com.ayurak/aribot-mcp
com.ayurak/aribot-mcpThreat modeling, code, API & cloud security, shadow-AI & compliance governance.
Tools · 14
Create a threat model from a normalized architecture (ReactFlow nodes + edges). Ingests components via the shared Stage-0 service; the pipeline then auto-generates threats. Returns the diagram id.
Verify whether threats are mitigated in a scan's uploaded code. With `threat_id`, verifies one threat synchronously and returns the verdict; without it, verifies every diagram threat in the background…
Return the diagram→threat→finding→control→requirement→remediation traceability matrix for a scan in your scope, with coverage metrics.
Compliance-framework coverage for a diagram (real, ControlCodeMap-backed), optionally for one framework, plus an optional crossmap relationship graph. Wraps derive_framework_coverage + crossmap_cypher…
Compute a remediation plan for a threat/finding WITHOUT applying it (mode=dry_run). Runs the same governed engine as apply_remediation, including the patent gates, and returns the proposed steps.
Company-level compliance posture rollup (pass rate, control compliance, mitigated counts, per-framework coverage). Suitable for a CI gate. Wraps the traceability company rollup.
Shadow-AI posture (part of Code Security): unsanctioned / unknown AI-service usage discovered in code — totals, risk score, provider/type breakdown, hardcoded-key count, and top discoveries. Company l…
API security inventory (part of Code Security): discovered API endpoints with authentication status, risk level and risk factors, plus method/risk breakdowns. Company-wide or one scan with `scan_id`. …
Cloud security & compliance posture (Cloud Compliance): per connected cloud account, the latest CIS/NIST cloud-policy scan — compliance %, failing policies/records, status — plus a company rollup. Rea…
Start (or re-run) a code-security scan for an existing scan/repository in your scope. Returns a poll pointer; results include SAST, secrets, deps, pipeline review and the traceability matrix.
Run a cloud/platform or compliance scan against an account or diagram in your scope (async). scan_type ∈ platform|compliance|pipeline|sbom. Returns a task id to poll.
Apply a remediation for real (mode=live). Routed through the full governance funnel — patent reachability/kill-chain gates, autonomy policy and the approval flow. If your policy requires approval it r…
The canonical diagram summary every badge/card/header reads: threat counts by severity, risk value, compliance and framework coverage.
Threat/control matrix metrics + framework coverage for a diagram, joined with its latest code-security scan when one exists.
Similar MCP servers embedding-nearest
How to use
Add to your Claude Desktop / Cursor / Cline MCP config:
{
"mcpServers": {
"com.ayurak/aribot-mcp": {
"url": "https://mcp.aribot.ayurak.com/mcp",
"transport": "http"
}
}
}