Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| MCP_AUTH_MODE | No | The authentication mode to use (e.g., 'bearer'). | |
| MCP_TRANSPORT | No | The primary network transport to use. Options: stdio, http, sse. Default is stdio. | stdio |
| MCP_AUTH_SCOPES | No | Comma-separated list of required authentication scopes (e.g., 'read,write'). | |
| MCP_OIDC_ISSUER | No | The URL of the OIDC issuer. | |
| MCP_SERVER_HOST | No | The host address to bind the server to when using network transport (http/sse). | 0.0.0.0 |
| MCP_SERVER_PORT | No | The port to bind the server to when using network transport (http/sse). | |
| MCP_AUTH_ENABLED | No | Whether to enable bearer-token auth with OIDC. Set to 'true' to enable. | |
| MCP_AUTH_AUDIENCE | No | The expected audience for OIDC token validation. | |
| MCP_OIDC_JWKS_URL | No | The URL of the OIDC JWKS (JSON Web Key Set) for token validation. | |
| MCP_OAUTH_CLIENT_ID | No | The OAuth client ID for authentication. | |
| MCP_OAUTH_CLIENT_SECRET | No | The OAuth client secret for authentication. | |
| MCP_OIDC_INTROSPECTION_URL | No | Optional alternative or backup validation mode using an introspection URL. |
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| setMode | - |
| nmapScan | - |
| generateWordlist | - |
| runJohnTheRipper | - |
| runHashcat | - |
| cancelScan | - |
| createClientReport | - |
| gobuster | - |
| nikto | - |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |