playbooks

home / mcp / garak mcp server

Garak MCP Server

MCP Server for using Garak LLM vulnerability scanner

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "edenyavin-garak-mcp": {
      "command": "uv",
      "args": [
        "--directory",
        "path-to/Garak-MCP",
        "run",
        "garak-server"
      ]
    }
  }
}

You can run Garak vulnerability scans and assess model attacks through a lightweight MCP server. This server exposes a set of probes and reports, allowing you to orchestrate attacks against various model types and view detailed results from a single, centralized MCP interface.

How to use

Connect with an MCP client to interact with the Garak MCP server. You can list available model types, view models for a type, explore Garak probes, run attacks, and retrieve the latest vulnerability report. Use the standard MCP flow to start the server, issue commands, and read the resulting JSONL reports stored in your configured output path.

How to install

Prerequisites You need Python 3.11 or newer to run Garak MCP.

Install the Python package installer uv.

Optional: If you plan to run attacks on Ollama models, ensure the Ollama server is running.

Steps to install and run Garak MCP locally:

python --version
# Ensure Python 3.11+
pip install uv

Install Garak MCP and configure your MCP host

Clone the Garak MCP repository, then configure your MCP host to run the Garak MCP server as a stdio MCP entry point.

git clone https://github.com/BIGdeadLock/Garak-MCP.git
```

```json
{
  "mcpServers": {
    "garak_mcp": {
      "type": "stdio",
      "command": "uv",
      "args": ["--directory", "path-to/Garak-MCP", "run", "garak-server"],
      "env": {}
    }
  }
}

Running vulnerability scans and using the CLI

You can run Garak vulnerability scans through the included CLI. Ensure Ollama is running if you plan to use Ollama models, and pull a model to scan before starting.

Notes on prerequisites and setup

- Ollama must be running if you are scanning Ollama models. Start it with ollama serve. - Pull a model to scan with ollama pull llama2.

Test commands and example workflow

Use the CLI workflow to list models, run scans, and generate reports. The Garak MCP server exposes endpoints to list model types, list models for a type, list probes, run an attack, and retrieve the latest report.

Available tools

list_model_types

List all available model types that can be used for attacks (ollama, openai, huggingface, ggml).

list_models

List all available models for a given model type. Requires model_type as input.

list_garak_probes

List all available Garak attacks/probes.

get_report

Get the report of the last run.

run_attack

Run an attack with a given model and probe.

Garak MCP Server - edenyavin/garak-mcp