mcp

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 18, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ExternalMCPServers = map[string]ship.MCPServerConfig{

	"filesystem": {
		Name:      "filesystem",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-filesystem", "/tmp"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "FILESYSTEM_ROOT",
				Description: "Root directory for filesystem operations (overrides /tmp default)",
				Required:    false,
				Default:     "/tmp",
			},
		},
	},
	"memory": {
		Name:      "memory",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-memory"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "MEMORY_STORAGE_PATH",
				Description: "Path for persistent memory storage",
				Required:    false,
				Default:     "/tmp/mcp-memory",
			},
			{
				Name:        "MEMORY_MAX_SIZE",
				Description: "Maximum memory storage size (e.g., 100MB)",
				Required:    false,
				Default:     "50MB",
			},
		},
	},
	"brave-search": {
		Name:      "brave-search",
		Command:   "npx",
		Args:      []string{"-y", "@modelcontextprotocol/server-brave-search"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "BRAVE_API_KEY",
				Description: "Brave Search API key for search functionality",
				Required:    true,
				Secret:      true,
			},
			{
				Name:        "BRAVE_SEARCH_COUNT",
				Description: "Number of search results to return (default: 10)",
				Required:    false,
				Default:     "10",
			},
		},
	},

	"aws-core": {
		Name:      "aws-core",
		Command:   "uvx",
		Args:      []string{"awslabs.core-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-iam": {
		Name:      "aws-iam",
		Command:   "uvx",
		Args:      []string{"awslabs.iam-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-pricing": {
		Name:      "aws-pricing",
		Command:   "uvx",
		Args:      []string{"awslabs.pricing-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-eks": {
		Name:      "aws-eks",
		Command:   "uvx",
		Args:      []string{"awslabs.eks-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-ec2": {
		Name:      "aws-ec2",
		Command:   "uvx",
		Args:      []string{"awslabs.ec2-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},
	"aws-s3": {
		Name:      "aws-s3",
		Command:   "uvx",
		Args:      []string{"awslabs.s3-mcp-server@latest"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "AWS_PROFILE",
				Description: "AWS profile to use for authentication",
				Required:    false,
			},
			{
				Name:        "AWS_REGION",
				Description: "AWS region for operations",
				Required:    false,
				Default:     "us-east-1",
			},
			{
				Name:        "FASTMCP_LOG_LEVEL",
				Description: "Log level for the MCP server",
				Required:    false,
				Default:     "ERROR",
			},
		},
	},

	"steampipe": {
		Name:      "steampipe",
		Command:   "npx",
		Args:      []string{"-y", "@turbot/steampipe-mcp"},
		Transport: "stdio",
		Env:       map[string]string{},
		Variables: []ship.Variable{
			{
				Name:        "STEAMPIPE_DATABASE_CONNECTIONS",
				Description: "Database connections configuration for Steampipe",
				Required:    false,
				Default:     "postgres://steampipe@localhost:9193/steampipe",
			},
		},
	},
}

ExternalMCPServers contains the built-in external MCP server configurations These are third-party MCP servers that Ship can proxy to, not Ship's own tools

View Source 
var ToolRegistry = map[string][]ToolInfo{
	"security": {
		{Name: "gitleaks", Description: "Secret detection in code and git history", AddFunc: AddGitleaksTools, HasVariables: false},
		{Name: "trivy", Description: "Comprehensive vulnerability scanner", AddFunc: AddTrivyTools, HasVariables: false},
		{Name: "grype", Description: "Container vulnerability scanner", AddFunc: AddGrypeTools, HasVariables: false},
		{Name: "syft", Description: "SBOM generation tool", AddFunc: AddSyftTools, HasVariables: false},
		{Name: "checkov", Description: "Infrastructure as code static analysis", AddFunc: AddCheckovTools, HasVariables: false},
		{Name: "terrascan", Description: "IaC security scanner", AddFunc: AddTerrascanTools, HasVariables: false},
		{Name: "semgrep", Description: "Static analysis for security", AddFunc: AddSemgrepTools, HasVariables: false},
		{Name: "actionlint", Description: "GitHub Actions workflow linter", AddFunc: AddActionlintTools, HasVariables: false},
		{Name: "hadolint", Description: "Dockerfile linter", AddFunc: AddHadolintTools, HasVariables: false},
		{Name: "conftest", Description: "OPA policy testing", AddFunc: AddConftestTools, HasVariables: false},
		{Name: "kube-bench", Description: "Kubernetes CIS benchmark", AddFunc: AddKubeBenchTools, HasVariables: false},
		{Name: "kube-hunter", Description: "Kubernetes penetration testing", AddFunc: AddKubeHunterTools, HasVariables: false},
		{Name: "falco", Description: "Runtime security monitoring", AddFunc: AddFalcoTools, HasVariables: false},
		{Name: "nikto", Description: "Web server security scanner", AddFunc: AddNiktoTools, HasVariables: false},
		{Name: "zap", Description: "OWASP ZAP web application scanner", AddFunc: AddZapTools, HasVariables: false},
		{Name: "git-secrets", Description: "Git repository secret scanner", AddFunc: AddGitSecretsTools, HasVariables: false},
		{Name: "trufflehog", Description: "Advanced secret scanning with verification", AddFunc: AddTrufflehogTools, HasVariables: false},
		{Name: "kubescape", Description: "Kubernetes security scanner", AddFunc: AddKubescapeTools, HasVariables: false},
		{Name: "dockle", Description: "Container image linter", AddFunc: AddDockleTools, HasVariables: false},
		{Name: "sops", Description: "Secrets management", AddFunc: AddSOPSTools, HasVariables: true},
		{Name: "ossf-scorecard", Description: "OSSF security scorecard", AddFunc: AddOSSFScorecardTools, HasVariables: false},
		{Name: "steampipe", Description: "Cloud asset querying with SQL", AddFunc: AddSteampipeTools, HasVariables: true},
		{Name: "allstar", Description: "Kubernetes security policy enforcement", AddFunc: AddAllstarTools, HasVariables: false},
		{Name: "cfn-nag", Description: "CloudFormation security linter", AddFunc: AddCfnNagTools, HasVariables: false},
		{Name: "gatekeeper", Description: "OPA Gatekeeper policy validation", AddFunc: AddGatekeeperTools, HasVariables: false},
		{Name: "history-scrub", Description: "Git history cleaning and secret removal", AddFunc: AddHistoryScrubTools, HasVariables: false},
		{Name: "license-detector", Description: "Software license detection", AddFunc: AddLicenseDetectorTools, HasVariables: false},
		{Name: "openscap", Description: "Security compliance scanning", AddFunc: AddOpenSCAPTools, HasVariables: false},
		{Name: "osv-scanner", Description: "Open Source Vulnerability scanning", AddFunc: AddOSVScannerTools, HasVariables: false},
		{Name: "scout-suite", Description: "Multi-cloud security auditing", AddFunc: AddScoutSuiteTools, HasVariables: true},
		{Name: "powerpipe", Description: "Infrastructure benchmarking", AddFunc: AddPowerpipeTools, HasVariables: true},
		{Name: "container-registry", Description: "Container registry operations", AddFunc: AddContainerRegistryTools, HasVariables: true},
		{Name: "infrascan", Description: "Infrastructure security scanning", AddFunc: AddInfrascanTools, HasVariables: true},
		{Name: "check-ssl-cert", Description: "SSL certificate validation", AddFunc: AddCheckSSLCertTools, HasVariables: false},
		{Name: "step-ca", Description: "Certificate authority operations", AddFunc: AddStepCATools, HasVariables: false},
		{Name: "github-admin", Description: "GitHub administration tools", AddFunc: AddGitHubAdminTools, HasVariables: true},
		{Name: "github-packages", Description: "GitHub Packages security", AddFunc: AddGitHubPackagesTools, HasVariables: true},
		{Name: "trivy-golden", Description: "Enhanced Trivy for golden images", AddFunc: AddTrivyGoldenTools, HasVariables: false},
	},
	"terraform": {
		{Name: "tflint", Description: "Terraform linter", AddFunc: AddTfLintTools, HasVariables: false},
		{Name: "terraform-docs", Description: "Terraform documentation generator", AddFunc: AddTerraformDocsTools, HasVariables: false},
		{Name: "infracost", Description: "Infrastructure cost estimation", AddFunc: AddInfracostTools, HasVariables: true},
		{Name: "inframap", Description: "Infrastructure visualization", AddFunc: AddInfraMapTools, HasVariables: false},
		{Name: "iac-plan", Description: "Infrastructure as code planning", AddFunc: AddIacPlanTools, HasVariables: false},
		{Name: "terraformer", Description: "Infrastructure import and management", AddFunc: AddTerraformerTools, HasVariables: true},
		{Name: "tfstate-reader", Description: "Terraform state analysis", AddFunc: AddTfstateReaderTools, HasVariables: false},
		{Name: "openinfraquote", Description: "Infrastructure cost estimation", AddFunc: AddOpenInfraQuoteTools, HasVariables: true},
	},
	"kubernetes": {
		{Name: "velero", Description: "Kubernetes backup and restore", AddFunc: AddVeleroTools, HasVariables: true},
		{Name: "goldilocks", Description: "Kubernetes resource recommendations", AddFunc: AddGoldilocksTools, HasVariables: false},
		{Name: "fleet", Description: "GitOps for Kubernetes", AddFunc: AddFleetTools, HasVariables: false},
		{Name: "kuttl", Description: "Kubernetes testing framework", AddFunc: AddKuttlTools, HasVariables: false},
		{Name: "litmus", Description: "Chaos engineering for Kubernetes", AddFunc: AddLitmusTools, HasVariables: false},
		{Name: "cert-manager", Description: "Certificate management", AddFunc: AddCertManagerTools, HasVariables: false},
		{Name: "k8s-network-policy", Description: "Kubernetes network policy management", AddFunc: AddK8sNetworkPolicyTools, HasVariables: false},
		{Name: "kyverno", Description: "Kubernetes policy management", AddFunc: AddKyvernoTools, HasVariables: false},
		{Name: "kyverno-multitenant", Description: "Multi-tenant Kyverno policies", AddFunc: AddKyvernoMultitenantTools, HasVariables: false},
	},
	"cloud": {
		{Name: "cloudquery", Description: "Cloud asset inventory", AddFunc: AddCloudQueryTools, HasVariables: true},
		{Name: "custodian", Description: "Cloud governance engine", AddFunc: AddCustodianTools, HasVariables: true},
		{Name: "packer", Description: "Machine image building", AddFunc: AddPackerTools, HasVariables: true},
	},
	"supply-chain": {
		{Name: "cosign", Description: "Container signing and verification", AddFunc: AddCosignTools, HasVariables: true},
		{Name: "cosign-advanced", Description: "Advanced cosign workflows with real CLI features", AddFunc: AddCosignAdvancedTools, HasVariables: true},
		{Name: "sigstore-policy-controller", Description: "Sigstore policy enforcement", AddFunc: AddSigstorePolicyControllerTools, HasVariables: false},
		{Name: "guac", Description: "Graph for Understanding Artifact Composition", AddFunc: AddGuacTools, HasVariables: false},
		{Name: "rekor", Description: "Transparency log", AddFunc: AddRekorTools, HasVariables: false},
		{Name: "in-toto", Description: "Supply chain attestation", AddFunc: AddInTotoTools, HasVariables: false},
		{Name: "slsa-verifier", Description: "SLSA provenance verification", AddFunc: AddSLSAVerifierTools, HasVariables: false},
		{Name: "dependency-track", Description: "OWASP Dependency-Track SBOM analysis", AddFunc: AddDependencyTrackTools, HasVariables: true},
	},
	"aws": {
		{Name: "cloudsplaining", Description: "AWS IAM policy scanner", AddFunc: AddCloudsplainingTools, HasVariables: true},
		{Name: "parliament", Description: "AWS IAM policy linter", AddFunc: AddParliamentTools, HasVariables: true},
		{Name: "pmapper", Description: "AWS IAM privilege escalation analysis", AddFunc: AddPMapperTools, HasVariables: true},
		{Name: "policy-sentry", Description: "AWS IAM policy generator", AddFunc: AddPolicySentryTools, HasVariables: true},
		{Name: "prowler", Description: "Multi-cloud security assessment", AddFunc: AddProwlerTools, HasVariables: true},
		{Name: "aws-iam-rotation", Description: "AWS IAM credential rotation", AddFunc: AddAWSIAMRotationTools, HasVariables: true},
		{Name: "aws-pricing", Description: "AWS pricing and cost calculator", AddFunc: AddAWSPricingTools, HasVariables: true},
	},
}

ToolRegistry contains all available tools organized by category

Functions

func AddAWSIAMRotationTools 

func AddAWSIAMRotationTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddAWSIAMRotationTools adds AWS IAM rotation MCP tool implementations

func AddAWSPricingTools 

func AddAWSPricingTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddAWSPricingTools adds AWS Pricing (official AWS CLI pricing commands) MCP tool implementations

func AddActionlintTools 

func AddActionlintTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddActionlintTools adds Actionlint (GitHub Actions linter) MCP tool implementations

func AddAllstarTools 

func AddAllstarTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddAllstarTools adds informational tools about Allstar (NOTE: Allstar is a GitHub App, not a CLI tool)

func AddCertManagerTools 

func AddCertManagerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCertManagerTools adds cert-manager MCP tool implementations

func AddCfnNagTools 

func AddCfnNagTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCfnNagTools adds CFN Nag (CloudFormation template security scanning) MCP tool implementations

func AddCheckSSLCertTools 

func AddCheckSSLCertTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCheckSSLCertTools adds SSL certificate validation MCP tool implementations

func AddCheckovTools 

func AddCheckovTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCheckovTools adds Checkov (Infrastructure as Code static analysis) MCP tool implementations

func AddCloudQueryTools 

func AddCloudQueryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCloudQueryTools adds CloudQuery (cloud asset inventory) MCP tool implementations

func AddCloudsplainingTools 

func AddCloudsplainingTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCloudsplainingTools adds Cloudsplaining (AWS IAM policy scanner) MCP tool implementations

func AddConftestTools 

func AddConftestTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddConftestTools adds Conftest (OPA policy testing) MCP tool implementations

func AddContainerRegistryTools 

func AddContainerRegistryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddContainerRegistryTools adds container registry operations using Docker CLI

func AddCosignAdvancedTools 

func AddCosignAdvancedTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCosignAdvancedTools adds advanced Cosign workflows using real CLI capabilities

func AddCosignTools 

func AddCosignTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCosignTools adds Cosign (container signing and verification) MCP tool implementations

func AddCustodianTools 

func AddCustodianTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddCustodianTools adds Cloud Custodian (cloud governance engine) MCP tool implementations

func AddDependencyTrackTools 

func AddDependencyTrackTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddDependencyTrackTools adds Dependency Track (software component analysis) MCP tool implementations

func AddDockleTools 

func AddDockleTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddDockleTools adds Dockle (container image linter) MCP tool implementations

func AddFalcoTools 

func AddFalcoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFalcoTools adds Falco (runtime security monitoring) MCP tool implementations

func AddFleetTools 

func AddFleetTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddFleetTools adds Fleet GitOps MCP tool implementations using kubectl

func AddGatekeeperTools 

func AddGatekeeperTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGatekeeperTools adds Gatekeeper (OPA Kubernetes policy engine) MCP tool implementations using kubectl

func AddGitHubAdminTools 

func AddGitHubAdminTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitHubAdminTools adds GitHub administration MCP tool implementations using gh CLI

func AddGitHubPackagesTools 

func AddGitHubPackagesTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitHubPackagesTools adds GitHub Packages management MCP tool implementations using gh CLI

func AddGitSecretsTools 

func AddGitSecretsTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitSecretsTools adds Git-secrets (git repository secret scanner) MCP tool implementations

func AddGitleaksTools 

func AddGitleaksTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGitleaksTools adds Gitleaks (secret detection in code and git history) MCP tool implementations using real gitleaks CLI commands

func AddGoldilocksTools 

func AddGoldilocksTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGoldilocksTools adds Goldilocks (Kubernetes resource recommendations) MCP tool implementations using kubectl and Helm

func AddGrypeTools 

func AddGrypeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGrypeTools adds Grype (vulnerability scanner for container images and filesystems) MCP tool implementations

func AddGuacTools 

func AddGuacTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddGuacTools adds GUAC (Graph for Understanding Artifact Composition) MCP tool implementations using real CLI tools

func AddHadolintTools 

func AddHadolintTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddHadolintTools adds Hadolint (Dockerfile linter) MCP tool implementations

func AddHistoryScrubTools 

func AddHistoryScrubTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddHistoryScrubTools adds Git history cleanup MCP tool implementations using real tools

func AddIacPlanTools 

func AddIacPlanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddIacPlanTools adds Infrastructure as Code planning MCP tool implementations using real IaC tools

func AddInTotoTools 

func AddInTotoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInTotoTools adds in-toto (supply chain attestation) MCP tool implementations using real CLI tools

func AddInfraMapTools 

func AddInfraMapTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInfraMapTools adds InfraMap (infrastructure diagram generator) MCP tool implementations using real CLI commands

func AddInfracostTools 

func AddInfracostTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInfracostTools adds Infracost MCP tool implementations using real CLI commands

func AddInfrascanTools 

func AddInfrascanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddInfrascanTools adds Infrascan (AWS infrastructure mapping) MCP tool implementations using real CLI commands

func AddK8sNetworkPolicyTools 

func AddK8sNetworkPolicyTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddK8sNetworkPolicyTools adds Kubernetes network policy management MCP tool implementations using real CLI tools

func AddKubeBenchTools 

func AddKubeBenchTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubeBenchTools adds Kube-bench (Kubernetes CIS benchmark) MCP tool implementations using real CLI commands

func AddKubeHunterTools 

func AddKubeHunterTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubeHunterTools adds Kube-hunter (Kubernetes penetration testing) MCP tool implementations using real CLI commands

func AddKubescapeTools 

func AddKubescapeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKubescapeTools adds Kubescape MCP tool implementations

func AddKuttlTools 

func AddKuttlTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKuttlTools adds KUTTL (Kubernetes testing framework) MCP tool implementations using real CLI commands

func AddKyvernoMultitenantTools 

func AddKyvernoMultitenantTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKyvernoMultitenantTools adds Kyverno multi-tenant policy MCP tool implementations using real CLI commands

func AddKyvernoTools 

func AddKyvernoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddKyvernoTools adds Kyverno policy management MCP tool implementations using real CLI commands

func AddLicenseDetectorTools 

func AddLicenseDetectorTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddLicenseDetectorTools adds License Detector (software license detection) MCP tool implementations using real CLI commands

func AddLitmusTools 

func AddLitmusTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddLitmusTools adds Litmus chaos engineering MCP tool implementations using real CLI commands

func AddNiktoTools 

func AddNiktoTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddNiktoTools adds Nikto (web vulnerability scanner) MCP tool implementations using real CLI commands

func AddOSSFScorecardTools 

func AddOSSFScorecardTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOSSFScorecardTools adds OSSF Scorecard MCP tool implementations

func AddOSVScannerTools 

func AddOSVScannerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOSVScannerTools adds OSV Scanner (Open Source Vulnerability scanner) MCP tool implementations using real CLI commands

func AddOpenInfraQuoteTools 

func AddOpenInfraQuoteTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenInfraQuoteTools adds OpenInfraQuote (infrastructure cost estimation) MCP tool implementations using real oiq CLI

func AddOpenSCAPTools 

func AddOpenSCAPTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddOpenSCAPTools adds OpenSCAP (security compliance scanning) MCP tool implementations using real CLI commands

func AddPMapperTools 

func AddPMapperTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPMapperTools adds PMapper (AWS IAM privilege escalation analysis) MCP tool implementations using real CLI commands

func AddPackerTools 

func AddPackerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPackerTools adds Packer (machine image building) MCP tool implementations using real CLI commands

func AddParliamentTools 

func AddParliamentTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddParliamentTools adds Parliament (AWS IAM policy linter) MCP tool implementations using real CLI commands

func AddPolicySentryTools 

func AddPolicySentryTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPolicySentryTools adds Policy Sentry (AWS IAM policy generator) MCP tool implementations using real CLI commands

func AddPowerpipeTools 

func AddPowerpipeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddPowerpipeTools adds Powerpipe MCP tool implementations using real powerpipe CLI commands

func AddProwlerTools 

func AddProwlerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddProwlerTools adds Prowler (multi-cloud security assessment) MCP tool implementations using real CLI commands

func AddRekorTools 

func AddRekorTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddRekorTools adds Rekor (transparency log) MCP tool implementations using real rekor-cli commands

func AddSLSAVerifierTools 

func AddSLSAVerifierTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSLSAVerifierTools adds SLSA Verifier MCP tool implementations using real slsa-verifier CLI commands

func AddSOPSTools 

func AddSOPSTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSOPSTools adds SOPS (Secrets OPerationS) MCP tool implementations using real sops CLI commands

func AddScoutSuiteTools 

func AddScoutSuiteTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddScoutSuiteTools adds Scout Suite MCP tool implementations using real scout CLI commands

func AddSemgrepTools 

func AddSemgrepTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSemgrepTools adds Semgrep (advanced static analysis for code security) MCP tool implementations using real semgrep CLI commands

func AddSigstorePolicyControllerTools 

func AddSigstorePolicyControllerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSigstorePolicyControllerTools adds Sigstore Policy Controller MCP tool implementations using real CLI tools

func AddSteampipeTools 

func AddSteampipeTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSteampipeTools adds Steampipe (cloud asset querying) MCP tool implementations using real steampipe CLI commands NOTE: Steampipe is typically configured as an external MCP server via npx @turbot/steampipe-mcp These tools provide Dagger-based execution as an alternative

func AddStepCATools 

func AddStepCATools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddStepCATools adds Step CA (Certificate Authority) MCP tool implementations

func AddSyftTools 

func AddSyftTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddSyftTools adds Syft (SBOM generation from container images and filesystems) MCP tool implementations using real syft CLI commands

func AddTerraformDocsTools 

func AddTerraformDocsTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerraformDocsTools adds Terraform Docs MCP tool implementations using real terraform-docs CLI

func AddTerraformerTools 

func AddTerraformerTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerraformerTools adds Terraformer MCP tool implementations using real terraformer CLI commands

func AddTerrascanTools 

func AddTerrascanTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTerrascanTools adds Terrascan (IaC security scanner) MCP tool implementations using real terrascan CLI commands

func AddTfLintTools 

func AddTfLintTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTfLintTools adds TFLint MCP tool implementations using real tflint CLI commands

func AddTfstateReaderTools 

func AddTfstateReaderTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTfstateReaderTools adds Terraform state analysis MCP tool implementations using real CLI commands

func AddTrivyGoldenTools 

func AddTrivyGoldenTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTrivyGoldenTools adds enhanced Trivy for golden images MCP tool implementations using real trivy CLI commands

func AddTrivyTools 

func AddTrivyTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTrivyTools adds Trivy (universal vulnerability scanner) MCP tool implementations using real trivy CLI commands

func AddTrufflehogTools 

func AddTrufflehogTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddTrufflehogTools adds TruffleHog MCP tool implementations using real trufflehog CLI commands

func AddVeleroTools 

func AddVeleroTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddVeleroTools adds Velero (Kubernetes backup and restore) MCP tool implementations using real CLI commands

func AddZapTools 

func AddZapTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

AddZapTools adds OWASP ZAP (web application security scanner) MCP tool implementations

func GenerateMCPHelpText 

func GenerateMCPHelpText() string

GenerateMCPHelpText dynamically generates help text from the modular registry

func GenerateToolsResourceContent 

func GenerateToolsResourceContent() string

GenerateToolsResourceContent dynamically generates tools resource content from the modular registry

func GetExternalMCPServer 

func GetExternalMCPServer(toolName string) (ship.MCPServerConfig, bool)

GetExternalMCPServer returns the configuration for an external MCP server

func IsExternalMCPServer 

func IsExternalMCPServer(toolName string) bool

IsExternalMCPServer checks if the tool name matches an external MCP server

func ListExternalMCPServers 

func ListExternalMCPServers() []string

ListExternalMCPServers returns a list of all available external MCP server names

func RegisterAllTools 

func RegisterAllTools(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterAllTools registers all tools with the MCP server

func RegisterToolByName 

func RegisterToolByName(name string, s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterToolByName registers a specific tool by name

func RegisterToolsByCategory 

func RegisterToolsByCategory(category string, s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)

RegisterToolsByCategory registers tools from a specific category

Types

type ExecuteShipCommandFunc 

type ExecuteShipCommandFunc func(args []string) (*mcp.CallToolResult, error)

ExecuteShipCommandFunc is a function type for executing ship commands

type ToolInfo 

type ToolInfo struct {
	Name         string
	Description  string
	Category     string
	AddFunc      func(s *server.MCPServer, executeShipCommand ExecuteShipCommandFunc)
	HasVariables bool // Indicates if the tool requires variables (like AWS credentials)
}

ToolInfo contains information about a tool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.