servers / com-ayurak-aribot-mcp
com.ayurak/aribot-mcp
communitystreamable_httpremotedestructive capablehealthy
Threat modeling, code, API & cloud security, shadow-AI & compliance governance.
01Tools · 14
| Tool | Risk | Side effects | Approval |
|---|---|---|---|
| generate_threat_model Create a threat model from a normalized architecture (ReactFlow nodes + edges). Ingests components via the shared Stage-0 service; the pipeline then auto-generates threats. Returns the diagram id. | write | true | unknown |
| verify_threats_in_code Verify whether threats are mitigated in a scan's uploaded code. With `threat_id`, verifies one threat synchronously and returns the verdict; without it, verifies every diagram threat in the background. Wraps code_review ThreatVerificationService. | unknown | unknown | unknown |
| get_traceability Return the diagram→threat→finding→control→requirement→remediation traceability matrix for a scan in your scope, with coverage metrics. | read | unknown | unknown |
| discover_shadow_ai Shadow-AI posture (part of Code Security): unsanctioned / unknown AI-service usage discovered in code — totals, risk score, provider/type breakdown, hardcoded-key count, and top discoveries. Company latest, or one scan with `scan_id`. Reads code_review ShadowAIReport/ShadowAIDiscovery. | read | false | unknown |
| get_diagram_summary The canonical diagram summary every badge/card/header reads: threat counts by severity, risk value, compliance and framework coverage. | read | unknown | unknown |
| get_insights Threat/control matrix metrics + framework coverage for a diagram, joined with its latest code-security scan when one exists. | read | unknown | unknown |
| get_api_security API security inventory (part of Code Security): discovered API endpoints with authentication status, risk level and risk factors, plus method/risk breakdowns. Company-wide or one scan with `scan_id`. Reads code_review ApiEndpointDiscovery. | read | false | unknown |
| get_cloud_compliance Cloud security & compliance posture (Cloud Compliance): per connected cloud account, the latest CIS/NIST cloud-policy scan — compliance %, failing policies/records, status — plus a company rollup. Reads customers.Account.latest_scan -> compliances.ScanResults. | read | false | unknown |
| code_review_scan Start (or re-run) a code-security scan for an existing scan/repository in your scope. Returns a poll pointer; results include SAST, secrets, deps, pipeline review and the traceability matrix. | write | true | unknown |
| compliance_scan Run a cloud/platform or compliance scan against an account or diagram in your scope (async). scan_type ∈ platform|compliance|pipeline|sbom. Returns a task id to poll. | write | true | unknown |
| apply_remediation Apply a remediation for real (mode=live). Routed through the full governance funnel — patent reachability/kill-chain gates, autonomy policy and the approval flow. If your policy requires approval it returns 'requires_approval' rather than acting. | destructive | true | true |
| get_framework_coverage Compliance-framework coverage for a diagram (real, ControlCodeMap-backed), optionally for one framework, plus an optional crossmap relationship graph. Wraps derive_framework_coverage + crossmap_cypher.build_graph. | read | unknown | unknown |
| get_remediation Compute a remediation plan for a threat/finding WITHOUT applying it (mode=dry_run). Runs the same governed engine as apply_remediation, including the patent gates, and returns the proposed steps. | read | unknown | unknown |
| compliance_status Company-level compliance posture rollup (pass rate, control compliance, mitigated counts, per-framework coverage). Suitable for a CI gate. Wraps the traceability company rollup. | read | unknown | unknown |
02Install & source
https://mcp.aribot.ayurak.com/
remote_urlhttps://mcp.aribot.ayurak.com/sse
remote_url- homepagehttps://mcp.aribot.ayurak.com/
03Access granted
Manage GitHub · write
The access this server can exercise, inferred from its verified tools — not a declared OAuth scope.
05Provenance & freshness
sourcesOfficial MCP Registry [p1]
last_checked2026-07-07 08:50Z
next_check2026-07-09 08:42Z
cadenceevery 48h
verifiedtools_list:passed handshake:passed metadata:passed
index_statusindex — 5 unique facts >= 5
06Badge
Add the “as seen on MCPExplorer” badge to your README.
[](https://mcpexplorer.com/servers/com-ayurak-aribot-mcp)
Next step
This is one server. A loadout combines the right servers, governance, and proven plays for a whole job — assembled deliberately, not tool-dumped.
Explore loadouts →