SiteGuardian MCP — Examples & Client Configurations
Client configurations, copy-paste examples, and the MCP server manifest for the SiteGuardian Model Context Protocol server.
Note: This repository contains examples and client integration code only. The MCP server itself is hosted at https://mcp.siteguardian.io and is operated as a SaaS — server source is closed. Everything in this repo is MIT-licensed and free to fork.
What is the SiteGuardian MCP server?
A hosted MCP endpoint that lets Claude Desktop, Claude Code, Cursor, Windsurf, and VS Code Copilot query website-monitoring data and run security/compliance scans through natural-language tool calls.
- Endpoint:
https://mcp.siteguardian.io(or the canonicalhttps://siteguardian.io/mcp) - Transport: Streamable HTTP
- Hosting: Hetzner, Germany — EU data residency
- Documentation: https://siteguardian.io/docs/mcp
Five tools
| Tool | Auth | Purpose |
|---|---|---|
scan_domain | anonymous | One-off security scan, A–F grade + top 3 issues + permalink |
list_monitored_domains | Bearer | Domains under continuous monitoring for the account |
get_domain_status | Bearer | Current grade + active issues for a monitored domain |
get_drift_events | Bearer | Recent posture changes (TLS, DNSSEC, headers, cookies, JS hosts) |
get_fix_recommendations | Bearer + paid plan | nginx/Apache/DNS snippets + verify commands |
Try the anonymous tool (no setup required)
curl -X POST https://mcp.siteguardian.io/ \
-H 'Content-Type: application/json' \
-H 'Accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"scan_domain","arguments":{"domain":"example.com"}}}'
Rate-limited to 10 calls/hour/IP. Cached for 2h per domain. Full curl/Python/JS examples in examples/.
Install in your client
All clients use the same endpoint. Copy-paste configs in clients/:
- Claude Desktop —
clients/claude-desktop.json - Claude Code (CLI) —
clients/claude-code.sh - Cursor —
clients/cursor.json - Windsurf —
clients/windsurf.json - VS Code / Copilot —
clients/vscode.sh
Authentication
The scan_domain tool is anonymous. The four monitoring tools require a Bearer key:
- Sign in at https://siteguardian.io
- Open Settings → API & Integrations
- Click Generate key, name it, copy it
- Add to your client config:
"headers": {"Authorization": "Bearer sg_live_..."}
API keys are available on the Monitor, Compliance, and Enterprise plans.
Privacy
- EU-hosted. Hetzner Germany. No US sub-processor.
- No LLM in the response path. Tool answers are deterministic from monitoring data.
- No training on your queries. Logged for abuse prevention and billing only.
- Audit trail. Every tool call is recorded in the SHA-256 hash chain.
Server manifest
The full machine-readable MCP server manifest is in server.json — this is the file consumed by the Anthropic MCP Registry and the various community directories.
Roadmap
- OAuth 2.1 (per current MCP spec)
-
resourcesandpromptsin addition totools - Listing in the official Anthropic MCP Registry
- Listing on Smithery and mcp.so
License
Examples and client configurations in this repository are released under the MIT License — see LICENSE.
The SiteGuardian MCP server itself is proprietary and hosted as a SaaS. Server source is not distributed.
Support
- Documentation: https://siteguardian.io/docs/mcp
- Status: https://siteguardian.io/status
- Bug or feature request: open an issue or email support@siteguardian.io