servers / com-ayurak-aribot-mcp

com.ayurak/aribot-mcp

communitystreamable_httpremotedestructive capablehealthy

Threat modeling, code, API & cloud security, shadow-AI & compliance governance.


01Tools · 14
ToolRiskSide effectsApproval
generate_threat_model
Create a threat model from a normalized architecture (ReactFlow nodes + edges). Ingests components via the shared Stage-0 service; the pipeline then auto-generates threats. Returns the diagram id.
writetrueunknown
verify_threats_in_code
Verify whether threats are mitigated in a scan's uploaded code. With `threat_id`, verifies one threat synchronously and returns the verdict; without it, verifies every diagram threat in the background. Wraps code_review ThreatVerificationService.
unknownunknownunknown
get_traceability
Return the diagram→threat→finding→control→requirement→remediation traceability matrix for a scan in your scope, with coverage metrics.
readunknownunknown
discover_shadow_ai
Shadow-AI posture (part of Code Security): unsanctioned / unknown AI-service usage discovered in code — totals, risk score, provider/type breakdown, hardcoded-key count, and top discoveries. Company latest, or one scan with `scan_id`. Reads code_review ShadowAIReport/ShadowAIDiscovery.
readfalseunknown
get_diagram_summary
The canonical diagram summary every badge/card/header reads: threat counts by severity, risk value, compliance and framework coverage.
readunknownunknown
get_insights
Threat/control matrix metrics + framework coverage for a diagram, joined with its latest code-security scan when one exists.
readunknownunknown
get_api_security
API security inventory (part of Code Security): discovered API endpoints with authentication status, risk level and risk factors, plus method/risk breakdowns. Company-wide or one scan with `scan_id`. Reads code_review ApiEndpointDiscovery.
readfalseunknown
get_cloud_compliance
Cloud security & compliance posture (Cloud Compliance): per connected cloud account, the latest CIS/NIST cloud-policy scan — compliance %, failing policies/records, status — plus a company rollup. Reads customers.Account.latest_scan -> compliances.ScanResults.
readfalseunknown
code_review_scan
Start (or re-run) a code-security scan for an existing scan/repository in your scope. Returns a poll pointer; results include SAST, secrets, deps, pipeline review and the traceability matrix.
writetrueunknown
compliance_scan
Run a cloud/platform or compliance scan against an account or diagram in your scope (async). scan_type ∈ platform|compliance|pipeline|sbom. Returns a task id to poll.
writetrueunknown
apply_remediation
Apply a remediation for real (mode=live). Routed through the full governance funnel — patent reachability/kill-chain gates, autonomy policy and the approval flow. If your policy requires approval it returns 'requires_approval' rather than acting.
destructivetruetrue
get_framework_coverage
Compliance-framework coverage for a diagram (real, ControlCodeMap-backed), optionally for one framework, plus an optional crossmap relationship graph. Wraps derive_framework_coverage + crossmap_cypher.build_graph.
readunknownunknown
get_remediation
Compute a remediation plan for a threat/finding WITHOUT applying it (mode=dry_run). Runs the same governed engine as apply_remediation, including the patent gates, and returns the proposed steps.
readunknownunknown
compliance_status
Company-level compliance posture rollup (pass rate, control compliance, mitigated counts, per-framework coverage). Suitable for a CI gate. Wraps the traceability company rollup.
readunknownunknown

02Install & source
https://mcp.aribot.ayurak.com/
remote_url
https://mcp.aribot.ayurak.com/sse
remote_url

03Access granted
Manage GitHub · write

The access this server can exercise, inferred from its verified tools — not a declared OAuth scope.


05Provenance & freshness
sourcesOfficial MCP Registry [p1]
last_checked2026-07-07 08:50Z
next_check2026-07-09 08:42Z
cadenceevery 48h
verifiedtools_list:passed handshake:passed metadata:passed
index_statusindex5 unique facts >= 5

06Badge

Add the “as seen on MCPExplorer” badge to your README. com.ayurak/aribot-mcp MCP — as seen on mcpexplorer.com

[![com.ayurak/aribot-mcp MCP — as seen on mcpexplorer.com](https://mcpexplorer.com/badge/com-ayurak-aribot-mcp.svg)](https://mcpexplorer.com/servers/com-ayurak-aribot-mcp)

Next step

This is one server. A loadout combines the right servers, governance, and proven plays for a whole job — assembled deliberately, not tool-dumped.

Explore loadouts →
com.ayurak/aribot-mcp — MCPExplorer