-
Notifications
You must be signed in to change notification settings - Fork 0
MCP Tools Reference
security-mcp exposes its capability through MCP tools and prompts. Tools are grouped into three namespaces: security.* (29), repo.* (2), and orchestration.* (9), plus 2 prompts. Your MCP client lists them once the server is connected. Many tools are gated behind caller auth when a shared secret is configured.
| Tool | Description |
|---|---|
| authenticate | Open an authenticated session using the shared secret |
| logout | End the current session |
| start_review | Begin a scoped review and persist a review record |
| attest_review | Write a SHA-256 attested report for a passing review |
| run_pr_gate | Run the full gate engine over a change and return the verdict |
| get_system_prompt | Fetch the senior security engineer system prompt |
| threat_model | Generate a threat model for the project or a surface |
| checklist | Produce a per-surface security checklist |
| generate_policy | Generate a starter security policy file |
| scan_strategy | Plan a review: surfaces, checks, and skills for a scope |
| terraform_hardening_blueprint | Produce a Terraform hardening plan from cloud findings |
| generate_opa_rego | Generate OPA/Rego policy for conftest |
| self_heal_loop | Iterate fix and re-verify until clean or blocked |
| generate_compliance_report | Build an audit-ready compliance report |
| notify_webhooks | Send findings to configured integrations |
| generate_remediations | Produce concrete fixes for findings |
| record_outcome | Record a finding outcome into the learning engine |
| get_routing | Return learning-aware routing guidance |
| pattern_report | Report learned patterns and false-positive trends |
| get_model_for_task | Select the right model for a given task |
| track_usage | Record token and cost usage |
| model_budget_status | Report spend against the budget |
| get_provider_health | Report provider health and circuit state |
| record_provider_failure | Record a provider failure toward the breaker |
| reset_provider_circuit | Manually reset a tripped circuit breaker |
| init_chain | Initialize the attestation hash chain (genesis block) |
| attest_agent | Append an agent attestation block to the chain |
| verify_chain | Verify the chain in constant time |
| get_chain | Read the current chain |
| Tool | Description |
|---|---|
| read_file | Read a file from the project for analysis |
| search | Search the project for code and patterns |
| Tool | Description |
|---|---|
| create_agent_run | Start a tracked agent run with persistent state |
| update_agent_status | Update an agent's run status |
| merge_agent_findings | Merge and deduplicate findings across agents |
| ensure_skill | Load a skill from the 91-skill registry on demand |
| read_agent_memory | Read an agent's persistent memory |
| write_agent_memory | Write to an agent's persistent memory |
| check_updates | Check for available updates |
| apply_updates | Apply available updates |
| verify_skill_coverage | Verify every methodology section has a skill owner |
| Prompt | Description |
|---|---|
| security-engineer | The senior security engineer prompt for the daily-driver agent |
| threat-model-template | A structured template for producing a threat model |
get_model_for_task picks a cost-appropriate model per task. track_usage and model_budget_status keep spend visible against the default $5 budget. get_provider_health, record_provider_failure, and reset_provider_circuit drive the circuit breaker, which opens after 3 consecutive failures with a 60 second cooldown and can be reset manually. The router is model-agnostic; it works with whatever provider your MCP client supplies.
record_outcome feeds the integrity-checked pattern store with what a finding turned out to be. get_routing returns learning-aware routing so prior outcomes steer future runs. pattern_report surfaces learned patterns and false-positive trends, which the engine uses to rate-limit noisy findings. Routing decisions are kept in an ISO 42001 style audit.
init_chain writes the genesis block. attest_agent appends a block linked by HMAC or SHA-256. verify_chain checks integrity in constant time, and get_chain returns the current state. The chain is tamper-evident and underpins the audit story in Security and Hardening.
authenticate opens a session with a constant-time HMAC handshake against SECURITY_MCP_SHARED_SECRET (minimum 32 bytes). logout ends it. Three failed attempts lock the caller out, and sessions expire after a default 8 hours, capped at 24. See Environment Variables for the relevant settings.
Start here
Engines
Agents
Reference
Operate