RAD Security
Interact with the RAD Security platform which provides AI-powered security insights for Kubernetes and cloud environments.
RAD Security MCP Server
A Model Context Protocol (MCP) server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments.
Installation
npm install @rad-security/mcp-server
Usage
Prerequisites
- Node.js 20.x or higher
Environment Variables
The following environment variables are required to use the MCP server with Rad Security:
RAD_SECURITY_ACCESS_KEY_ID="your_access_key"
RAD_SECURITY_SECRET_KEY="your_secret_key"
RAD_SECURITY_ACCOUNT_ID="your_account_id"
Optional environment variables:
RAD_SECURITY_TENANT_ID="your_tenant_id" # Optional: If not provided, will be fetched automatically from the account
Optional: Filter Toolkits
You can control which toolkits are exposed by the MCP server using these environment variables:
INCLUDE_TOOLKITS: Comma-separated list of toolkits to include (only these will be enabled)EXCLUDE_TOOLKITS: Comma-separated list of toolkits to exclude (all except these will be enabled)
Available toolkits:
containers- Container inventory operationsclusters- Kubernetes cluster operationsidentities- Identity management operationsaudit- Audit log operationscloud_inventory- Cloud resource inventoryimages- Container image operationskubeobject- Kubernetes resource operationsmisconfigs- Misconfiguration detectionruntime- Runtime analysis operationsruntime_network- Network traffic analysisthreats- Threat vector operationsfindings- Security findings operationscves- CVE database operationsinbox- Inbox item operationsworkflows- Workflow execution operationsknowledge_base- Knowledge base search operationsradql- Query interface for rad data platform
Examples:
# Only enable workflow toolkit
INCLUDE_TOOLKITS="workflows"
# Enable only containers and images toolkits
INCLUDE_TOOLKITS="containers,images"
# Exclude workflow toolkit (enable all others)
EXCLUDE_TOOLKITS="workflows"
# Exclude runtime and threat toolkits
EXCLUDE_TOOLKITS="runtime,threats"
Note: If INCLUDE_TOOLKITS is set, EXCLUDE_TOOLKITS is ignored.
Operations Without Authentication
You can also use few operations without authentication:
- List CVEs
- Get details of a specific CVE
- Get latest 30 CVEs
- List Kubernetes resource misconfiguration policies
In cursor IDE
It's quite problematic to set ENV variables in cursor IDE.
So, you can use the following start.sh script to start the server.
./start.sh
Please set the ENV variables in the start.sh script first!
In Claude Desktop
You can use the following config to start the server in Claude Desktop.
{
"mcpServers": {
"rad-security": {
"command": "npx",
"args": ["-y", "@rad-security/mcp-server"],
"env": {
"RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
"RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
"RAD_SECURITY_ACCOUNT_ID": "<your-account-id>"
}
}
}
}
To filter toolkits, add INCLUDE_TOOLKITS or EXCLUDE_TOOLKITS to the env:
{
"mcpServers": {
"rad-security": {
"command": "npx",
"args": ["-y", "@rad-security/mcp-server"],
"env": {
"RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
"RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
"RAD_SECURITY_ACCOUNT_ID": "<your-account-id>",
"EXCLUDE_TOOLKITS": "workflows"
}
}
}
As a Docker Container - with Streamable HTTP
docker build -t rad-security/mcp-server .
docker run \
-e TRANSPORT_TYPE=streamable \
-e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
-e RAD_SECURITY_SECRET_KEY=your_secret_key \
-e RAD_SECURITY_ACCOUNT_ID=your_account_id \
-p 3000:3000 \
rad-security/mcp-server
With toolkit filters:
docker run \
-e TRANSPORT_TYPE=streamable \
-e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
-e RAD_SECURITY_SECRET_KEY=your_secret_key \
-e RAD_SECURITY_ACCOUNT_ID=your_account_id \
-e INCLUDE_TOOLKITS=workflows,containers \
-p 3000:3000 \
rad-security/mcp-server
As a Docker Container - with SSE (deprecated)
Note: The SSE transport is now deprecated in favor of Streamable HTTP. It's still supported for backward compatibility, but it's recommended to use Streamable HTTP instead.
docker build -t rad-security/mcp-server .
docker run \
-e TRANSPORT_TYPE=sse \
-e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
-e RAD_SECURITY_SECRET_KEY=your_secret_key \
-e RAD_SECURITY_ACCOUNT_ID=your_account_id \
-p 3000:3000 \
rad-security/mcp-server
Features
-
Account Inventory
- List clusters and their details*
-
Containers Inventory
- List containers and their details*
-
Security Findings
- List and analyze security findings*
-
Runtime Security
- Get process trees of running containers*
- Get runtime baselines of running containers*
- Analyze process behavior of running containers*
-
Network Security
- Monitor HTTP requests*
- Track network connections*
- Analyze network patterns*
-
Identity and Access
- List identities*
- Get identity details*
-
Audit
- List who shelled into a pod*
-
Cloud Security
- List and monitor cloud resources*
- Get resource details and compliance status*
-
Images
- Get SBOMs*
- List images and their vulnerabilities*
- Get top vulnerable images*
-
Kubernetes Objects
- Get details of a specific Kubernetes resource*
- List Kubernetes resources*
- List Kubernetes resource misconfiguration policies*
-
Threat Vector
- List threat vectors*
- Get details of a specific threat vector*
-
CVEs
- List CVEs
- Get details of a specific CVE
- Get latest 30 CVEs
-
RadQL (Advanced Querying)
- List available data types for querying (containers, findings, kubernetes_resources, etc.)*
- Get schema/metadata for specific data types*
- List possible values for filter fields*
- Execute RadQL queries with filtering, searching, and aggregations*
- Build queries programmatically from structured conditions*
- Execute multiple queries in parallel*
* - requires authentication and account in Rad Security.
Development
# Install dependencies
npm install
# Run type checking
npm run type-check
# Run linter
npm run lint
# Build
npm run build
License
MIT License - see the LICENSE file for details
Похожие серверы
HubSpot MCP Server by CData
A read-only MCP server for querying live HubSpot data, powered by CData.
Multi-Cluster MCP server
A gateway for GenAI systems to interact with multiple Kubernetes clusters through the MCP.
AWS MCP Servers
A suite of MCP servers providing AI applications with access to AWS documentation, contextual guidance, and best practices.
Cloudflare MCP Server
A remote MCP server deployable on Cloudflare Workers without authentication.
iFlytek Spark Agent
Invoke task chains on the iFlytek SparkAgent Platform.
OSDU MCP Server
Access OSDU platform capabilities including search, data management, and schema operations.
EnergyAtIt Grid MCP Server
EnergyAtIt is the first MCP server for physical grid infrastructure. 45 tools that let AI agents interact with power grid assets — translating 8 grid protocols (IEC 61850, DNP3, Modbus, OpenADR, OCPP, IEEE 2030.5) into MCP tool calls.
CData Zoho Inventory Server
A read-only MCP server by CData for querying live Zoho Inventory data.
Vertex AI MCP Server
Interact with Google Cloud's Vertex AI Gemini models for coding assistance and general query answering.
CData LinkedIn Ads
MCP Server for LinkedIn Ads, powered by the CData JDBC Driver. Requires a separate license and configuration.