Skip to content
MCPShield

Monitoring Setup

Continuously monitor MCP servers and get notified when security grades change, new findings appear, or tools drift.

Creating a Monitor

  1. Go to Monitors in the dashboard.
  2. Click New Monitor and enter the target URL (GitHub repo or HTTP endpoint).
  3. Choose a frequency — hourly (Pro/Team), daily, or weekly. Hourly monitoring catches supply-chain attacks and rug pulls within ~1 hour instead of 24.
  4. Optionally add a webhook URL to receive alerts (Discord or generic HTTP). See Webhook Integration.
  5. Click Create. The first scan runs immediately.

You can create up to 5 monitors. Each monitor tracks its own scan history, grade changes, and finding diffs.

What Triggers Alerts

Grade Drop

The security grade decreased since the last scan (e.g. A to B).

New Findings

New security issues were detected that were not present in the previous scan.

Tool Drift (Rug Pull Detection)

MCPShield snapshots every tool definition — name, description, and input schema. If a tool is added, removed, or modified in any way, you get an immediate alert. This catches supply-chain attacks where a trusted server silently adds malicious tools or injects prompt injection into descriptions after initial approval. With hourly monitoring, detection time drops from 24 hours to under 1 hour.

Why Hourly Monitoring Matters

MCP servers are trusted with access to your data, files, and APIs. A compromised or malicious server can change its tools at any time after you approve it — this is called a rug pull.

The Rug Pull Scenario

  1. You scan an MCP server — Grade A, no findings. You approve it.
  2. Three days later, the server adds a new tool that reads your environment variables.
  3. The tool description contains hidden prompt injection that tricks Claude into executing it.
  4. Your API keys, credentials, and secrets are exfiltrated.

With daily monitoring, you might not know for up to 24 hours. With hourly monitoring, you know within the hour and can revoke access before damage is done.

Hourly monitoring is available on Pro and Team plans. Free tier includes daily and weekly monitoring.

Discord Alerts

If your webhook URL points to Discord (discord.com/api/webhooks/...), MCPShield automatically sends rich embeds with grade, score, finding count, and a link to the full report.

Creating a Discord Webhook

  1. Open your Discord server and go to Server Settings → Integrations → Webhooks.
  2. Click New Webhook, name it (e.g. “MCPShield”), and choose the channel.
  3. Click Copy Webhook URL and paste it into the monitor's webhook field.

Email Alerts

Email alerts are sent automatically to the email address associated with your account (from Clerk). No additional setup is required. Emails are sent via Resend and include a summary of changes plus a link to the full scan report.

Monitoring Setup | MCPShield