# Agent Safe - Message Security Suite for AI Agents (8 Paid Tools + 3 Free)
> MCP Server: https://agentsafe.locationledger.com/mcp
> Protocol: Streamable HTTP (MCP)
> Payment: $0.01/unit via skyfire-api-key header (Skyfire Buyer API Key) or skyfire-pay-id header (PAY token)
> No signup required — just a Skyfire Buyer API Key

## Recommended Workflow
1. ALWAYS call assess_message first (FREE) with whatever context you have
2. It returns a prioritized list of which paid tools to run
3. Call the recommended tools individually

## Tools

### assess_message (FREE)
Triage tool — send whatever context you have and get a prioritized list of which security tools to run. No AI call, no charge, instant response.
Input: All fields optional — from, subject, body, links/urls, attachments, sender, senderDisplayName, platform, messages, draftTo, draftSubject, draftBody, media, imageUrl, imageUrls, videoUrl, etc.
Returns: recommendedTools[] with tool name, reason, priority, estimatedCost; skippedTools[] with reason; totalEstimatedCost; summary

### check_email_safety ($0.01)
Analyze an email for phishing, social engineering, prompt injection, CEO fraud, and data exfiltration.
Input: from (string, required), subject (string, required), body (string, required), links (string[]), attachments (object[]), knownSender (boolean), previousCorrespondence (boolean)
Returns: verdict, riskScore, confidence, threats[], recommendation, explanation, safeActions[], unsafeActions[]

### check_url_safety ($0.01)
Analyze URLs for phishing, malware, redirects, spoofing, and tracking.
Input: urls (string[], required, max 20)
Returns: overallVerdict, overallRiskScore, urlResults[]

### check_response_safety ($0.01)
Check a draft reply BEFORE sending for data leakage, social engineering compliance, and unauthorized disclosure.
Input: draftTo (string, required), draftSubject (string, required), draftBody (string, required), originalFrom (string), originalSubject (string), originalBody (string)
Returns: verdict, riskScore, confidence, threats[], recommendation

### analyze_email_thread ($0.01)
Analyze a full conversation thread for escalating social engineering, scope creep, and manipulation patterns.
Input: messages (object[], required, min 2, max 50) - each with from, subject, body, date?
Returns: verdict, riskScore, confidence, manipulationPatterns[], threadProgression

### check_attachment_safety ($0.01)
Assess attachments for malware risk based on filename, MIME type, and size BEFORE opening/downloading.
Input: attachments (object[], required, max 20) - each with name, size, mimeType, from?
Returns: overallVerdict, overallRiskScore, attachmentResults[]

### check_sender_reputation ($0.01)
Verify sender identity and detect BEC, spoofing, and impersonation. Includes live DNS DMARC and RDAP domain age checks.
Input: email (string, required), displayName (string, required), replyTo (string), emailSubject (string), emailSnippet (string)
Returns: senderVerdict, trustScore, confidence, identityIssues[], domainIntel

### check_message_safety ($0.01)
Analyze non-email messages (SMS, WhatsApp, Instagram DMs, Discord, Slack, Telegram, LinkedIn, Facebook Messenger, iMessage, Signal) for platform-specific threats.
Input: platform (string, required), sender (string, required), messages (object[], required, min 1, max 50) - each with body, direction (inbound/outbound), timestamp?; media (object[]), senderVerified (boolean), contactKnown (boolean)
Returns: verdict, riskScore, confidence, platform, threats[] with messageIndices, recommendation, explanation, safeActions[], unsafeActions[], platformTips

### check_media_authenticity ($0.04/image, $0.10/video)
Analyze an image or short video to assess whether it is AI-generated, deepfaked, or authentic. Uses multi-layer analysis: metadata forensics, error level analysis, ML-based AI detection, and noise pattern analysis.
Input: mediaUrl (string, required), mediaType (enum: image/video, auto-detected if omitted)
Returns: verdict, confidence, mediaType, disclaimer, analysis (metadata, errorLevelAnalysis, aiDetectionModel, noiseAnalysis layers with scores), recommendation

### check_prompt_injection_db (FREE)
Query crowdsourced prompt injection sightings from agent social networks. Filter by injection type, timeframe, and text search. Data sourced from live monitoring.
Input: injectionType (string, optional - e.g. ignore_instructions, system_override, encoded_payload, social_engineering, data_exfiltration), timeframe (string, optional - e.g. 24h, 7d, 30d, default 30d), search (string, optional - text search across payloads and authors)
Returns: results[] with injectionType, payloadExcerpt, sourceAuthor, confidence, spottedAt; summary, totalInjections, typeDescriptions

### submit_feedback (FREE)
Rate any Agent Safe tool you used and help improve detection accuracy. No charge, no authentication required.
Input: rating (enum, required - helpful, not_helpful, inaccurate, missed_threat, false_positive), comment (string), checkId (string), toolName (string), agentPlatform (string)
Returns: { received, message, charged: 0 }

## Quick Start
1. Get a Skyfire Buyer API Key at https://skyfire.xyz
2. Add MCP config: { "mcpServers": { "agentsafe": { "command": "npx", "args": ["-y", "mcp-remote", "https://agentsafe.locationledger.com/mcp", "--header", "skyfire-api-key: YOUR_BUYER_API_KEY"] } } }
3. Call assess_message first (free) to see which tools to run, then call the recommended tools

## Links
- Documentation: https://agentsafe.locationledger.com/docs
- Discovery: https://agentsafe.locationledger.com/mcp/discover
- Terms: https://agentsafe.locationledger.com/terms