Skip to content

MCP Tools Reference

AbrahamOO edited this page Jun 18, 2026 · 1 revision

MCP Tools Reference

security-mcp exposes its capability through MCP tools and prompts. Tools are grouped into three namespaces: security.* (29), repo.* (2), and orchestration.* (9), plus 2 prompts. Your MCP client lists them once the server is connected. Many tools are gated behind caller auth when a shared secret is configured.

security.* (29)

Tool Description
authenticate Open an authenticated session using the shared secret
logout End the current session
start_review Begin a scoped review and persist a review record
attest_review Write a SHA-256 attested report for a passing review
run_pr_gate Run the full gate engine over a change and return the verdict
get_system_prompt Fetch the senior security engineer system prompt
threat_model Generate a threat model for the project or a surface
checklist Produce a per-surface security checklist
generate_policy Generate a starter security policy file
scan_strategy Plan a review: surfaces, checks, and skills for a scope
terraform_hardening_blueprint Produce a Terraform hardening plan from cloud findings
generate_opa_rego Generate OPA/Rego policy for conftest
self_heal_loop Iterate fix and re-verify until clean or blocked
generate_compliance_report Build an audit-ready compliance report
notify_webhooks Send findings to configured integrations
generate_remediations Produce concrete fixes for findings
record_outcome Record a finding outcome into the learning engine
get_routing Return learning-aware routing guidance
pattern_report Report learned patterns and false-positive trends
get_model_for_task Select the right model for a given task
track_usage Record token and cost usage
model_budget_status Report spend against the budget
get_provider_health Report provider health and circuit state
record_provider_failure Record a provider failure toward the breaker
reset_provider_circuit Manually reset a tripped circuit breaker
init_chain Initialize the attestation hash chain (genesis block)
attest_agent Append an agent attestation block to the chain
verify_chain Verify the chain in constant time
get_chain Read the current chain

repo.* (2)

Tool Description
read_file Read a file from the project for analysis
search Search the project for code and patterns

orchestration.* (9)

Tool Description
create_agent_run Start a tracked agent run with persistent state
update_agent_status Update an agent's run status
merge_agent_findings Merge and deduplicate findings across agents
ensure_skill Load a skill from the 91-skill registry on demand
read_agent_memory Read an agent's persistent memory
write_agent_memory Write to an agent's persistent memory
check_updates Check for available updates
apply_updates Apply available updates
verify_skill_coverage Verify every methodology section has a skill owner

Prompts (2)

Prompt Description
security-engineer The senior security engineer prompt for the daily-driver agent
threat-model-template A structured template for producing a threat model

Operational tool families

Model routing, budget, and provider health

get_model_for_task picks a cost-appropriate model per task. track_usage and model_budget_status keep spend visible against the default $5 budget. get_provider_health, record_provider_failure, and reset_provider_circuit drive the circuit breaker, which opens after 3 consecutive failures with a 60 second cooldown and can be reset manually. The router is model-agnostic; it works with whatever provider your MCP client supplies.

Learning

record_outcome feeds the integrity-checked pattern store with what a finding turned out to be. get_routing returns learning-aware routing so prior outcomes steer future runs. pattern_report surfaces learned patterns and false-positive trends, which the engine uses to rate-limit noisy findings. Routing decisions are kept in an ISO 42001 style audit.

Attestation hash chain

init_chain writes the genesis block. attest_agent appends a block linked by HMAC or SHA-256. verify_chain checks integrity in constant time, and get_chain returns the current state. The chain is tamper-evident and underpins the audit story in Security and Hardening.

Caller auth

authenticate opens a session with a constant-time HMAC handshake against SECURITY_MCP_SHARED_SECRET (minimum 32 bytes). logout ends it. Three failed attempts lock the caller out, and sessions expire after a default 8 hours, capped at 24. See Environment Variables for the relevant settings.

Clone this wiki locally