MCP_AI_SOC_Sher

akramIOT/MCP_AI_SOC_Sher

🔗 Latest commit:e23ecc6

🕒 Updated:Sep 9, 2025, 01:05 PM

Python

Security

AI SOC Security Threat analysis using MCP Server

MCP Trust Score

Based on our comprehensive evaluation criteria

🤖 Evaluated by gemini-2.5-flashFix

Trust Score59/100

• Most MCP protocol features implemented (34/40)
• Room for improvement in GitHub community
• Good dependency choices (18/20)
• Moderate deployment maturity (5/10)
• Documentation (8/8)
• Archestra MCP Trust score badge is missing

GitHub Metrics

Repository statistics and activity

⭐ GitHub Stars:2

👥 Contributors:1

📋 Total Issues:0

📦 Has Releases:Yes

🔧 Has CI/CD Pipeline:No

Configuration

Configuration example extracted from README.md for Claude Desktop and other clients.

🤖 Evaluated by gemini-2.5-flashFix

{
  "mcp-ai-soc-sher-local-python": {
    "command": "python",
    "args": [
      "-c",
      "import os; os.environ[\"OPENAI_API_KEY\"] = \"your-api-key-here\"; from mcp_ai_soc_sher.local import LocalMCPServer; server = LocalMCPServer(); server.start()"
    ],
    "env": {
      "OPENAI_API_KEY": "your-api-key-here"
    }
  },
  "mcp-ai-soc-local-stdio-sse": {
    "command": "mcp-ai-soc",
    "args": [
      "--type",
      "local",
      "--stdio",
      "--sse"
    ],
    "env": {}
  },
  "mcp-ai-soc-local-stdio": {
    "command": "mcp-ai-soc",
    "args": [
      "--type",
      "local",
      "--stdio"
    ],
    "env": {}
  },
  "mcp-ai-soc-local-sse": {
    "command": "mcp-ai-soc",
    "args": [
      "--type",
      "local",
      "--sse"
    ],
    "env": {}
  },
  "mcp-ai-soc-remote": {
    "command": "mcp-ai-soc",
    "args": [
      "--type",
      "remote"
    ],
    "env": {}
  }
}

MCP Protocol Support

Implemented MCP protocol features

🤖 Evaluated by gemini-2.5-flashFix

Tools:✓

Prompts:✓

Resources:✓

Sampling:✓

Roots:✗

Logging:✗

STDIO Transport:✓

HTTP Transport:✓

OAuth2 Auth:✗

Dependencies

15 dependencies

Libraries and frameworks used by this MCP server

🤖 Evaluated by gemini-2.5-flashFix

Main

langchain

fastapi

langchain-openai

langchain-community

uvicorn

openai

sqlalchemy

faiss-cpu

pydantic

Medium

sse-starlette

pandas

requests

Light

python-dotenv

importlib-resources

typing-extensions

README.md

MCP AI SOC Sher

A powerful AI-driven Security Operations Center (SOC) Text2SQL framework based MCP Server (Local and Remote) for converting natural language Prompts to SQL queries dynamically, with integrated security threat analysis and monitoring.

Features

Text2SQL Conversion: Convert natural language queries to optimized SQL
Multiple Interfaces: Support for STDIO, SSE, and REST API
Security Threat Analysis: Built-in SQL query security analysis
Multiple Database Support: Connect to SQLite or Snowflake databases
Streaming Responses: Real-time query processing feedback
SOC Monitoring: Security Operations Center monitoring capabilities

Installation

pip install mcp-ai-soc-sher

Quick Start

# Set your OpenAI API key
import os
os.environ["OPENAI_API_KEY"] = "your-api-key-here"

# Use as local server
from mcp_ai_soc_sher.local import LocalMCPServer

server = LocalMCPServer()
server.start()

# Or run from command line
# mcp-ai-soc --type local --stdio --sse

Command Line Usage

# Run local server with STDIO interface
mcp-ai-soc --type local --stdio

# Run local server with SSE interface
mcp-ai-soc --type local --sse

# Run remote server with REST API
mcp-ai-soc --type remote

Configuration

Create a .env file with your configuration:

OPENAI_API_KEY=your_openai_api_key_here
MCP_DB_URI=sqlite:///your_database.db
MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true

See the documentation for all configuration options.

Example

import json
import requests

# Query the server
response = requests.post(
    "http://localhost:8000/api/sql",
    headers={"Content-Type": "application/json", "X-API-Key": "your-api-key"},
    json={
        "query": "Find all suspicious login attempts in the last 24 hours",
        "optimize": True,
        "execute": True
    }
)

# Process the response
result = response.json()
print(f"SQL Query: {result['sql']}")
if result['results']:
    print("Results:")
    for row in result['results']:
        print(row)

Security Features

Rule-based and AI-powered SQL query security analysis
Detection of potential SQL injection attacks
Sensitive table access monitoring
Configurable security levels and actions

License

See LICENSE for details.

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

Resources

GitHub Repository

Add Quality Badge

Show your MCP trust score in your README

[![Trust Score](https://archestra.ai/mcp-catalog/api/badge/quality/akramIOT/MCP_AI_SOC_Sher)](https://archestra.ai/mcp-catalog/akramiot__mcp_ai_soc_sher)

Edit This Server Add New MCP Server Report an Issue

README.md

MCP AI SOC Sher

Features

Text2SQL Conversion: Convert natural language queries to optimized SQL
Multiple Interfaces: Support for STDIO, SSE, and REST API
Security Threat Analysis: Built-in SQL query security analysis
Multiple Database Support: Connect to SQLite or Snowflake databases
Streaming Responses: Real-time query processing feedback
SOC Monitoring: Security Operations Center monitoring capabilities

Installation

pip install mcp-ai-soc-sher

Quick Start

# Set your OpenAI API key
import os
os.environ["OPENAI_API_KEY"] = "your-api-key-here"

# Use as local server
from mcp_ai_soc_sher.local import LocalMCPServer

server = LocalMCPServer()
server.start()

# Or run from command line
# mcp-ai-soc --type local --stdio --sse

Command Line Usage

# Run local server with STDIO interface
mcp-ai-soc --type local --stdio

# Run local server with SSE interface
mcp-ai-soc --type local --sse

# Run remote server with REST API
mcp-ai-soc --type remote

Configuration

Create a .env file with your configuration:

OPENAI_API_KEY=your_openai_api_key_here
MCP_DB_URI=sqlite:///your_database.db
MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true

See the documentation for all configuration options.

Example

import json
import requests

# Query the server
response = requests.post(
    "http://localhost:8000/api/sql",
    headers={"Content-Type": "application/json", "X-API-Key": "your-api-key"},
    json={
        "query": "Find all suspicious login attempts in the last 24 hours",
        "optimize": True,
        "execute": True
    }
)

# Process the response
result = response.json()
print(f"SQL Query: {result['sql']}")
if result['results']:
    print("Results:")
    for row in result['results']:
        print(row)

Security Features

Rule-based and AI-powered SQL query security analysis
Detection of potential SQL injection attacks
Sensitive table access monitoring
Configurable security levels and actions

License

See LICENSE for details.

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.