{"id":"dflatline-hopperpymcp","name":"HopperPyMCP","homepage":null,"repo_url":"https://github.com/dflatline/HopperPyMCP","category":"devtools","subcategories":[],"tags":["mcp","hopper","reverse-engineering","disassembly","decompilation","python","local-server","agent-integration"],"what_it_does":"HopperPyMCP is a Python MCP (Model Context Protocol) server intended to be installed as a Hopper disassembler script/plugin. It exposes Hopper analysis capabilities as MCP tools, including binary/document management, segment and address information, regex-based name/string search, disassembly and decompilation, call graph generation, cross-reference/reference analysis, and annotation operations (comments/names/types) on the current Hopper document.","use_cases":["Building an agent-assisted workflow for reversing binaries inside Hopper via MCP tools","Programmatically retrieving disassembly/decompiled output for procedures","Generating call graphs and exploring references/cross-references","Performing regex-based discovery of symbols/names and strings within segments","Automating documentation/annotation tasks in Hopper (set comments, names, mark data types)"],"not_for":["A cloud-hosted, internet-facing API service for general users (it appears to be local/localhost-oriented)","Use as a secure multi-tenant SaaS endpoint requiring enterprise IAM","Applications that require REST/GraphQL/SDK support out of the box (it is MCP-focused)"],"best_when":"You have Hopper installed and want a local MCP endpoint to let an AI agent drive Hopper analysis and annotation interactively.","avoid_when":"You need strong network-level security controls, OAuth scopes, or a documented rate limiting/auth scheme suitable for remote deployment; also avoid if you cannot control the local environment where the MCP server runs.","alternatives":["Write a custom MCP server directly against Hopper's Python APIs (if available) to expose only the tools you need","Use Hopper's built-in scripting/API mechanisms without MCP and integrate via your own IPC layer","Other disassembler tooling with existing LLM/MCP integrations (if available) such as Ghidra-focused MCP/tooling"],"af_score":56.5,"security_score":28.8,"reliability_score":25.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:20:37.527936+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://localhost:42069/mcp/","has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["None specified (local MCP server on localhost)"],"oauth":false,"scopes":false,"notes":"No authentication mechanism (API keys/OAuth) is described. The README indicates a localhost MCP server, implying access control may rely on local network/host protections rather than application-layer auth."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source (MIT license per repo metadata). No pricing described."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.5,"security_score":28.8,"reliability_score":25.0,"mcp_server_quality":75.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":5.0,"tls_enforcement":20.0,"auth_strength":10.0,"scope_granularity":0.0,"dependency_hygiene":55.0,"secret_handling":70.0,"security_notes":"No authentication/authorization is documented; the MCP server is referenced at localhost, which reduces exposure but does not replace app-layer security for host-local threats. No TLS or HTTPS behavior is described (likely plain localhost). Dependency hygiene is not verifiable from provided text; MIT-licensed Python with fastmcp dependency suggests typical Python dependency risk. README does not discuss secret handling; likely no secrets are required, but confirm that logs/scripts do not emit environment-sensitive data during caching/analysis.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":20.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"The toolset includes mutating operations (e.g., set_comment_at_address, set_name_at_address, mark_data_type_at_address). The README does not state idempotency guarantees for these calls.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Requires Hopper Python prompt steps (optionally cache_strings()) before launch_server for performance","Runtime speed may depend heavily on whether string caching is performed","Localhost endpoint assumes the agent/client can reach http://localhost:42069/mcp/ from the running environment","Installation may fail if fastmcp import/Python environment differs; troubleshooting suggests environment-specific dependency installation"]}}