mcp

package
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2025 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ExternalMCPServers = map[string]ship.MCPServerConfig{

	"filesystem": {
		Name:      "filesystem",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-filesystem", "/tmp"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "FILESYSTEM_ROOT",
				Description: "Root directory for filesystem operations (overrides /tmp default)",
				Required:    false,
				Default:     "/tmp",
			},
		},
	},
	"memory": {
		Name:      "memory",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-memory"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "MEMORY_STORAGE_PATH",
				Description: "Path for persistent memory storage",
				Required:    false,
				Default:     "/tmp/mcp-memory",
			},
			{
				Name:        "MEMORY_MAX_SIZE",
				Description: "Maximum memory storage size (e.g., 100MB)",
				Required:    false,
				Default:     "50MB",
			},
		},
	},
	"brave-search": {
		Name:      "brave-search",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-brave-search"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "BRAVE_API_KEY",
				Description: "Brave Search API key for search functionality",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "BRAVE_SEARCH_COUNT",
				Description: "Number of search results to return (default: 10)",
				Required:    false,
				Default:     "10",
			},
		},
	},

	"aws-core": {
		Name:      "aws-core",
		Command:   "uvx",
		Args:      []string{"awslabs.core-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-iam": {
		Name:      "aws-iam",
		Command:   "uvx",
		Args:      []string{"awslabs.iam-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-pricing": {
		Name:      "aws-pricing",
		Command:   "uvx",
		Args:      []string{"awslabs.pricing-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-eks": {
		Name:      "aws-eks",
		Command:   "uvx",
		Args:      []string{"awslabs.eks-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-ec2": {
		Name:      "aws-ec2",
		Command:   "uvx",
		Args:      []string{"awslabs.ec2-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-s3": {
		Name:      "aws-s3",
		Command:   "uvx",
		Args:      []string{"awslabs.s3-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},

	"steampipe": {
		Name:      "steampipe",
		Command:   "npx",
		Args:      []string{"-y", "@turbot/steampipe-mcp"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "STEAMPIPE_DATABASE_CONNECTIONS",
				Description: "Database connections configuration for Steampipe",
				Required:    false,
				Default:     "postgres://steampipe@localhost:9193/steampipe",
			},
		},
	},

	"slack": {
		Name:      "slack",
		Command:   "sh",
		Args:      []string{"-c", "curl -sL https://github.com/korotovsky/slack-mcp-server/releases/latest/download/slack-mcp-server-darwin-amd64 -o /tmp/slack-mcp-server && chmod +x /tmp/slack-mcp-server && /tmp/slack-mcp-server"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "SLACK_MCP_XOXC_TOKEN",
				Description: "Slack browser token (xoxc-...) - required for stealth mode",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_XOXD_TOKEN",
				Description: "Slack browser cookie d (xoxd-...) - required for stealth mode",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_XOXP_TOKEN",
				Description: "User OAuth token (xoxp-...) - alternative to xoxc/xoxd for OAuth mode",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_PORT",
				Description: "Port for the MCP server to listen on (default: 13080)",
				Required:    false,
				Default:     "13080",
			},
			{
				Name:        "SLACK_MCP_HOST",
				Description: "Host for the MCP server to listen on (default: 127.0.0.1)",
				Required:    false,
				Default:     "127.0.0.1",
			},
			{
				Name:        "SLACK_MCP_SSE_API_KEY",
				Description: "Bearer token for SSE transport",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_PROXY",
				Description: "Proxy URL for outgoing requests",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_USER_AGENT",
				Description: "Custom User-Agent (for Enterprise Slack environments)",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_ADD_MESSAGE_TOOL",
				Description: "Enable message posting (true for all channels, comma-separated list for specific channels, or !channelID to exclude)",
				Required:    false,
				Default:     "true",
			},
			{
				Name:        "SLACK_MCP_ADD_MESSAGE_MARK",
				Description: "Automatically mark posted messages as read when enabled",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_ADD_MESSAGE_UNFURLING",
				Description: "Enable link unfurling (true for all domains, comma-separated list for specific domains)",
				Required:    false,
			},
			{
				Name:        "SLACK_MCP_USERS_CACHE",
				Description: "Path to users cache file (default: .users_cache.json)",
				Required:    false,
				Default:     ".users_cache.json",
			},
			{
				Name:        "SLACK_MCP_CHANNELS_CACHE",
				Description: "Path to channels cache file (default: .channels_cache_v2.json)",
				Required:    false,
				Default:     ".channels_cache_v2.json",
			},
			{
				Name:        "SLACK_MCP_LOG_LEVEL",
				Description: "Log level (debug, info, warn, error, panic, fatal) (default: info)",
				Required:    false,
				Default:     "info",
			},
		},
	},

	"github": {
		Name:      "github",
		Command:   "docker",
		Args:      []string{"run", "-i", "--rm", "ghcr.io/github/github-mcp-server"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "GITHUB_PERSONAL_ACCESS_TOKEN",
				Description: "GitHub Personal Access Token (required for authentication)",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "GITHUB_HOST",
				Description: "GitHub host (default: github.com, use for GitHub Enterprise)",
				Required:    false,
				Default:     "github.com",
			},
			{
				Name:        "GITHUB_TOOLSETS",
				Description: "Comma-separated list of toolsets to enable (e.g., repos,issues,pull_requests,actions,code_security)",
				Required:    false,
				Default:     "all",
			},
			{
				Name:        "GITHUB_READ_ONLY",
				Description: "Run in read-only mode (1 for true, 0 for false)",
				Required:    false,
				Default:     "0",
			},
			{
				Name:        "GITHUB_DYNAMIC_TOOLSETS",
				Description: "Enable dynamic toolset discovery (1 for true, 0 for false)",
				Required:    false,
				Default:     "0",
			},
		},
	},

	"desktop-commander": {
		Name:      "desktop-commander",
		Command:   "npx",
		Args:      []string{"-y", "@wonderwhy-er/desktop-commander-mcp"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "DESKTOP_COMMANDER_ROOT",
				Description: "Root directory for desktop operations (default: current working directory)",
				Required:    false,
				Default:     ".",
			},
			{
				Name:        "DESKTOP_COMMANDER_SAFE_MODE",
				Description: "Enable safe mode to prevent destructive operations (true/false)",
				Required:    false,
				Default:     "true",
			},
			{
				Name:        "DESKTOP_COMMANDER_LOG_LEVEL",
				Description: "Log level for desktop commander operations (debug, info, warn, error)",
				Required:    false,
				Default:     "info",
			},
		},
	},

	"grafana": {
		Name:      "grafana",
		Command:   "docker",
		Args:      []string{"run", "--rm", "-i", "mcp/grafana:latest", "-t", "stdio"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "GRAFANA_URL",
				Description: "Grafana server URL (e.g., http://localhost:3000 or https://myinstance.grafana.net)",
				Required:    true,
			},
			{
				Name:        "GRAFANA_API_KEY",
				Description: "Grafana service account token for authentication",
				Required:    false,
				Secret:      true,
			},
			{
				Name:        "GRAFANA_USERNAME",
				Description: "Grafana username for basic authentication (alternative to API key)",
				Required:    false,
			},
			{
				Name:        "GRAFANA_PASSWORD",
				Description: "Grafana password for basic authentication (alternative to API key)",
				Required:    false,
				Secret:      true,
			},
		},
	},

	"bitbucket": {
		Name:      "bitbucket",
		Command:   "npx",
		Args:      []string{"-y", "@aashari/mcp-server-atlassian-bitbucket"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "BITBUCKET_USERNAME",
				Description: "Atlassian Bitbucket username",
				Required:    true,
			},
			{
				Name:        "BITBUCKET_APP_PASSWORD",
				Description: "Atlassian Bitbucket app password (from account settings)",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "BITBUCKET_WORKSPACE",
				Description: "Bitbucket workspace name",
				Required:    true,
			},
		},
	},
	"trello": {
		Name:      "trello",
		Command:   "pnpx",
		Args:      []string{"@delorenj/mcp-server-trello"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "TRELLO_API_KEY",
				Description: "Trello API key (get from https://trello.com/app-key)",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "TRELLO_TOKEN",
				Description: "Trello API token (authorize from the API key page)",
				Required:    true,
				Secret:      true,
			},
		},
	},

	"playwright": {
		Name:      "playwright",
		Command:   "npx",
		Args:      []string{"-y", "@automatalabs/mcp-server-playwright"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "PLAYWRIGHT_BROWSER",
				Description: "Browser to use (chromium, firefox, webkit)",
				Required:    false,
				Default:     "chromium",
			},
			{
				Name:        "PLAYWRIGHT_HEADLESS",
				Description: "Run browser in headless mode (true/false)",
				Required:    false,
				Default:     "true",
			},
		},
	},

	"supabase": {
		Name:      "supabase",
		Command:   "npx",
		Args:      []string{"-y", "@supabase/mcp-server-supabase@latest", "--read-only"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "SUPABASE_ACCESS_TOKEN",
				Description: "Supabase personal access token (from dashboard settings)",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "SUPABASE_PROJECT_REF",
				Description: "Supabase project reference ID",
				Required:    true,
			},
		},
	},
	"postgresql": {
		Name:      "postgresql",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-postgres"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "POSTGRES_CONNECTION_STRING",
				Description: "PostgreSQL connection string (postgresql://user:password@localhost:5432/dbname)",
				Required:    true,
				Secret:      true,
			},
		},
	},
}

ExternalMCPServers contains the built-in external MCP server configurations These are third-party MCP servers that Ship can proxy to, not Ship's own tools

View Source 
var ToolRegistry = map[string][]ToolInfo{
	"security": {
		{Name: "trivy", Description: "Comprehensive vulnerability scanner", AddFunc: AddTrivyTools, HasVariables: false},
		{Name: "syft", Description: "SBOM generation tool", AddFunc: AddSyftTools, HasVariables: false},
		{Name: "checkov", Description: "Infrastructure as code static analysis", AddFunc: AddCheckovTools, HasVariables: false},
		{Name: "terrascan", Description: "IaC security scanner", AddFunc: AddTerrascanTools, HasVariables: false},
		{Name: "tfsec", Description: "Terraform-specific security scanner", AddFunc: AddTfsecTools, HasVariables: false},
		{Name: "semgrep", Description: "Static analysis for security", AddFunc: AddSemgrepTools, HasVariables: false},
		{Name: "actionlint", Description: "GitHub Actions workflow linter", AddFunc: AddActionlintTools, HasVariables: false},
		{Name: "conftest", Description: "OPA policy testing", AddFunc: AddConftestTools, HasVariables: false},
		{Name: "kube-bench", Description: "Kubernetes CIS benchmark", AddFunc: AddKubeBenchTools, HasVariables: false},
		{Name: "kube-hunter", Description: "Kubernetes penetration testing", AddFunc: AddKubeHunterTools, HasVariables: false},
		{Name: "falco", Description: "Runtime security monitoring", AddFunc: AddFalcoTools, HasVariables: false},
		{Name: "nuclei", Description: "Fast vulnerability scanner with community templates", AddFunc: AddNucleiTools, HasVariables: false},
		{Name: "zap", Description: "OWASP ZAP web application scanner", AddFunc: AddZapTools, HasVariables: false},
		{Name: "nmap", Description: "Network exploration and security auditing", AddFunc: AddNmapTools, HasVariables: false},
		{Name: "git-secrets", Description: "Git repository secret scanner", AddFunc: AddGitSecretsTools, HasVariables: false},
		{Name: "trufflehog", Description: "Advanced secret scanning with verification", AddFunc: AddTrufflehogTools, HasVariables: false},
		{Name: "gitleaks", Description: "Fast secret scanning for git repositories", AddFunc: AddGitleaksTools, HasVariables: false},
		{Name: "kubescape", Description: "Kubernetes security scanner", AddFunc: AddKubescapeTools, HasVariables: false},
		{Name: "dockle", Description: "Container image linter", AddFunc: AddDockleTools, HasVariables: false},
		{Name: "sops", Description: "Secrets management", AddFunc: AddSOPSTools, HasVariables: true},
		{Name: "ossf-scorecard", Description: "OSSF security scorecard", AddFunc: AddOSSFScorecardTools, HasVariables: false},
		{Name: "steampipe", Description: "Cloud asset querying with SQL", AddFunc: AddSteampipeTools, HasVariables: true},
		{Name: "cfn-nag", Description: "CloudFormation security linter", AddFunc: AddCfnNagTools, HasVariables: false},
		{Name: "gatekeeper", Description: "OPA Gatekeeper policy validation", AddFunc: AddGatekeeperTools, HasVariables: false},
		{Name: "license-detector", Description: "Software license detection", AddFunc: AddLicenseDetectorTools, HasVariables: false},
		{Name: "openscap", Description: "Security compliance scanning", AddFunc: AddOpenSCAPTools, HasVariables: false},
		{Name: "scout-suite", Description: "Multi-cloud security auditing", AddFunc: AddScoutSuiteTools, HasVariables: true},
		{Name: "powerpipe", Description: "Infrastructure benchmarking", AddFunc: AddPowerpipeTools, HasVariables: true},
		{Name: "infrascan", Description: "Infrastructure security scanning", AddFunc: AddInfrascanTools, HasVariables: true},
		{Name: "github-admin", Description: "GitHub administration tools", AddFunc: AddGitHubAdminTools, HasVariables: true},
		{Name: "github-packages", Description: "GitHub Packages security", AddFunc: AddGitHubPackagesTools, HasVariables: true},
		{Name: "openvas", Description: "OpenVAS/Greenbone vulnerability management integration", AddFunc: AddOpenVASTools, HasVariables: true},
	},
	"development": {
		{Name: "opencode", Description: "OpenCode AI coding assistant", AddFunc: AddOpenCodeTools, HasVariables: true},
		{Name: "buildx", Description: "Docker BuildX multi-platform image building", AddFunc: AddBuildXTools, HasVariables: false},
	},
	"terraform": {
		{Name: "tflint", Description: "Terraform linter", AddFunc: AddTfLintTools, HasVariables: false},
		{Name: "terraform-docs", Description: "Terraform documentation generator", AddFunc: AddTerraformDocsTools, HasVariables: false},
		{Name: "inframap", Description: "Infrastructure visualization", AddFunc: AddInfraMapTools, HasVariables: false},
		{Name: "iac-plan", Description: "Infrastructure as code planning", AddFunc: AddIacPlanTools, HasVariables: false},
		{Name: "terraformer", Description: "Infrastructure import and management", AddFunc: AddTerraformerTools, HasVariables: true},
		{Name: "tfstate-reader", Description: "Terraform state analysis", AddFunc: AddTfstateReaderTools, HasVariables: false},
		{Name: "openinfraquote", Description: "Infrastructure cost estimation", AddFunc: AddOpenInfraQuoteTools, HasVariables: true},
	},
	"kubernetes": {
		{Name: "velero", Description: "Kubernetes backup and restore", AddFunc: AddVeleroTools, HasVariables: true},
		{Name: "goldilocks", Description: "Kubernetes resource recommendations", AddFunc: AddGoldilocksTools, HasVariables: false},
		{Name: "fleet", Description: "GitOps for Kubernetes", AddFunc: AddFleetTools, HasVariables: false},
		{Name: "kuttl", Description: "Kubernetes testing framework", AddFunc: AddKuttlTools, HasVariables: false},
		{Name: "litmus", Description: "Chaos engineering for Kubernetes", AddFunc: AddLitmusTools, HasVariables: false},
		{Name: "cert-manager", Description: "Certificate management", AddFunc: AddCertManagerTools, HasVariables: false},
		{Name: "k8s-network-policy", Description: "Kubernetes network policy management", AddFunc: AddK8sNetworkPolicyTools, HasVariables: false},
		{Name: "kyverno", Description: "Kubernetes policy management", AddFunc: AddKyvernoTools, HasVariables: false},
		{Name: "kyverno-multitenant", Description: "Multi-tenant Kyverno policies", AddFunc: AddKyvernoMultitenantTools, HasVariables: false},
	},
	"cloud": {
		{Name: "cloudquery", Description: "Cloud asset inventory", AddFunc: AddCloudQueryTools, HasVariables: true},
		{Name: "custodian", Description: "Cloud governance engine", AddFunc: AddCustodianTools, HasVariables: true},
		{Name: "packer", Description: "Machine image building", AddFunc: AddPackerTools, HasVariables: true},
	},
	"supply-chain": {
		{Name: "cosign", Description: "Container signing and verification", AddFunc: AddCosignTools, HasVariables: true},
		{Name: "dependency-track", Description: "OWASP Dependency-Track SBOM analysis", AddFunc: AddDependencyTrackTools, HasVariables: true},
	},
	"aws": {
		{Name: "cloudsplaining", Description: "AWS IAM policy scanner", AddFunc: AddCloudsplainingTools, HasVariables: true},
		{Name: "parliament", Description: "AWS IAM policy linter", AddFunc: AddParliamentTools, HasVariables: true},
		{Name: "pmapper", Description: "AWS IAM privilege escalation analysis", AddFunc: AddPMapperTools, HasVariables: true},
		{Name: "policy-sentry", Description: "AWS IAM policy generator", AddFunc: AddPolicySentryTools, HasVariables: true},
		{Name: "prowler", Description: "Multi-cloud security assessment", AddFunc: AddProwlerTools, HasVariables: true},
		{Name: "aws-iam-rotation", Description: "AWS IAM credential rotation", AddFunc: AddAWSIAMRotationTools, HasVariables: true},
		{Name: "aws-pricing", Description: "AWS pricing and cost calculator", AddFunc: AddAWSPricingTools, HasVariables: true},
	},
	"finops": {
		{Name: "finops-discover", Description: "Discover cloud resources with cost optimization data", AddFunc: AddFinOpsDiscoverTools, HasVariables: true},
		{Name: "finops-recommend", Description: "Generate cost optimization recommendations", AddFunc: AddFinOpsRecommendTools, HasVariables: true},
		{Name: "finops-analyze", Description: "Analyze cost data and trends", AddFunc: AddFinOpsAnalyzeTools, HasVariables: true},
		{Name: "finops-query", Description: "Agent-driven flexible finops queries", AddFunc: AddFinOpsQueryTools, HasVariables: true},
	},
}

ToolRegistry contains all available tools organized by category

Functions

func AddAWSIAMRotationTools 

func AddAWSIAMRotationTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddAWSIAMRotationTools adds AWS IAM rotation MCP tool implementations

func AddAWSPricingTools 

func AddAWSPricingTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddAWSPricingTools adds AWS Pricing (official AWS CLI pricing commands) MCP tool implementations

func AddActionlintTools 

func AddActionlintTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddActionlintTools adds Actionlint (GitHub Actions linter) MCP tool implementations

func AddBuildXTools added in v0.8.2 

func AddBuildXTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddBuildXTools adds Docker BuildX tools to the MCP server

func AddCertManagerTools 

func AddCertManagerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCertManagerTools adds cert-manager MCP tool implementations

func AddCfnNagTools 

func AddCfnNagTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCfnNagTools adds CFN Nag (CloudFormation template security scanning) MCP tool implementations

func AddCheckovTools 

func AddCheckovTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCheckovTools adds Checkov (Infrastructure as Code static analysis) MCP tool implementations

func AddCloudQueryTools 

func AddCloudQueryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCloudQueryTools adds CloudQuery (cloud asset inventory) MCP tool implementations

func AddCloudsplainingTools 

func AddCloudsplainingTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCloudsplainingTools adds Cloudsplaining (AWS IAM policy scanner) MCP tool implementations

func AddConftestTools 

func AddConftestTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddConftestTools adds Conftest (OPA policy testing) MCP tool implementations

func AddCosignTools 

func AddCosignTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCosignTools adds Cosign (container signing and verification) MCP tool implementations

func AddCustodianTools 

func AddCustodianTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCustodianTools adds Cloud Custodian (cloud governance engine) MCP tool implementations

func AddDependencyTrackTools 

func AddDependencyTrackTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddDependencyTrackTools adds Dependency Track (software component analysis) MCP tool implementations

func AddDockleTools 

func AddDockleTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddDockleTools adds Dockle (container image linter) MCP tool implementations

func AddFalcoTools 

func AddFalcoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFalcoTools adds Falco (runtime security monitoring) MCP tool implementations

func AddFinOpsAnalyzeTools added in v0.9.0 

func AddFinOpsAnalyzeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFinOpsAnalyzeTools registers the finops-analyze MCP tool

func AddFinOpsDiscoverTools added in v0.9.0 

func AddFinOpsDiscoverTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFinOpsDiscoverTools registers the finops-discover MCP tool

func AddFinOpsQueryTools added in v0.9.0 

func AddFinOpsQueryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFinOpsQueryTools registers the finops-query MCP tool

func AddFinOpsRecommendTools added in v0.9.0 

func AddFinOpsRecommendTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFinOpsRecommendTools registers the finops-recommend MCP tool

func AddFleetTools 

func AddFleetTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFleetTools adds Fleet GitOps MCP tool implementations using kubectl

func AddGatekeeperTools 

func AddGatekeeperTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGatekeeperTools adds Gatekeeper (OPA Kubernetes policy engine) MCP tool implementations using kubectl

func AddGitHubAdminTools 

func AddGitHubAdminTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitHubAdminTools adds GitHub administration MCP tool implementations using gh CLI

func AddGitHubPackagesTools 

func AddGitHubPackagesTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitHubPackagesTools adds GitHub Packages management MCP tool implementations using gh CLI

func AddGitSecretsTools 

func AddGitSecretsTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitSecretsTools adds git-secrets (AWS secret scanning) MCP tool implementations using direct Dagger calls

func AddGitleaksTools 

func AddGitleaksTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitleaksTools adds Gitleaks (fast secret scanning) MCP tool implementations using direct Dagger calls

func AddGoldilocksTools 

func AddGoldilocksTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGoldilocksTools adds Goldilocks (Kubernetes resource recommendations) MCP tool implementations using direct Dagger calls

func AddIacPlanTools 

func AddIacPlanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddIacPlanTools adds Infrastructure as Code planning MCP tool implementations using direct Dagger calls

func AddInfraMapTools 

func AddInfraMapTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInfraMapTools adds InfraMap (infrastructure diagram generator) MCP tool implementations using direct Dagger calls

func AddInfrascanTools 

func AddInfrascanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInfrascanTools adds Infrascan (AWS infrastructure mapping) MCP tool implementations using direct Dagger calls

func AddK8sNetworkPolicyTools 

func AddK8sNetworkPolicyTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddK8sNetworkPolicyTools adds Kubernetes network policy management MCP tool implementations using direct Dagger calls

func AddKubeBenchTools 

func AddKubeBenchTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubeBenchTools adds Kube-bench (Kubernetes CIS benchmark) MCP tool implementations using direct Dagger calls

func AddKubeHunterTools 

func AddKubeHunterTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubeHunterTools adds Kube-hunter (Kubernetes penetration testing) MCP tool implementations using direct Dagger calls

func AddKubescapeTools 

func AddKubescapeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubescapeTools adds Kubescape (Kubernetes security scanner) MCP tool implementations using direct Dagger calls

func AddKuttlTools 

func AddKuttlTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKuttlTools adds KUTTL (Kubernetes Test Tool) MCP tool implementations using direct Dagger calls

func AddKyvernoMultitenantTools 

func AddKyvernoMultitenantTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKyvernoMultitenantTools adds Kyverno multi-tenant policy MCP tool implementations using direct Dagger calls

func AddKyvernoTools 

func AddKyvernoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKyvernoTools adds Kyverno policy management MCP tool implementations using direct Dagger calls

func AddLicenseDetectorTools 

func AddLicenseDetectorTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddLicenseDetectorTools adds License Detector (software license detection) MCP tool implementations using direct Dagger calls

func AddLitmusTools 

func AddLitmusTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddLitmusTools adds Litmus chaos engineering MCP tool implementations using direct Dagger calls

func AddNmapTools added in v0.8.0 

func AddNmapTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddNmapTools adds Nmap network scanning tools to the MCP server

func AddNucleiTools added in v0.8.0 

func AddNucleiTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddNucleiTools adds Nuclei vulnerability scanning tools to the MCP server

func AddOSSFScorecardTools 

func AddOSSFScorecardTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOSSFScorecardTools adds OSSF Scorecard MCP tool implementations using direct Dagger calls

func AddOpenCodeTools added in v0.8.0 

func AddOpenCodeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenCodeTools adds OpenCode AI coding assistant tools to the MCP server

func AddOpenInfraQuoteTools 

func AddOpenInfraQuoteTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenInfraQuoteTools adds OpenInfraQuote (cost estimation) MCP tool implementations using direct Dagger calls

func AddOpenSCAPTools 

func AddOpenSCAPTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenSCAPTools adds OpenSCAP (security compliance scanning) MCP tool implementations using direct Dagger calls

func AddOpenVASTools added in v0.9.1 

func AddOpenVASTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenVASTools adds OpenVAS/GVM vulnerability scanning tools to the MCP server Note: OpenVAS requires a running Greenbone Vulnerability Management (GVM) stack

func AddPMapperTools 

func AddPMapperTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPMapperTools adds PMapper (AWS IAM privilege escalation analysis) MCP tool implementations using direct Dagger calls

func AddPackerTools 

func AddPackerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPackerTools adds Packer (machine image building) MCP tool implementations using direct Dagger calls

func AddParliamentTools 

func AddParliamentTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddParliamentTools adds Parliament (AWS IAM policy linter) MCP tool implementations using direct Dagger calls

func AddPolicySentryTools 

func AddPolicySentryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPolicySentryTools adds Policy Sentry (AWS IAM policy generator) MCP tool implementations using direct Dagger calls

func AddPowerpipeTools 

func AddPowerpipeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPowerpipeTools adds Powerpipe MCP tool implementations using direct Dagger calls

func AddProwlerTools 

func AddProwlerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddProwlerTools adds Prowler (multi-cloud security assessment) MCP tool implementations using direct Dagger calls

func AddSOPSTools 

func AddSOPSTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSOPSTools adds SOPS (Secrets OPerationS) MCP tool implementations using direct Dagger calls

func AddScoutSuiteTools 

func AddScoutSuiteTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddScoutSuiteTools adds Scout Suite MCP tool implementations using direct Dagger calls

func AddSemgrepTools 

func AddSemgrepTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSemgrepTools adds Semgrep (advanced static analysis for code security) MCP tool implementations using direct Dagger calls

func AddSteampipeTools 

func AddSteampipeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSteampipeTools adds Steampipe (cloud asset querying) MCP tool implementations using direct Dagger calls NOTE: Steampipe is typically configured as an external MCP server via npx @turbot/steampipe-mcp These tools provide Dagger-based execution as an alternative

func AddSyftTools 

func AddSyftTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSyftTools adds Syft (SBOM generation from container images and filesystems) MCP tool implementations using direct Dagger calls

func AddTerraformDocsTools 

func AddTerraformDocsTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerraformDocsTools adds terraform-docs (documentation generator) MCP tool implementations using direct Dagger calls

func AddTerraformerTools 

func AddTerraformerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerraformerTools adds Terraformer MCP tool implementations using direct Dagger calls

func AddTerrascanTools 

func AddTerrascanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerrascanTools adds Terrascan (IaC security scanner) MCP tool implementations using direct Dagger calls

func AddTfLintTools 

func AddTfLintTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTfLintTools adds TFLint (Terraform linter) MCP tool implementations using direct Dagger calls

func AddTfsecTools added in v0.8.0 

func AddTfsecTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTfsecTools adds tfsec Terraform security scanning tools to the MCP server

func AddTfstateReaderTools 

func AddTfstateReaderTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTfstateReaderTools adds Terraform state analysis MCP tool implementations using direct Dagger calls

func AddTrivyTools 

func AddTrivyTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTrivyTools adds Trivy (universal vulnerability scanner) MCP tool implementations using direct Dagger calls

func AddTrufflehogTools 

func AddTrufflehogTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTrufflehogTools adds TruffleHog MCP tool implementations using direct Dagger calls

func AddVeleroTools 

func AddVeleroTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddVeleroTools adds Velero (Kubernetes backup and restore) MCP tool implementations using direct Dagger calls

func AddZapTools 

func AddZapTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddZapTools adds OWASP ZAP (web application security scanner) MCP tool implementations using direct Dagger calls

func GenerateMCPHelpText 

func GenerateMCPHelpText() string

GenerateMCPHelpText dynamically generates help text from the modular registry

func GenerateToolsResourceContent 

func GenerateToolsResourceContent() string

GenerateToolsResourceContent dynamically generates tools resource content from the modular registry

func GetExternalMCPServer 

func GetExternalMCPServer(toolName string) (ship.MCPServerConfig, bool)

GetExternalMCPServer returns the configuration for an external MCP server

func IsExternalMCPServer 

func IsExternalMCPServer(toolName string) bool

IsExternalMCPServer checks if the tool name matches an external MCP server

func ListExternalMCPServers 

func ListExternalMCPServers() []string

ListExternalMCPServers returns a list of all available external MCP server names

func RegisterAllTools 

func RegisterAllTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterAllTools registers all tools with the MCP server

func RegisterToolByName 

func RegisterToolByName(name string, s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterToolByName registers a specific tool by name

func RegisterToolsByCategory 

func RegisterToolsByCategory(category string, s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterToolsByCategory registers tools from a specific category

Types

type ExecuteShipCommandFunc 

type ExecuteShipCommandFunc func(args []string) (*mcp.CallToolResult, error)

ExecuteShipCommandFunc is a function type for executing ship commands

type ToolInfo 

type ToolInfo struct {
	Name         string
	Description  string
	Category     string
	AddFunc      func(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)
	HasVariables bool // Indicates if the tool requires variables (like AWS credentials)
}

ToolInfo contains information about a tool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.