mcp-server

rad-security/mcp-server

🔗 Latest commit:742cc5c

🕒 Updated:Sep 9, 2025, 01:06 PM

TypeScript

Security

Rad Security MCP Server

MCP Trust Score

Based on our comprehensive evaluation criteria

🤖 Evaluated by gemini-2.5-flashFix

Trust Score60/100

• Core MCP protocol features implemented (20/40)
• Room for improvement in GitHub community
• Optimal dependency management (20/20)
• Full deployment maturity (10/10)
• Documentation (8/8)
• Archestra MCP Trust score badge is missing

GitHub Metrics

Repository statistics and activity

⭐ GitHub Stars:5

👥 Contributors:2

📋 Total Issues:0

📦 Has Releases:Yes

🔧 Has CI/CD Pipeline:Yes

Configuration

Configuration example extracted from README.md for Claude Desktop and other clients.

🤖 Evaluated by gemini-2.5-flashFix

{
  "rad-security-mcp-server-start-script": {
    "command": "./start.sh",
    "args": [],
    "env": {}
  },
  "rad-security-mcp-server-npx-configured": {
    "command": "npx",
    "args": [
      "-y",
      "@rad-security/mcp-server"
    ],
    "env": {
      "RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
      "RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
      "RAD_SECURITY_ACCOUNT_ID": "<your-account-id>"
    }
  },
  "rad-security-mcp-server-docker-streamable": {
    "command": "docker",
    "args": [
      "run",
      "-e",
      "TRANSPORT_TYPE=streamable",
      "-e",
      "RAD_SECURITY_ACCESS_KEY_ID=your_access_key",
      "-e",
      "RAD_SECURITY_SECRET_KEY=your_secret_key",
      "-e",
      "RAD_SECURITY_ACCOUNT_ID=your_account_id",
      "-p",
      "3000:3000",
      "rad-security/mcp-server"
    ],
    "env": {
      "TRANSPORT_TYPE": "streamable",
      "RAD_SECURITY_ACCESS_KEY_ID": "your_access_key",
      "RAD_SECURITY_SECRET_KEY": "your_secret_key",
      "RAD_SECURITY_ACCOUNT_ID": "your_account_id"
    }
  },
  "rad-security-mcp-server-docker-sse": {
    "command": "docker",
    "args": [
      "run",
      "-e",
      "TRANSPORT_TYPE=sse",
      "-e",
      "RAD_SECURITY_ACCESS_KEY_ID=your_access_key",
      "-e",
      "RAD_SECURITY_SECRET_KEY=your_secret_key",
      "-e",
      "RAD_SECURITY_ACCOUNT_ID=your_account_id",
      "-p",
      "3000:3000",
      "rad-security/mcp-server"
    ],
    "env": {
      "TRANSPORT_TYPE": "sse",
      "RAD_SECURITY_ACCESS_KEY_ID": "your_access_key",
      "RAD_SECURITY_SECRET_KEY": "your_secret_key",
      "RAD_SECURITY_ACCOUNT_ID": "your_account_id"
    }
  }
}

MCP Protocol Support

Implemented MCP protocol features

🤖 Evaluated by gemini-2.5-flashFix

Tools:✓

Prompts:✗

Resources:✓

Sampling:✗

Roots:✗

Logging:✗

STDIO Transport:✗

HTTP Transport:✓

OAuth2 Auth:✗

Dependencies

5 dependencies

Libraries and frameworks used by this MCP server

🤖 Evaluated by gemini-2.5-flashFix

Main

@modelcontextprotocol/sdk

express

cors

Medium

zod

zod-to-json-schema

README.md

RAD Security MCP Server

A Model Context Protocol (MCP) server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments.

Installation

npm install @rad-security/mcp-server

Usage

Prerequisites

Node.js 20.x or higher

Environment Variables

The following environment are required required to use the MCP server with Rad Security:

RAD_SECURITY_ACCESS_KEY_ID="your_access_key"
RAD_SECURITY_SECRET_KEY="your_secret_key"
RAD_SECURITY_ACCOUNT_ID="your_account_id"

but you can also use few operations without authentication:

List CVEs
Get details of a specific CVE
Get latest 30 CVEs
List Kubernetes resource misconfiguration policies

In cursor IDE

It's quite problematic to set ENV variables in cursor IDE.

So, you can use the following start.sh script to start the server.

./start.sh

Please set the ENV variables in the start.sh script first!

In Claude Desktop

You can use the following config to start the server in Claude Desktop.

{
  "mcpServers": {
    "rad-security": {
      "command": "npx",
      "args": ["-y", "@rad-security/mcp-server"],
      "env": {
        "RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
        "RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
        "RAD_SECURITY_ACCOUNT_ID": "<your-account-id>"
      }
    }
  }

As a Docker Container - with Streamable HTTP

docker build -t rad-security/mcp-server .
docker run \
  -e TRANSPORT_TYPE=streamable \
  -e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
  -e RAD_SECURITY_SECRET_KEY=your_secret_key \
  -e RAD_SECURITY_ACCOUNT_ID=your_account_id \
  -p 3000:3000 \
  rad-security/mcp-server

As a Docker Container - with SSE (deprecated)

Note: The SSE transport is now deprecated in favor of Streamable HTTP. It's still supported for backward compatibility, but it's recommended to use Streamable HTTP instead.

docker build -t rad-security/mcp-server .
docker run \
  -e TRANSPORT_TYPE=sse \
  -e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
  -e RAD_SECURITY_SECRET_KEY=your_secret_key \
  -e RAD_SECURITY_ACCOUNT_ID=your_account_id \
  -p 3000:3000 \
  rad-security/mcp-server

Features

Account Inventory
- List clusters and their details*
Containers Inventory
- List containers and their details*
Security Findings
- List and analyze security findings*
Runtime Security
- Get process trees of running containers*
- Get runtime baselines of running containers*
- Analyze process behavior of running containers*
Network Security
- Monitor HTTP requests*
- Track network connections*
- Analyze network patterns*
Identity and Access
- List identities*
- Get identity details*
Audit
- List who shelled into a pod*
Cloud Security
- List and monitor cloud resources*
- Get resource details and compliance status*
Images
- Get SBOMs*
- List images and their vulnerabilities*
- Get top vulnerable images*
Kubernetes Objects
- Get details of a specific Kubernetes resource*
- List Kubernetes resources*
- List Kubernetes resource misconfiguration policies*
Threat Vector
- List threat vectors*
- Get details of a specific threat vector*
CVEs
- List CVEs
- Get details of a specific CVE
- Get latest 30 CVEs

* - requires authentication and account in Rad Security.

Development

# Install dependencies
npm install

# Run type checking
npm run type-check

# Run linter
npm run lint

# Build
npm run build

License

MIT License - see the LICENSE file for details

Resources

GitHub Repository

Add Quality Badge

Show your MCP trust score in your README

[![Trust Score](https://archestra.ai/mcp-catalog/api/badge/quality/rad-security/mcp-server)](https://archestra.ai/mcp-catalog/rad-security__mcp-server)

Edit This Server Add New MCP Server Report an Issue

README.md

RAD Security MCP Server

A Model Context Protocol (MCP) server for RAD Security, providing AI-powered security insights for Kubernetes and cloud environments.

Installation

npm install @rad-security/mcp-server

Usage

Prerequisites

Node.js 20.x or higher

Environment Variables

The following environment are required required to use the MCP server with Rad Security:

RAD_SECURITY_ACCESS_KEY_ID="your_access_key"
RAD_SECURITY_SECRET_KEY="your_secret_key"
RAD_SECURITY_ACCOUNT_ID="your_account_id"

but you can also use few operations without authentication:

List CVEs
Get details of a specific CVE
Get latest 30 CVEs
List Kubernetes resource misconfiguration policies

In cursor IDE

It's quite problematic to set ENV variables in cursor IDE.

So, you can use the following start.sh script to start the server.

./start.sh

Please set the ENV variables in the start.sh script first!

In Claude Desktop

You can use the following config to start the server in Claude Desktop.

{
  "mcpServers": {
    "rad-security": {
      "command": "npx",
      "args": ["-y", "@rad-security/mcp-server"],
      "env": {
        "RAD_SECURITY_ACCESS_KEY_ID": "<your-access-key-id>",
        "RAD_SECURITY_SECRET_KEY": "<your-secret-key>",
        "RAD_SECURITY_ACCOUNT_ID": "<your-account-id>"
      }
    }
  }

As a Docker Container - with Streamable HTTP

docker build -t rad-security/mcp-server .
docker run \
  -e TRANSPORT_TYPE=streamable \
  -e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
  -e RAD_SECURITY_SECRET_KEY=your_secret_key \
  -e RAD_SECURITY_ACCOUNT_ID=your_account_id \
  -p 3000:3000 \
  rad-security/mcp-server

As a Docker Container - with SSE (deprecated)

Note: The SSE transport is now deprecated in favor of Streamable HTTP. It's still supported for backward compatibility, but it's recommended to use Streamable HTTP instead.

docker build -t rad-security/mcp-server .
docker run \
  -e TRANSPORT_TYPE=sse \
  -e RAD_SECURITY_ACCESS_KEY_ID=your_access_key \
  -e RAD_SECURITY_SECRET_KEY=your_secret_key \
  -e RAD_SECURITY_ACCOUNT_ID=your_account_id \
  -p 3000:3000 \
  rad-security/mcp-server

Features

Account Inventory
- List clusters and their details*
Containers Inventory
- List containers and their details*
Security Findings
- List and analyze security findings*
Runtime Security
- Get process trees of running containers*
- Get runtime baselines of running containers*
- Analyze process behavior of running containers*
Network Security
- Monitor HTTP requests*
- Track network connections*
- Analyze network patterns*
Identity and Access
- List identities*
- Get identity details*
Audit
- List who shelled into a pod*
Cloud Security
- List and monitor cloud resources*
- Get resource details and compliance status*
Images
- Get SBOMs*
- List images and their vulnerabilities*
- Get top vulnerable images*
Kubernetes Objects
- Get details of a specific Kubernetes resource*
- List Kubernetes resources*
- List Kubernetes resource misconfiguration policies*
Threat Vector
- List threat vectors*
- Get details of a specific threat vector*
CVEs
- List CVEs
- Get details of a specific CVE
- Get latest 30 CVEs

* - requires authentication and account in Rad Security.

Development

# Install dependencies
npm install

# Run type checking
npm run type-check

# Run linter
npm run lint

# Build
npm run build

License

MIT License - see the LICENSE file for details