MCP Defender, an open-source desktop app, aims to protect against malicious activities in AI apps like Cursor and Claude by acting as a proxy and firewall for MCP (Machine Code Protocol) traffic. It scans requests and responses, using an LLM to detect threats like prompt injection, credential theft, and arbitrary code execution. When suspicious activity is detected, users are alerted and can choose to block or allow the action. The tool intercepts MCP calls, rerouting them through its proxy for scanning before reaching the server. While some express skepticism about relying on LLMs for security due to potential vulnerabilities like prompt injection, the developer plans to add deterministic rules and the ability to use multiple LLMs for parallel scanning, aiming for a defense-in-depth approach. The project focuses on ease of setup and background operation, though the default mode involves sending message content to a remote LLM, raising trust concerns. The developers are working on an option to use local LLMs to avoid data leaving the computer.