST https://mcp.siteguardian.io/ \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"scan_domain","arguments":{"domain":"example.com"}}}'
Rate-limited to 10 calls/hour/IP. Cached for 2h per domain. Full curl/Python/JS examples in examples/.
Install in your client
All clients use the same endpoint. Copy-paste configs in clients/:
- Claude Desktop —
clients/claude-desktop.json - Claude Code (CLI) —
clients/claude-code.sh - Cursor —
clients/cursor.json - Windsurf —
clients/windsurf.json - VS Code / Copilot —
clients/vscode.sh
Authentication
The scan_domain tool is anonymous. The four monitoring tools require a Bearer key:
- Sign in at https://siteguardian.io
- Open Settings → API & Integrations
- Click Generate key, name it, copy it
- Add to your client config:
"headers": {"Authorization": "Bearer sg_live_..."}
API keys are available on the Monitor, Compliance, and Enterprise plans.
Privacy
- EU-hosted. Hetzner Germany. No US sub-processor.
- No LLM in the response path. Tool answers are deterministic from monitoring data.
- No training on your queries. Logged for abuse prevention and billing only.
- Audit trail. Every tool call is recorded in the SHA-256 hash chain.
Server manifest
The full machine-readable MCP server manifest is in server.json — this is the file consumed by the Anthropic MCP Registry and the various community directories.
Roadmap
- OAuth 2.1 (per current MCP spec)
-
resourcesandpromptsin addition totools - Listing in the official Anthropic MCP Registry
- Listing on Smithery and mcp.so
License
Examples and client configurations in this repository are released under the MIT License — see LICENSE.
The SiteGuardian MCP server itself is proprietary and hosted as a SaaS. Server source is not distributed.
Support
- Documentation: https://siteguardian.io/docs/mcp
- Status: https://siteguardian.io/status
- Bug or feature request: open an issue or email support@siteguardian.io
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →