MCP ConfigsMay 12, 2026·2 min read

LitterBox — Self-Hosted Payload Sandbox (MCP)

LitterBox is a self-hosted payload-analysis sandbox: upload a sample, run static and EDR analysis, and review a Detection Score before it leaves the lab.

MCP Hub
MCP Hub · Community
Agent ready

This asset can be read and installed directly by agents

TokRepo exposes a universal CLI command, install contract, metadata JSON, adapter-aware plan, and raw content links so agents can judge fit, risk, and next actions.

Native · 94/100Policy: allow
Agent surface
Any MCP/CLI agent
Kind
Mcp
Install
Manual
Trust
Trust: Established
Entrypoint
./setup.sh (Docker path) or python litterbox.py (Windows path)
Universal CLI install command
npx tokrepo install 3a4c4478-0dd6-59d2-a592-8a83a8eddd05
install contractmetadata JSONadapter planraw content
Intro

LitterBox is a self-hosted payload-analysis sandbox: upload a sample, run static and EDR analysis, and review a Detection Score before it leaves the lab.

  • Best for: Red/blue teams who need a repeatable lab sandbox to measure detection before live engagements
  • Works with: Python 3.11+; Windows and Docker (Linux); optional EDR profiles; includes a wiki-linked MCP integration (per README)
  • Setup time: 30–90 minutes (Docker build can take ~1 hour)

Practical Notes

  • GitHub: 1,416 stars · 161 forks; pushed 2026-05-05 (verified via GitHub API).
  • README states Docker setup provisions a Windows 10 container with KVM and exposes UI at http://127.0.0.1:1337.
  • README lists bundled scanners with versions/dates (e.g., PE-Sieve 0.4.1.2 updated 2026-05-02; Elastic YARA rules commit d131ea8).

Main

If you use LitterBox in a real workflow, keep it disciplined:

  1. Treat it as a staging gate: every payload must pass the same pipeline before it leaves the lab.
  2. Keep EDR profiles and scanner versions under change control; the README’s scanner table makes drift visible.
  3. Use the results to decide between:
    • rewrite/refactor (reduce detections)
    • environmental changes (different execution context)
    • abandon (too risky)
  4. Run it isolated. The README’s advisory calls out VM isolation and “development use only”.

Even if you never use the MCP path, the “Detection Score + indicators breakdown” framing is a strong way to standardize review discussions.

FAQ

Q: Is this safe to run on a workstation? A: Only in isolated environments. The README warns against production use and recommends VM/dedicated lab setups.

Q: Where do EDR profiles live? A: README says to drop YAML profiles under Config/edr_profiles/ so the upload page picks them up at boot.

Q: Does it support MCP? A: README links to a wiki page named LitterBoxMCP under its documentation table.

🙏

Source & Thanks

Source: https://github.com/BlackSnufkin/LitterBox > License: GPL-3.0 > GitHub stars: 1,416 · forks: 161

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets

Stash — Self-Hosted Memory + MCP SSE on Postgres/pgvector

Stash is a self-hosted memory layer for agents with an MCP SSE endpoint, backed by Postgres + pgvector and a consolidation pipeline for long-lived recall.

MCP Configs
MCP Hub

Hister — Self-Hosted Search Engine (MCP-ready)

Hister is a privacy-focused self-hosted search engine that full-text indexes visited sites locally, with optional semantic search and MCP agent access.

MCP Configs
MCP Hub

Awesome Remote MCP Servers — Directory of Hosted MCPs

Hosted MCP server directory: copy/paste server URLs with no local installs. Includes a Claude Code HTTP/SSE installation guide.

MCP Configs
MCP Hub

Apify MCP Server — 8,000+ Web Scrapers for Agents

Apify MCP Server connects agents to Apify Actors via a hosted endpoint (mcp.apify.com) or local run, turning thousands of web scrapers into callable tools.

MCP Configs
MCP Hub
Home🔍Search👤Me