{"id":"symgraph-ghidrassistmcp","name":"GhidrAssistMCP","homepage":null,"repo_url":"https://github.com/symgraph/GhidrAssistMCP","category":"ai-ml","subcategories":[],"tags":["reverse-engineering","ghidra","mcp","llm-integration","analysis-tools","extensions","decompiler","async-tasks"],"what_it_does":"GhidrAssistMCP is a Ghidra extension that runs an MCP (Model Context Protocol) server, exposing a set of reverse-engineering tools, static program resources, and pre-built prompts so external AI assistants/tools can query and modify analysis state inside Ghidra (e.g., functions, strings, types, comments, renaming, structure operations).","use_cases":["Use an LLM/agent to explore Ghidra projects (list/search functions, strings, segments; fetch decompiler/disassembly/pcode).","Automate reverse-engineering workflows (cross-references, structure recovery/creation, type management).","Programmatic symbol editing in Ghidra (renames, comments, variables/types).","Assist with long-running analysis via async task endpoints (status/result polling and cancellation).","Build higher-level tooling that targets MCP resources (static program info/functions/strings/imports/exports/segments)."],"not_for":["Running in a headless or production server environment where Ghidra UI state is unavailable (tooling depends on open CodeBrowser windows/program focus).","High-security multi-tenant settings without additional network and host hardening (no auth controls were described).","As a general-purpose API unrelated to reverse engineering or Ghidra."],"best_when":"You want AI-assisted reverse engineering tightly coupled to an interactive Ghidra session and you can connect an MCP client to the locally hosted MCP server.","avoid_when":"You cannot restrict network access to the MCP server or you need strong tenant isolation/auditability of who is modifying analysis data.","alternatives":["Using Ghidra scripting (Jython/Java) plus your own HTTP wrapper/API.","Other Ghidra-to-LLM integrations or custom agents that parse exported Ghidra artifacts (e.g., decompiler output, symbol tables) instead of live MCP calls.","Implementing a custom MCP server around a Ghidra headless instance (if available) rather than a UI-integrated extension."],"af_score":49.0,"security_score":22.8,"reliability_score":22.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:26:57.680558+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://localhost:8080 (default; supports SSE and Streamable HTTP transports)","has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No authentication/authorization mechanism (API keys, OAuth, tokens, or IP allowlisting) was described in the provided README content. The server appears configurable with host/port and can be toggled on/off."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source extension (MIT license noted in repo metadata). No hosted pricing model described."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":49.0,"security_score":22.8,"reliability_score":22.5,"mcp_server_quality":86.0,"documentation_accuracy":78.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":10.0,"rate_limit_clarity":10.0,"tls_enforcement":20.0,"auth_strength":5.0,"scope_granularity":0.0,"dependency_hygiene":50.0,"secret_handling":50.0,"security_notes":"Based on provided content, TLS/authn/authz details are not specified; MCP server appears configurable but no authentication, authorization, or scope model was described. Because tools can modify reverse-engineering state (renames, types, comments, structure creation), exposure on an untrusted network could enable unauthorized changes. Dependency hygiene and secret handling are not verifiable from the provided README alone.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":20.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"Some tools clearly perform state-changing actions (e.g., create/modify structures, rename symbols, set comments/types). The README does not document idempotency or safe re-execution semantics.","pagination_style":"mixed","retry_guidance_documented":false,"known_agent_gotchas":["State-changing tools can alter Ghidra artifacts; agents should confirm targets/program context (the README emphasizes active context hints but does not guarantee safety).","Async task operations require polling via get_task_status and handling cancellation; retry behavior is not documented.","Network exposure: default host localhost/port 8080 is configurable; if bound beyond localhost, unauthenticated access could be possible.","Pagination parameters (e.g., limit) are mentioned for some list/search tools, but a uniform pagination contract is not fully specified across all endpoints in the README snippet."]}}