ms-sentinel-mcp-server

Instructions

Implementation Reference

• tools/workspace_tools.py:107-172 (handler)

  SentinelSourceControlsListTool class: defines the tool name, description, and implements the 'run' method that lists all source controls in the Sentinel workspace using the Azure Security Insights client, serializes the results, and handles errors in an MCP-compliant format.
  class SentinelSourceControlsListTool(MCPToolBase): """ Tool for listing all Sentinel source controls in the current workspace. """ name = "sentinel_source_controls_list" description = "List all Sentinel source controls in the current workspace." async def run(self, ctx: Context, **kwargs): """ List all source controls in the current Sentinel workspace. Parameters: None required. (Context is extracted from MCP or environment.) Returns: dict: { 'source_controls': list[dict], 'valid': bool, 'errors': list[str], 'error': str (optional, present only if an error occurs) } Output Fields: - source_controls: List of source control objects (id, name, repo, etc.) - valid: True if successful, False otherwise - errors: List of error messages (empty if none) - error: Error message if an error occurs (optional) Error cases will always include an 'error' key for testability. """ logger = self.logger params = dict(kwargs) if "kwargs" in kwargs and isinstance(kwargs["kwargs"], dict): params.update(kwargs["kwargs"]) workspace_name, resource_group, subscription_id = self.get_azure_context(ctx) result = { "source_controls": [], "valid": False, "errors": [], } try: client = self.get_securityinsight_client(subscription_id) controls = client.source_controls.list(resource_group, workspace_name) controls_list = [] for ctrl in controls: controls_list.append( { "id": getattr(ctrl, "id", None), "name": getattr(ctrl, "name", None), "repo_type": getattr(ctrl, "repo_type", None), "repo_url": getattr(ctrl, "repo_url", None), "description": getattr(ctrl, "description", None), "content_types": getattr(ctrl, "content_types", None), "created_time_utc": str(getattr(ctrl, "created_time_utc", "")), "last_modified_time_utc": str( getattr(ctrl, "last_modified_time_utc", "") ), } ) result["source_controls"] = controls_list result["valid"] = True except Exception as ex: error_msg = "Error listing source controls: %s" % ex logger.exception("%s", error_msg) result["error"] = error_msg result["errors"].append(error_msg) return result
• tools/workspace_tools.py:116-134 (schema)

  Docstring in the 'run' method detailing the input parameters (none required), output schema, fields description, and error handling structure.
  """ List all source controls in the current Sentinel workspace. Parameters: None required. (Context is extracted from MCP or environment.) Returns: dict: { 'source_controls': list[dict], 'valid': bool, 'errors': list[str], 'error': str (optional, present only if an error occurs) } Output Fields: - source_controls: List of source control objects (id, name, repo, etc.) - valid: True if successful, False otherwise - errors: List of error messages (empty if none) - error: Error message if an error occurs (optional) Error cases will always include an 'error' key for testability. """
• tools/workspace_tools.py:570-579 (registration)

  The 'register_tools' function that registers the SentinelSourceControlsListTool (and others) with the MCP server instance via class.register(mcp).
  def register_tools(mcp): """Register all Sentinel workspace-related tools with the MCP server instance.""" SentinelWorkspaceGetTool.register(mcp) SentinelSourceControlsListTool.register(mcp) SentinelSourceControlGetTool.register(mcp) SentinelMetadataListTool.register(mcp) SentinelMetadataGetTool.register(mcp) SentinelMLAnalyticsSettingsListTool.register(mcp) SentinelMLAnalyticsSettingGetTool.register(mcp)