GhidraMCP
MCP server exposing Ghidra tools so LLMs can decompile and reverse-engineer binaries.
GhidraMCP
ghidraMCP is a Model Context Protocol server that lets LLMs autonomously reverse-engineer binaries by exposing core Ghidra functionality as MCP tools.
Paired with a Ghidra plugin, it can decompile and analyze binaries, list methods, classes, imports and exports, and automatically rename methods and data based on the agent's analysis. This brings AI-assisted reverse engineering and malware analysis into any MCP client.
It is aimed at security researchers, malware analysts, and reverse engineers who want to accelerate binary analysis with an AI assistant.
Only compromise signals — malicious or tampered code (leaked secrets, backdoors, path traversal, a dropped executable) — reduce the score. Dangerous-by-capability traits (shell, network, injection strings, pickle) are shown as risk surface: expected for some capabilities — a security tool ships offensive code on purpose — so they do not sink the grade.
The same gate an agent runs before installing (POST /api/v1/trust/ghidra-mcp-server/check). Click a policy:
Evaluated against the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any control to see the findings.
Consume GhidraMCP programmatically. Authenticate with an API key or session — see Authorize an agent.
# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/ghidra-mcp-server
# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/ghidra-mcp-server/check \
-H "Content-Type: application/json" \
-d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'
# CLI
npx ai-supply add ghidra-mcp-server
# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/ghidra-mcp-server/install \
-H "Authorization: Bearer $AIM_KEY"
# MCP tool
install_listing({ "slug": "ghidra-mcp-server" })OpenAPI spec →Curated mirror — latest upstream source. See the repository for tagged releases.