πŸš€ Big News:Socket Has Acquired Secure Annex.Learn More β†’
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@iflow-mcp/iris-eval-mcp-server

Package Overview
Dependencies
Maintainers
2
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@iflow-mcp/iris-eval-mcp-server

The agent eval standard for MCP. Score every agent output for quality, safety, and cost.

latest
Source
npmnpm
Version
0.2.0
Version published
Weekly downloads
2
-86.67%
Maintainers
2
Weekly downloads
Β 
Created
Source

Iris β€” The Agent Eval Standard for MCP

Glama Score Install in Cursor npm version npm downloads GitHub stars CI License: MIT Docker PulseMCP mcp.so

Know whether your AI agents are actually good enough to ship. Iris is an open-source MCP server that scores output quality, catches safety failures, and enforces cost budgets across all your agents. Any MCP-compatible agent discovers and uses it automatically β€” no SDK, no code changes.

Iris Dashboard

The Problem

Your agents are running in production. Infrastructure monitoring sees 200 OK and moves on. It has no idea the agent just:

  • Leaked a social security number in its response
  • Hallucinated an answer with zero factual grounding
  • Burned $0.47 on a single query β€” 4.7x your budget threshold
  • Made 6 tool calls when 2 would have sufficed

Iris evaluates all of it.

What You Get

Trace LoggingHierarchical span trees with per-tool-call latency, token usage, and cost in USD. Stored in SQLite, queryable instantly.
Output Evaluation12 built-in rules across 4 categories: completeness, relevance, safety, cost. PII detection, prompt injection patterns, hallucination markers. Add custom rules with Zod schemas.
Cost VisibilityAggregate cost across all agents over any time window. Set budget thresholds. Get flagged when agents overspend.
Web DashboardReal-time dark-mode UI with trace visualization, eval results, and cost breakdowns.

Requires Node.js 20 or later. Check with node --version.

Quickstart

Add Iris to your MCP config. Works with Claude Desktop, Cursor, Windsurf, and any MCP-compatible agent.

{
  "mcpServers": {
    "iris-eval": {
      "command": "npx",
      "args": ["@iris-eval/mcp-server"]
    }
  }
}

That's it. Your agent discovers Iris and starts logging traces automatically.

Want the dashboard?

npx @iris-eval/mcp-server --dashboard
# Open http://localhost:6920
Setup by tool

Claude Desktop

Edit your MCP config file:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Add the JSON config above, then restart Claude Desktop.

Claude Code

claude mcp add --transport stdio iris-eval -- npx @iris-eval/mcp-server

Then restart the session (/clear or relaunch) for tools to load.

Windows note: Do not use cmd /c wrapper β€” it causes path parsing issues. The npx command works directly.

Cursor / Windsurf

Add to your workspace .cursor/mcp.json or global MCP settings using the JSON config above.

Other Install Methods

# Global install (recommended for persistent data and faster startup)
npm install -g @iris-eval/mcp-server
iris-mcp --dashboard

# Docker
docker run -p 3000:3000 -v iris-data:/data ghcr.io/iris-eval/mcp-server

Tip: Global install (npm install -g) stores traces persistently at ~/.iris/iris.db. With npx, traces persist in the same location, but startup is slower due to package resolution.

MCP Tools

Iris registers three tools that any MCP-compatible agent can invoke:

  • log_trace β€” Log an agent execution with spans, tool calls, token usage, and cost
  • evaluate_output β€” Score output quality against completeness, relevance, safety, and cost rules
  • get_traces β€” Query stored traces with filtering, pagination, and time-range support

Full tool schemas and configuration: iris-eval.com

Cloud Tier (Coming Soon)

Self-hosted Iris runs on your machine with SQLite. As your team's eval needs grow, the cloud tier adds PostgreSQL, team dashboards, alerting on quality regressions, and managed infrastructure.

Join the waitlist to get early access.

Examples

Community

Configuration & Security

CLI Arguments

FlagDefaultDescription
--transportstdioTransport type: stdio or http
--port3000HTTP transport port
--db-path~/.iris/iris.dbSQLite database path
--config~/.iris/config.jsonConfig file path
--api-keyβ€”API key for HTTP authentication
--dashboardfalseEnable web dashboard
--dashboard-port6920Dashboard port

Environment Variables

VariableDescription
IRIS_TRANSPORTTransport type
IRIS_PORTHTTP port
IRIS_DB_PATHDatabase path
IRIS_LOG_LEVELLog level: debug, info, warn, error
IRIS_DASHBOARDEnable dashboard (true/false)
IRIS_API_KEYAPI key for HTTP authentication
IRIS_ALLOWED_ORIGINSComma-separated allowed CORS origins

Security

When using HTTP transport, Iris includes:

  • API key authentication with timing-safe comparison
  • CORS restricted to localhost by default
  • Rate limiting (100 req/min API, 20 req/min MCP)
  • Helmet security headers
  • Zod input validation on all routes
  • ReDoS-safe regex for custom eval rules
  • 1MB request body limits
# Production deployment
iris-mcp --transport http --port 3000 --api-key "$(openssl rand -hex 32)" --dashboard
Troubleshooting

Iris won't start / ERR_MODULE_NOT_FOUND

You may have a cached older version. Clear the npx cache and retry:

npx --yes @iris-eval/mcp-server@latest

Or install globally to avoid cache issues entirely:

npm install -g @iris-eval/mcp-server@latest

Tools not showing up in Claude Code

MCP tools only load at session start. After adding iris-eval, restart the session with /clear or relaunch the terminal.

Version check

Verify which version is running:

npx @iris-eval/mcp-server --help
# Shows "Iris MCP-Native Agent Eval & Observability Server vX.Y.Z"

Updating

# If using npx (clears cache and fetches latest)
npx --yes @iris-eval/mcp-server@latest

# If installed globally
npm update -g @iris-eval/mcp-server

Node.js version

Iris requires Node.js 20 or later. Node 18 reached EOL in April 2025 and is not supported.

node --version  # Must be v20.x or v22.x+

Windows: cmd /c not needed

Claude Code's /doctor may suggest wrapping npx with cmd /c. This is not needed and causes path parsing issues. Use npx directly:

# Correct
claude mcp add --transport stdio iris-eval -- npx @iris-eval/mcp-server

# Wrong (causes /c to be parsed as a path)
claude mcp add --transport stdio iris-eval -- cmd /c "npx @iris-eval/mcp-server"

If Iris is useful to you, consider starring the repo β€” it helps others find it.

Star on GitHub

MIT Licensed.

Keywords

mcp
mcp-server
model-context-protocol
agent
ai-agent
evaluation

FAQs

Package last updated on 16 Apr 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket Releases Free Certified Patches for Critical vm2 Sandbox Escape

Security News

Socket Releases Free Certified Patches for Critical vm2 Sandbox Escape

A critical vm2 sandbox escape can allow untrusted JavaScript to break isolation and execute commands on the host Node.js process.

By Wenxin Jiang, Marvin Fleischer, Jonah GhebremichaelΒ  - Β May 08, 2026