Public documentation for governed AI labor
SDKs/Governance/Connectors
Arx / Docs / ARXsec.io MCP Server

Documentation

ARXsec.io MCP Server

Project-Agent-trust-merge / arxsec-api/mcp-server/README.md

Project-Agent-trust-merge repo-root arxsec-api/mcp-server/README.md

Model Context Protocol (MCP) server for ARXsec.io platform. Enables Claude Code, ChatGPT, and other AI assistants to execute arx connector operations.

Features

  • 100+ Security Tool Integrations - Access CrowdStrike, Splunk, Slack, Jira, and more through arx
  • Policy-Enforced - All operations are evaluated by arx's policy engine
  • Audit Logged - Every operation is immutably logged
  • Human-in-the-Loop - High-risk operations can be escalated to Slack/Teams for approval
  • Multi-Platform - Works with Claude Code, ChatGPT Custom GPTs, and other MCP clients

Installation

Prerequisites

  • Python 3.11+
  • arx API credentials (API key)
  • Agent ID (UUID of the agent making requests)

Setup

  1. Clone and install dependencies:

``bash cd arxsec-api/mcp-server pip install -r requirements.txt ``

  1. Create .env file:

``bash cat > .env << EOF ARX_API_BASE_URL=https://api.arxsec.io ARX_API_KEY=your-api-key-here ARX_AGENT_ID=your-agent-uuid-here EOF ``

  1. Test the server:

``bash python server.py ``

Usage with Claude Code

Add MCP to Claude Code

  1. Open Claude Code settings
  2. Go to "MCP Servers"
  3. Add new MCP server:
  • Name: arxsec-mcp-server
  • Type: Python
  • Command: python /path/to/arxsec-api/mcp-server/server.py
  • Environment:
  • ARX_API_BASE_URL=https://api.arxsec.io
  • ARX_API_KEY=<your-api-key>
  • ARX_AGENT_ID=<your-agent-id>
  1. Restart Claude Code

Use in Claude Code

Claude will now have access to arx tools:

``` User: "Get the last 10 CrowdStrike detections"

Claude: I'll fetch the recent detections from CrowdStrike using arx. [Calls: crowdstrike_detections_read with params: {"limit": 10}]

Result: [detection data...] ```

Available Tools

The MCP server exposes:

  1. Specific Tools - One for each connector operation
  • Example: crowdstrike_detections_read, slack_messages_write, etc.
  • Claude understands parameters and context for each
  1. Generic Tool - execute_connector
  • Use when a specific tool isn't available
  • Takes: connector name, operation name, and parameters

Tool Discovery

Get available tools programmatically:

``bash curl -H "Authorization: Bearer YOUR_API_KEY" \ https://api.arxsec.io/v1/tools/schema ``

``bash curl -H "Authorization: Bearer YOUR_API_KEY" \ https://api.arxsec.io/v1/tools/categories ``

Architecture

`` Claude Code / AI Assistant ↓ [MCP Server] (this process) ↓ HTTP calls to arx API ↓ arx Backend ├─ Policy Engine ├─ Audit Logging ├─ Human Approvals └─ Connector Execution ``

Configuration

Environment variables:

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | ARX_API_BASE_URL | No | http://localhost:8000 | arx API endpoint | | ARX_API_KEY | Yes | - | API key for authentication | | ARX_AGENT_ID | Yes | - | Agent UUID making requests |

Logging

The server logs to stdout with structured JSON format:

``json {"event": "execute_tool.success", "tool": "crowdstrike_detections_read", "timestamp": "2024-04-16T..."} ``

Troubleshooting

"ARX_API_KEY not set"

Set the environment variable before running: ``bash export ARX_API_KEY=your-key-here python server.py ``

"401 Unauthorized"

Check your API key and ensure it's valid. Get a new one from https://app.arxsec.io/api-keys

"Tool execution denied"

The operation was denied by arx's policy engine. Check your agent's permissions at https://app.arxsec.io/agents

"Tool not found"

The connector or operation doesn't exist. Use /v1/tools/schema to see available tools.

Support

For issues or questions:

  • Documentation: https://arxsec.io/docs
  • Email: support@arxsec.io
  • GitHub: https://github.com/arxsec/arxsec-platform

License

Proprietary — All rights reserved.