We are pleased to share a new project, HoneyMCP, which is a Honeypot designed around The AI Model Context Protocol (MCP) standard. A honeypot is a system designed to run on a network and provide plausible services and functions, acting as an appealing target for adversaries. The intent of such a system is to appear as a vulnerable service and to encourage engagement and additional probes. As the system is probed it helps to encourage an adversary to engage more, helping to clarify intentions and to better understand intent. Through providing a series of APIs, login actions, and of course, MCP services, the HoneyMCP application helps verify that a connection is not an accidental click, but rather a focused probe.
Our new project is available at:
The application is open source and hosted on GitHub, and we seek collaboration to expand and improve the application services!
Currently the application provides pseudo login pages, application APIs, and a range of real-time AI services. These various services and engagement points create events within HoneyMCP, which are then rated based on intent and severity. Invalid connections are a low risk action, while attempting to retrieve accounting data is much more severe. The application uses LLMs to dynamically generate content in support of requests to generate plausible information in response to queries, and to create expanded content for continuing adversary engagement.
Feel free to connect us for information and collaboration!