{"id":"r0ysue-r0idamcp","name":"r0idamcp","homepage":null,"repo_url":"https://github.com/r0ysue/r0idamcp","category":"devtools","subcategories":[],"tags":["mcp","ida-pro","reverse-engineering","sse","automation","fastmcp","plugin"],"what_it_does":"r0idamcp is a single-file MCP server plugin for IDA Pro that exposes reverse-engineering and IDB-editing capabilities (e.g., list/search functions/strings, decompile/disassemble, rename functions/variables, set comments, etc.) over an SSE endpoint (FastMCP-based). Intended to be used by MCP-capable LLM assistants to automate reverse engineering workflows inside/around IDA Pro.","use_cases":["LLM-assisted navigation of an IDB (list functions/strings, search strings, get xrefs)","Automated decompilation/disassembly retrieval for specific addresses","Semi-automated IDB editing (rename functions, rename global/local variables, set comments, set prototypes/types)","Getting current selection context (current address/function) for interactive agent loops","Converting numbers between decimal/hex for analysis tasks"],"not_for":["Internet-facing production deployments without additional network hardening","Use cases requiring strong authentication/authorization controls","Environments where agents must have auditable change logs or strict RBAC for IDB modifications","Workflows that require documented retry/idempotency semantics for safe automation"],"best_when":"You run IDA Pro and the MCP client on a trusted network (or localhost), and you want an agent to read and optionally modify an IDB as part of a controlled reverse-engineering session.","avoid_when":"When the SSE endpoint could be reached by untrusted parties, or when security requirements demand authentication, fine-grained authorization, and robust rate-limit/error-contract documentation.","alternatives":["mrexodia/ida-pro-mcp (IDA Pro MCP server plugin)","taida957789/ida-mcp-server-plugin","fdrechsler/mcp-server-idapro","MxIris-Reverse-Engineering/ida-mcp-server","Other MCP servers targeting disassembly/reversing workflows (if available)"],"af_score":38.5,"security_score":24.5,"reliability_score":25.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:51:10.436259+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://<ida-ip>:26868/sse","has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"README does not mention any authentication mechanism for the SSE endpoint. It only suggests allowing firewall access to port 26868 or using 127.0.0.1 for local-only connection."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"MIT-licensed open-source plugin; no SaaS pricing information provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":38.5,"security_score":24.5,"reliability_score":25.0,"mcp_server_quality":55.0,"documentation_accuracy":45.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":20.0,"rate_limit_clarity":10.0,"tls_enforcement":20.0,"auth_strength":10.0,"scope_granularity":0.0,"dependency_hygiene":40.0,"secret_handling":60.0,"security_notes":"README suggests allowing firewall access to an SSE port and optionally binding to 127.0.0.1 for local-only connections. No authentication/authorization, TLS, scope model, or rate-limit documentation is provided in the README content. Secret handling practices are not described.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":40.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":"Operations that mutate IDB state (rename variables/functions, set comments/types/prototypes) may not be idempotent; README does not document idempotency behavior.","pagination_style":"offset/count for list_strings and list_functions","retry_guidance_documented":false,"known_agent_gotchas":["SSE server appears intended for trusted network use; lack of documented auth can create security exposure if reachable.","IDB-mutation tools can produce irreversible changes during agent loops if safeguards are not implemented client-side.","Pagination is described via offset/count for listing functions/strings, but other endpoints do not clearly document pagination or result size limits."]}}