Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| SHAMASH_AUDIT_LOG_PATH | No | Audit log location | ./audit.log |
| SHAMASH_MAX_TOKENS_PER_HOUR | No | Hourly token limit | 50000 |
| SHAMASH_MAX_TOKENS_PER_SCAN | No | Token limit per scan | 1000 |
Schema
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| security_review | Comprehensive security review prompt |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Scan Results | Access detailed scan results |
| Compliance Reports | Access compliance validation reports |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| scan_project | Performs comprehensive security scan on project directory |
| scan_network | Performs network scanning within project boundaries |
| pentest_application | Performs penetration testing on deployed applications |
| check_compliance | Validates project against compliance frameworks |
| generate_remediation | Generate actionable remediation advice for findings |
| manage_false_positives | Manage false positive suppressions |
| manage_custom_rules | Manage custom security rules |