npm - @raghulm/aegis-mcp - Versions diffs - 1.0.4 → 1.0.7 - Mend

@raghulm/aegis-mcp 1.0.4 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/README.md +286 -290
package/audit/audit_logger.py +62 -62
package/package.json +5 -6
package/policies/roles.yaml +34 -34
package/policies/scope_rules.yaml +16 -16
package/requirements.txt +8 -7
package/run_stdio.py +22 -22
package/server/auth.py +69 -69
package/server/config.py +82 -82
package/server/health.py +19 -19
package/server/logging.py +33 -33
package/server/main.py +212 -144
package/server/stdio.py +7 -7
package/tools/aws/ec2.py +26 -26
package/tools/aws/s3.py +54 -54
package/tools/cicd/jenkins.py +256 -0
package/tools/cicd/pipeline.py +33 -33
package/tools/git/repo.py +22 -22
package/tools/kubernetes/audit.py +108 -108
package/tools/kubernetes/pods.py +27 -27
package/tools/network/headers.py +99 -99
package/tools/network/port_scanner.py +66 -66
package/tools/network/ssl_checker.py +65 -65
package/tools/security/deps.py +103 -103
package/tools/security/secrets.py +91 -91
package/tools/security/semgrep.py +261 -261
package/tools/security/trivy.py +19 -19

package/README.md CHANGED Viewed

@@ -1,162 +1,179 @@
-<div align="center">
-  <h1>🛡️ Aegis MCP Server</h1>
-  <p><b>Aegis MCP is an open-source, DevSecOps-focused Model Context Protocol server that allows AI agents to safely interact with cloud infrastructure, CI/CD systems, and security tooling.</b></p>
-  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-  [![Python version](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/)
-  [![MCP Protocol](https://img.shields.io/badge/MCP-Server-green.svg)](https://modelcontextprotocol.io/)
-  [![Docker](https://img.shields.io/badge/docker-ready-blue.svg)](https://www.docker.com/)
-</div>
----
-**Aegis MCP Server** empowers AI assistants (like Claude, Cursor, and GitHub Copilot) to perform cloud architecture administration, security scanning, and network analyses directly from their execution environments. It wraps powerful underlying tools and SDKs into secure, audited MCP tool sets.
----
-## 📸 Demo in Action
-```text
-AI Agent: "Check if any S3 bucket is publicly accessible"
-Tool call → aws_check_s3_public_access
-Result → bucket audit report
-```
-<p align="center">
-  <img src="docs/demo-aegis.gif" width="900"/>
-</p>
----
-## 🌟 Key Features
-- 🚀 **FastMCP Server** — Exposes domain-specific tools for AWS, Kubernetes, security scanning, Git, network analysis, and CI/CD pipelines.
-- 🔐 **Flexible Authorization** — JWT-based RBAC for production deployments; automatically disabled for local stdio sessions (Claude Desktop, Agent IDEs).
-- 📜 **Structured Audit Logging** — Emits clean JSON audit logs for every invocation, suitable for SIEM integrations.
-- 🛠 **Expandable Tooling** — Easily add new integrations. Includes ready-to-use scanners for dependencies, secrets, SSL/TLS certs, Semgrep, Trivy, and more.
-- 📦 **Docker Ready** — Containerized deployment using a non-root runtime with built-in health checks.
-- 🌐 **ASGI Integration** — FastAPI health endpoint alongside MCP streamable-http transport.
----
-## 📐 Architecture
-```mermaid
-flowchart TD
-    Client[MCP Client / AI Agent] -->|Tool Call| AuthZ[Auth & RBAC Layer]
-    subgraph aegis-mcp["Aegis MCP Server"]
-        AuthZ --> Audit[Audit Logger]
-        Audit --> ToolsLayer[Tool Dispatch Layer]
-    end
-    ToolsLayer --> AWS[AWS SDK]
-    ToolsLayer --> K8s[kubectl / K8s SDK]
-    ToolsLayer --> Sec[Trivy / Semgrep]
-    ToolsLayer --> Net[Nmap / SSL]
-    ToolsLayer --> Git[Git CLI]
-```
-The server receives MCP tool-call requests over **streamable HTTP** or **stdio** transport. In HTTP mode, each request requires a JWT bearer token for authorization. In stdio mode (local usage), authorization is automatically disabled.
----
-## 📂 Repository Structure
-```text
-aegis-mcp/
-│
-├── server/
-│   ├── main.py
-│   ├── health.py
-│   ├── auth.py
-│   └── tools/
-│       ├── aws/
-│       ├── kubernetes/
-│       ├── security/
-│       └── network/
-│
-├── policies/
-├── tests/
-├── Dockerfile
-└── run_stdio.py
-```
----
-## 🧰 Available Tools
-### Example Tool Invocation
-```text
-Tool: security_run_trivy_scan
-Input:
-image=nginx:latest
-Output:
-CRITICAL: 2
-HIGH: 4
-MEDIUM: 7
-```
-### Cloud & DevOps
-| Tool | Description |
-|------|-------------|
-| `aws_list_ec2_instances` | List EC2 instances in a specific AWS region |
-| `aws_check_s3_public_access` | Audit S3 buckets for public access settings |
-| `k8s_list_pods` | List Kubernetes pods in a given namespace |
-| `cicd_pipeline_status` | Fetch CI/CD pipeline execution status |
-| `git_recent_commits` | Fetch recent commit history from the active Git repo |
-### Application Security & SAST
-| Tool | Description |
-|------|-------------|
-| `security_semgrep_scan` | Run Semgrep SAST scan on a local directory or file |
-| `security_run_trivy_scan` | Run Trivy vulnerability scan on a container image |
-| `security_scan_secrets` | Scan files/directories for exposed secrets |
-| `security_check_dependencies` | Check dependency files for known CVEs via OSV.dev |
-### Network & Infrastructure Security
-| Tool | Description |
-|------|-------------|
-| `k8s_security_audit` | Audit Kubernetes clusters (privileged containers, wildcard RBAC, etc.) |
-| `network_port_scan` | TCP port scan to detect exposed services |
-| `security_check_ssl_certificate` | Validate SSL/TLS certificate details and expiry |
-| `security_check_http_headers` | Audit URLs for security headers (HSTS, CSP, etc.) |
-> [!IMPORTANT]
-> **SAST (Semgrep scan) works only on Agent IDEs (e.g., Antigravity, Cursor) or Claude Co-work.**
-> It does **not** work on Claude Desktop due to Windows subprocess pipe limitations with `semgrep-core.exe`. All other tools (secrets scan, SSL check, port scan, etc.) work on all platforms including Claude Desktop.
----
-## 🚀 Getting Started
+<div align="center">
+  <img src="docs/aegis-mcp-logo-v2.svg" width="100%" alt="Aegis MCP logo"/>
+  <h1>🛡️ Aegis MCP Server</h1>
+  <p><b>Aegis MCP is an open-source, DevSecOps-focused Model Context Protocol server that allows AI agents to safely interact with cloud infrastructure, CI/CD systems, and security tooling.</b></p>
+  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+  [![Python version](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/)
+  [![MCP Protocol](https://img.shields.io/badge/MCP-Server-green.svg)](https://modelcontextprotocol.io/)
+  [![Docker](https://img.shields.io/badge/docker-ready-blue.svg)](https://www.docker.com/)
+</div>
+---
+**Aegis MCP Server** empowers AI assistants (like Claude, Cursor, and GitHub Copilot) to perform cloud architecture administration, security scanning, and network analyses directly from their execution environments. It wraps powerful underlying tools and SDKs into secure, audited MCP tool sets.
+---
+## 📸 Demo in Action
+```text
+AI Agent: "Check if any S3 bucket is publicly accessible"
+Tool call → aws_check_s3_public_access
+Result → bucket audit report
+```
+<p align="center">
+  <img src="docs/demo-aegis.gif" width="900"/>
+</p>
+---
+## 🌟 Key Features
+- 🚀 **FastMCP Server** — Exposes domain-specific tools for AWS, Kubernetes, security scanning, Git, network analysis, Jenkins, and CI/CD pipelines.
+- 🔐 **Flexible Authorization** — JWT-based RBAC for production deployments; automatically disabled for local stdio sessions (Claude Desktop, Agent IDEs).
+- 📜 **Structured Audit Logging** — Emits clean JSON audit logs for every invocation, suitable for SIEM integrations.
+- 🛠 **Expandable Tooling** — Easily add new integrations. Includes ready-to-use scanners for dependencies, secrets, SSL/TLS certs, Semgrep, Trivy, and more.
+- 📦 **Docker Ready** — Containerized deployment using a non-root runtime with built-in health checks.
+- 🌐 **ASGI Integration** — FastAPI health endpoint alongside MCP streamable-http transport.
+---
+## 📐 Architecture
+```mermaid
+flowchart TD
+    Client[MCP Client / AI Agent] -->|Tool Call| AuthZ[Auth & RBAC Layer]
+    subgraph aegis-mcp["Aegis MCP Server"]
+        AuthZ --> Audit[Audit Logger]
+        Audit --> ToolsLayer[Tool Dispatch Layer]
+    end
+    ToolsLayer --> AWS[AWS SDK]
+    ToolsLayer --> K8s[kubectl / K8s SDK]
+    ToolsLayer --> Sec[Trivy / Semgrep]
+    ToolsLayer --> Net[Nmap / SSL]
+    ToolsLayer --> Git[Git CLI]
+    ToolsLayer --> Jenkins[Jenkins API]
+```
+The server receives MCP tool-call requests over **streamable HTTP** or **stdio** transport. In HTTP mode, each request requires a JWT bearer token for authorization. In stdio mode (local usage), authorization is automatically disabled.
+---
+## 📂 Repository Structure
+```text
+aegis-mcp/
+│
+├── server/
+│   ├── main.py
+│   ├── health.py
+│   ├── auth.py
+│   └── tools/
+│       ├── aws/
+│       ├── cicd/          # Jenkins + pipeline tools
+│       ├── kubernetes/
+│       ├── security/
+│       └── network/
+│
+├── policies/
+├── tests/
+├── Dockerfile
+└── run_stdio.py
+```
+---
+## 🧰 Available Tools
+### Example Tool Invocation
+```text
+Tool: security_run_trivy_scan
+Input:
+image=nginx:latest
+Output:
+CRITICAL: 2
+HIGH: 4
+MEDIUM: 7
+```
+### Cloud & DevOps
+| Tool | Description |
+|------|-------------|
+| `aws_list_ec2_instances` | List EC2 instances in a specific AWS region |
+| `aws_check_s3_public_access` | Audit S3 buckets for public access settings |
+| `k8s_list_pods` | List Kubernetes pods in a given namespace |
+| `cicd_pipeline_status` | Fetch CI/CD pipeline execution status |
+| `git_recent_commits` | Fetch recent commit history from the active Git repo |
+### Jenkins CI/CD
+| Tool | Description |
+|------|-------------|
+| `jenkins_list_jobs` | List all jobs on a Jenkins server |
+| `jenkins_get_job_info` | Get detailed info about a specific job (build history, health) |
+| `jenkins_create_job` | Create a new Jenkins job from XML config |
+| `jenkins_trigger_build` | Trigger a build with optional parameters (JSON) |
+| `jenkins_get_build_info` | Get result, duration, and status of a specific build |
+| `jenkins_get_build_log` | Fetch console output of a build |
+| `jenkins_delete_job` | Delete a Jenkins job |
+> [!TIP]
+> **Jenkins tools require per-call credentials** — pass `url`, `username`, and `api_token` with each call. No global env vars needed.
+### Application Security & SAST
+| Tool | Description |
+|------|-------------|
+| `security_semgrep_scan` | Run Semgrep SAST scan on a local directory or file |
+| `security_run_trivy_scan` | Run Trivy vulnerability scan on a container image |
+| `security_scan_secrets` | Scan files/directories for exposed secrets |
+| `security_check_dependencies` | Check dependency files for known CVEs via OSV.dev |
+### Network & Infrastructure Security
+| Tool | Description |
+|------|-------------|
+| `k8s_security_audit` | Audit Kubernetes clusters (privileged containers, wildcard RBAC, etc.) |
+| `network_port_scan` | TCP port scan to detect exposed services |
+| `security_check_ssl_certificate` | Validate SSL/TLS certificate details and expiry |
+| `security_check_http_headers` | Audit URLs for security headers (HSTS, CSP, etc.) |
+> [!IMPORTANT]
+> **SAST (Semgrep scan) works only on Agent IDEs (e.g., Antigravity, Cursor) or Claude Co-work.**
+> It does **not** work on Claude Desktop due to Windows subprocess pipe limitations with `semgrep-core.exe`. All other tools (secrets scan, SSL check, port scan, etc.) work on all platforms including Claude Desktop.
+---
+## 🚀 Getting Started
 ### Prerequisites
 - **Python 3.12+**
 - **Node.js 18+** (only if you want to run via npm/npx)
 - **Semgrep** — `pip install semgrep` (for SAST scanning)
 - Optional: AWS CLI / `boto3`, `kubectl`, Trivy (for their respective tools)
-### Installation
-```bash
-git clone https://github.com/raghulvj01/aegis-mcp.git
-cd aegis-mcp
-# Create virtual environment
-python -m venv .venv
-# Activate it
-# Linux/Mac:
-source .venv/bin/activate
-# Windows:
-.venv\Scripts\activate
-# Install dependencies
+### Installation
+```bash
+git clone https://github.com/raghulvj01/aegis-mcp.git
+cd aegis-mcp
+# Create virtual environment
+python -m venv .venv
+# Activate it
+# Linux/Mac:
+source .venv/bin/activate
+# Windows:
+.venv\Scripts\activate
+# Install dependencies
 pip install -r requirements.txt
 ```
@@ -171,13 +188,13 @@ npx -y @raghulm/aegis-mcp
 On first run, the npm wrapper creates a local Python virtual environment and installs dependencies from `requirements.txt` automatically.
 ---
-## 🤖 Usage with AI Agents
-### Agent IDE / Antigravity (Recommended)
-Add to your MCP config (e.g., `mcp_config.json`):
+## 🤖 Usage with AI Agents
+### Agent IDE / Antigravity (Recommended)
+Add to your MCP config (e.g., `mcp_config.json`):
 ```json
 {
   "mcpServers": {
@@ -188,15 +205,15 @@ Add to your MCP config (e.g., `mcp_config.json`):
   }
 }
 ```
-> ✅ **All 12 tools work**, including Semgrep SAST.
-### Claude Desktop
-Add to `claude_desktop_config.json`:
-- **Windows**: `%LOCALAPPDATA%\Packages\Claude_...\LocalCache\Roaming\Claude\`
-- **Mac**: `~/Library/Application Support/Claude/`
+> ✅ **All 19 tools work**, including Semgrep SAST and Jenkins integration.
+### Claude Desktop
+Add to `claude_desktop_config.json`:
+- **Windows**: `%LOCALAPPDATA%\Packages\Claude_...\LocalCache\Roaming\Claude\`
+- **Mac**: `~/Library/Application Support/Claude/`
 ```json
 {
   "mcpServers": {
@@ -207,102 +224,103 @@ Add to `claude_desktop_config.json`:
   }
 }
 ```
-> ⚠️ **11 of 12 tools work.** Semgrep SAST does not work due to Windows pipe limitations.
-### Cursor / Windsurf (HTTP Mode)
-Start the server, then add to `.cursor/mcp.json`:
-```bash
-uvicorn server.health:app --host 0.0.0.0 --port 8000
-```
-```json
-{
-  "mcpServers": {
-    "aegis": {
-      "url": "http://localhost:8000/mcp"
-    }
-  }
-}
-```
-### Docker Deployment
-```bash
-docker build -t aegis-mcp .
-docker run -p 8000:8000 aegis-mcp
-```
----
-## ⚙️ Configuration
-| Variable | Description | Default |
-|----------|-------------|---------|
-| `MCP_AUTH_DISABLED` | Disable JWT auth (auto-set for stdio) | `false` |
-| `MCP_SERVICE_NAME` | Name of the MCP service | `aegis` |
-| `MCP_ENV` | Environment (`dev`, `staging`, `prod`) | `dev` |
-| `MCP_ROLES_FILE` | Path to roles policy YAML | `policies/roles.yaml` |
-| `MCP_SCOPES_FILE` | Path to scopes policy YAML | `policies/scope_rules.yaml` |
-| `OIDC_ISSUER` | Expected JWT `iss` claim | *None* |
-| `OIDC_AUDIENCE` | Expected JWT `aud` claim | *None* |
----
-## 🗝 Access Control
-In **HTTP mode**, every tool requires a `token` argument containing a JWT. The authorization layer checks roles and scopes defined in `policies/roles.yaml` and `policies/scope_rules.yaml`.
-In **stdio mode** (local usage via `run_stdio.py`), authorization is **automatically disabled** — no token required.
-### Policy Example (`policies/roles.yaml`)
-```yaml
-roles:
-  viewer:
-    - aws_list_ec2_instances
-    - k8s_list_pods
-  security:
-    - security_run_trivy_scan
-    - security_semgrep_scan
-  admin:
-    - aws_list_ec2_instances
-    - k8s_list_pods
-    - security_run_trivy_scan
-    - security_semgrep_scan
-    # ... all tools
-```
----
-## 📝 Audit Logging
-The `@audit_tool_call` decorator emits structured JSON logs for every invocation:
-```json
-{
-  "timestamp": "2026-03-06T08:00:01+00:00",
-  "level": "INFO",
-  "event": "tool_call_succeeded",
-  "tool": "security_run_trivy_scan",
-  "duration_ms": 1204
-}
-```
----
-## 🛡️ Security Best Practices
-1. **Enforce JWT Signature Validation** — Update `server/auth.py` to verify RS256 JWTs using your IdP's JWKS endpoint for production.
-2. **Least-Privilege Credentials** — Assign ReadOnly IAM / K8s roles to the server environment.
-3. **Monitor Audit Logs** — Forward JSON logs to a SIEM. Set up anomaly detection for aggressive looping.
----
+> ⚠️ **18 of 19 tools work.** Semgrep SAST does not work due to Windows pipe limitations.
+### Cursor / Windsurf (HTTP Mode)
+Start the server, then add to `.cursor/mcp.json`:
+```bash
+uvicorn server.health:app --host 0.0.0.0 --port 8000
+```
+```json
+{
+  "mcpServers": {
+    "aegis": {
+      "url": "http://localhost:8000/mcp"
+    }
+  }
+}
+```
+### Docker Deployment
+```bash
+docker build -t aegis-mcp .
+docker run -p 8000:8000 aegis-mcp
+```
+---
+## ⚙️ Configuration
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `MCP_AUTH_DISABLED` | Disable JWT auth (auto-set for stdio) | `false` |
+| `MCP_SERVICE_NAME` | Name of the MCP service | `aegis` |
+| `MCP_ENV` | Environment (`dev`, `staging`, `prod`) | `dev` |
+| `MCP_ROLES_FILE` | Path to roles policy YAML | `policies/roles.yaml` |
+| `MCP_SCOPES_FILE` | Path to scopes policy YAML | `policies/scope_rules.yaml` |
+| `OIDC_ISSUER` | Expected JWT `iss` claim | *None* |
+| `OIDC_AUDIENCE` | Expected JWT `aud` claim | *None* |
+---
+## 🗝 Access Control
+In **HTTP mode**, every tool requires a `token` argument containing a JWT. The authorization layer checks roles and scopes defined in `policies/roles.yaml` and `policies/scope_rules.yaml`.
+In **stdio mode** (local usage via `run_stdio.py`), authorization is **automatically disabled** — no token required.
+### Policy Example (`policies/roles.yaml`)
+```yaml
+roles:
+  viewer:
+    - aws_list_ec2_instances
+    - k8s_list_pods
+  security:
+    - security_run_trivy_scan
+    - security_semgrep_scan
+  admin:
+    - aws_list_ec2_instances
+    - k8s_list_pods
+    - security_run_trivy_scan
+    - security_semgrep_scan
+    # ... all tools
+```
+---
+## 📝 Audit Logging
+The `@audit_tool_call` decorator emits structured JSON logs for every invocation:
+```json
+{
+  "timestamp": "2026-03-06T08:00:01+00:00",
+  "level": "INFO",
+  "event": "tool_call_succeeded",
+  "tool": "security_run_trivy_scan",
+  "duration_ms": 1204
+}
+```
+---
+## 🛡️ Security Best Practices
+1. **Enforce JWT Signature Validation** — Update `server/auth.py` to verify RS256 JWTs using your IdP's JWKS endpoint for production.
+2. **Least-Privilege Credentials** — Assign ReadOnly IAM / K8s roles to the server environment.
+3. **Monitor Audit Logs** — Forward JSON logs to a SIEM. Set up anomaly detection for aggressive looping.
+---
 ## 🛣️ Roadmap
+- [x] Jenkins CI/CD integration (list, create, trigger, inspect, delete jobs) ✅
 - [ ] Terraform security scanner
 - [ ] IAM policy risk detection
 - [ ] Kubernetes misconfiguration scanner (Basic `k8s_security_audit` implemented!)
@@ -311,34 +329,12 @@ The `@audit_tool_call` decorator emits structured JSON logs for every invocation
 ---
-## 📦 Publish to npm
-```bash
-# 1) Login to npm
-npm login
-# 2) Verify package contents
-npm run pack:check
-# 3) Publish publicly
-npm publish --access public
-```
+## 🤝 Contributing
-For scoped packages like `@raghulm/aegis-mcp`, keep `--access public` in the publish command.
+See [CONTRIBUTING.md](./CONTRIBUTING.md) for contribution and maintainer release workflows.
 ---
-## 🤝 Contributing
-1. Fork the project
-2. Create your feature branch (`git checkout -b feature/AmazingFeature`)
-3. Add your tool into `tools/<domain>/`
-4. Register it via `@mcp.tool()` in `server/main.py` with `@audit_tool_call` and auth check
-5. Add tests in `tests/`
-6. Open a Pull Request
----
-## 📄 License
-Distributed under the MIT License. See `LICENSE` for more information.
+## 📄 License
+Distributed under the MIT License. See `LICENSE` for more information.