{"id":"mrphrazer-ghidra-headless-mcp","name":"ghidra-headless-mcp","homepage":null,"repo_url":"https://github.com/mrphrazer/ghidra-headless-mcp","category":"ai-ml","subcategories":[],"tags":["reverse-engineering","ghidra","pyghidra","mcp","headless","agent-tools","scripting","disassembly","decompilation","patching"],"what_it_does":"Provides a headless Ghidra server that exposes Ghidra reverse-engineering workflows to AI agents via the MCP (Model Context Protocol), with stdio (default) and TCP transports and both real (pyghidra) and fake-backend modes.","use_cases":["Automated disassembly/decompilation analysis in containerized or sandboxed environments","Agent-driven patching and iterative refinement of Ghidra analysis state (types/symbols/xrefs)","Running Ghidra-related scripted workflows through MCP tools","Integrating reverse-engineering capabilities into an MCP-capable agent host","CI/testing of tool catalogs and workflows via fake backend mode"],"not_for":["Untrusted network exposure (unauthenticated by default)","Use cases requiring production-grade service-level guarantees without additional ops hardening","Highly regulated environments without clear compliance/security controls around scripting and remote code execution surfaces"],"best_when":"Run locally or inside a trusted container/VM network with the agent host, and when you can securely manage access to a powerful but unauthenticated scripting-capable MCP interface.","avoid_when":"Avoid exposing the TCP transport to untrusted networks/users; avoid using in shared/multi-tenant environments without strong network controls and process isolation.","alternatives":["Run Ghidra headless scripts directly from your orchestration system (without MCP)","Other reverse-engineering automation frameworks (scripted pyghidra tooling) integrated into your agent runtime","A custom RPC wrapper around pyghidra with your own auth/network controls"],"af_score":49.8,"security_score":30.8,"reliability_score":31.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:22:57.431515+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["none (unauthenticated by default)"],"oauth":false,"scopes":false,"notes":"README states MCP communication (stdio/tcp) is unauthenticated by default; no auth mechanism described in documentation."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source Python package (license GPL-2.0 per repo metadata). No pricing information provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":49.8,"security_score":30.8,"reliability_score":31.2,"mcp_server_quality":78.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":20.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":5.0,"scope_granularity":0.0,"dependency_hygiene":50.0,"secret_handling":50.0,"security_notes":"README explicitly says MCP communication is unauthenticated by default and exposes broad scripting/API access (ghidra.eval / ghidra.call). This is appropriate only for trusted, containerized environments; TCP should not be exposed to untrusted networks. README does not describe TLS, authorization, fine-grained scopes, auditing, or secret-handling specifics.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":30.0,"error_recovery":50.0,"idempotency_support":"false","idempotency_notes":"Some actions are explicitly read-only by default and mutation is handled via transactions/undo/redo and save paths, but the README does not clearly document idempotency guarantees for tool calls.","pagination_style":"offset/limit with has_more/next_offset","retry_guidance_documented":false,"known_agent_gotchas":["TCP transport is unauthenticated by default; ensure network isolation or use stdio where possible.","Tool catalog listing can return full tool set without pagination unless offset/limit are provided (agents may need to cap results).","Fake-backend mode is intended for CI/dev without a Ghidra install; capabilities may differ from live mode.","Read-only mode for opened programs is default; switching to read-write may be required for mutation workflows."]}}