Email Phishing Detection MCP Server

A Model Context Protocol (MCP) server that utilizes a machine learning model to detect phishing attempts in email text. This server exposes a tool that can be used by LLMs to analyze email content and determine if it is "Normal" or "Phishing".

Features

Phishing Detection: Uses a pre-trained ONNX model (tfidf_logistic_regression.onnx) to classify emails.
MCP Interface: Exposes a standard MCP tool PhishingDetection for easy integration with AI assistants.
TypeScript: Built with modern TypeScript for type safety and maintainability.
Docker Support: Includes a Dockerfile for easy containerization and deployment.

Prerequisites

Node.js (v18 or higher recommended)
npm

Installation

Clone the repository:

git clone https://github.com/Geoff-Robin/Email-Phishing-Detection-MCP.git
cd Email-Phishing-Detection-MCP

Install dependencies:
```
npm install
```

Usage

Running Locally (Development)

To run the server in development mode with hot-reloading:

npm run dev

The server will start on port 3000.

Building and Running (Production)

To build the TypeScript code and run the compiled JavaScript:

Build the project:
```
npm run build
```
Note: Currently, the build process compiles TypeScript but may not copy the model file. Ensure dist/models contains the .onnx model if running from dist.
Start the server:
```
npm start
```

Docker

You can also run the server using Docker:

Build the image:
```
docker build -t phishing-mcp-server .
```

Run the container:

docker run -p 3000:3000 phishing-mcp-server

API Reference

MCP Tools

The server exposes the following MCP tool:

`PhishingDetection`

Analyzes the provided email text and returns a classification.

Input:
- emailText (string): The content of the email to analyze.
Output:
- Returns a text content block with either "Normal Email" or "Phishing Email".

Project Structure

src/: Source code
- index.ts: Server entry point and HTTP setup.
- mcp.ts: MCP server definition and model inference logic.
- models/: Directory containing the ONNX model.
PhishingDetection.ipynb: Jupyter notebook containing the model training and evaluation process.

Model Details

The phishing detection is powered by a Logistic Regression model trained on TF-IDF features. The model is exported to ONNX format for efficient inference in the Node.js environment. See PhishingDetection.ipynb for the training code.

License

ISC

Name		Name	Last commit message	Last commit date
Latest commit History 40 Commits
src		src
.dockerignore		.dockerignore
.gitattributes		.gitattributes
.gitignore		.gitignore
.npmrc		.npmrc
.python-version		.python-version
Dockerfile		Dockerfile
PhishingDetection.ipynb		PhishingDetection.ipynb
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json
pyproject.toml		pyproject.toml
tf_idf_logistic_regresssion.ipynb		tf_idf_logistic_regresssion.ipynb
tsconfig.json		tsconfig.json
uv.lock		uv.lock

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Email Phishing Detection MCP Server

Features

Prerequisites

Installation

Usage

Running Locally (Development)

Building and Running (Production)

Docker

API Reference

MCP Tools

`PhishingDetection`

Project Structure

Model Details

License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Geoff-Robin/Email-Phishing-Detection-MCP

Folders and files

Latest commit

History

Repository files navigation

Email Phishing Detection MCP Server

Features

Prerequisites

Installation

Usage

Running Locally (Development)

Building and Running (Production)

Docker

API Reference

MCP Tools

PhishingDetection

Project Structure

Model Details

License

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

`PhishingDetection`

Packages