SD Elements MCP Server

A Model Context Protocol server that provides SD Elements API integration. This server enables LLMs to interact with SD Elements security development lifecycle platform.

License: MIT Python 3.10+

Available Tools

Project Management

list_projects - List all projects with optional filtering
get_project - Get detailed project information
create_project - Create a new project
update_project - Update project details
delete_project - Delete a project

Application Management

list_applications - List all applications
get_application - Get application details
create_application - Create a new application
update_application - Update application information

Countermeasures

list_countermeasures - List countermeasures for a project
get_countermeasure - Get countermeasure details
update_countermeasure - Update countermeasure status

Project Surveys

get_project_survey - Get the complete survey structure for a project
get_current_survey_answers - Get the current answers assigned to a survey in readable format
update_project_survey - Update project survey answers with answer IDs
find_survey_answers - Find answer IDs by searching for answer text (e.g., "Java", "Web Application")
set_project_survey_by_text - Set survey using answer text directly instead of IDs
add_survey_answers_by_text - Add answers to survey without removing existing ones (e.g., add "Python")
remove_survey_answers_by_text - Remove specific answers from survey (e.g., remove "Java")

Repository Scanning

list_scan_connections - List available repository scan connections (GitHub/GitLab)
scan_repository - Scan a repository to automatically populate project survey
get_scan_status - Get status and results of a repository scan
list_scans - List all repository scans for a project

Project Diagrams

list_project_diagrams - List diagrams for a project
get_diagram - Get a specific diagram with its data
create_diagram - Create a new project diagram
update_diagram - Update an existing diagram
delete_diagram - Delete a project diagram

Note: The Project Diagrams feature requires enablement by your Customer Success Manager. Contact your CSM if this feature is not available on your instance.

Advanced Reports

list_advanced_reports - List all advanced reports
get_advanced_report - Get report configuration
run_advanced_report - Execute a report and get the data (JSON/CSV)
create_advanced_report - Create a new advanced report
execute_cube_query - Execute Cube API queries directly for advanced analytics

Quick Start

Using uvx (recommended)

Option 1: From GitHub (Current)

uvx git+https://github.com/geoffwhittington/sde-mcp.git

Option 2: From PyPI (Future - when published)

uvx sde-mcp-server

Using uv

Install from GitHub

uv pip install git+https://github.com/geoffwhittington/sde-mcp.git sde-mcp-server

Install from PyPI (when available)

uv pip install sde-mcp-server sde-mcp-server

Using pip

Install from GitHub

pip install git+https://github.com/geoffwhittington/sde-mcp.git sde-mcp-server

Install from PyPI (when available)

pip install sde-mcp-server sde-mcp-server

Configuration

The server requires two environment variables:

SDE_HOST: Your SD Elements instance URL (e.g., https://your-sdelements-instance.com)
SDE_API_KEY: Your SD Elements API key

Setting Environment Variables

Option 1: Environment Variables

export SDE_HOST="https://your-sdelements-instance.com" export SDE_API_KEY="your-api-key-here"

Option 2: .env File

Create a .env file in your working directory:

SDE_HOST=https://your-sdelements-instance.com SDE_API_KEY=your-api-key-here

Getting Your API Key

Log into your SD Elements instance
Go to Settings > API Tokens
Generate a new API token
Copy the token value for use as SDE_API_KEY

MCP Client Configuration

Claude Desktop

Add this to your Claude Desktop configuration file:

Option 1: From GitHub (Current)

{ "mcpServers": { "sde-elements": { "command": "uvx", "args": ["git+https://github.com/geoffwhittington/sde-mcp.git"], "env": { "SDE_HOST": "https://your-sdelements-instance.com", "SDE_API_KEY": "your-api-key-here" } } } }

Option 2: From PyPI (Future)

{ "mcpServers": { "sde-elements": { "command": "uvx", "args": ["sde-mcp-server"], "env": { "SDE_HOST": "https://your-sdelements-instance.com", "SDE_API_KEY": "your-api-key-here" } } } }

Cline

Add this to your Cline MCP settings:

From GitHub (Current)

Continue

Add this to your Continue configuration:

From GitHub (Current)

Cursor

Add this to your Cursor configuration file:

Option 1: From GitHub (Current)

Option 2: Using local installation

If you have the package installed locally:

{ "mcpServers": { "sde-elements": { "command": "sde-mcp-server", "env": { "SDE_HOST": "https://your-sdelements-instance.com", "SDE_API_KEY": "your-api-key-here" } } } }

Option 3: Using Python module directly

{ "mcpServers": { "sde-elements": { "command": "python", "args": ["-m", "sde_mcp_server"], "env": { "SDE_HOST": "https://your-sdelements-instance.com", "SDE_API_KEY": "your-api-key-here" } } } }

Development

Prerequisites

uv installed
Python 3.10 or higher

Setup

# Clone the repository git clone <repository-url> cd sde-mcp-server # Create virtual environment and install dependencies uv sync # Run in development mode uv run python -m sde_mcp_server

Testing Locally

Step 1: Set Up Environment Variables

Create a .env file in the project root [[memory:4265507]]:

# .env SDE_HOST=https://your-sdelements-instance.com SDE_API_KEY=your-actual-api-key-here

Or export them:

export SDE_HOST="https://your-sdelements-instance.com" export SDE_API_KEY="your-api-key-here"

Step 2: Activate Virtual Environment

# The project uses venv/ for the virtual environment source venv/bin/activate # Install dependencies if not already done uv sync

Step 3: Test Basic Imports

# Run the import test python test_import.py

Expected output:

✓ Package imported successfully ✓ API client module imported successfully ✓ Server module imported successfully ✓ Main function found ✓ Entry point function found

Step 4: Test the MCP Server

Option A: Run with environment variables

SDE_HOST=https://your-instance.com SDE_API_KEY=your-key python -m sde_mcp_server

Option B: Run with .env file

python -m sde_mcp_server

The server will start and output:

SD Elements MCP Server starting... Host: https://your-instance.com Configuration validated successfully

Step 5: Test with MCP Inspector (Recommended)

The MCP Inspector is the best tool for local testing:

# Install MCP Inspector npx @modelcontextprotocol/inspector python -m sde_mcp_server

This opens a web interface where you can:

See all available tools
Test individual tools with parameters
View responses in real-time
Debug issues

Step 6: Test in Cursor

This project includes workspace-specific MCP configuration!

Add your credentials to
# Edit .cursor/mcp.json and replace the placeholder values: nano .cursor/mcp.json
Replace:
- SDE_HOST: https://your-sdelements-instance.com → your actual SD Elements URL
- SDE_API_KEY: your-api-key-here → your actual API key
Reload Cursor window (Cmd/Ctrl+Shift+P → "Developer: Reload Window")
Test with natural language:
"List all projects in SD Elements" "Get the survey for project 123" "Test the SD Elements connection"

Note: .cursor/mcp.json is gitignored to protect your credentials. A template is available at .cursor/mcp.json.example.

If Cursor doesn't auto-detect, you can add to global config at ~/.cursor/mcp.json:

{ "mcpServers": { "sde-elements": { "command": "python3", "args": ["-m", "sde_mcp_server"], "cwd": "/home/geoff/projects/sde-mcp", "env": { "PYTHONPATH": "/home/geoff/projects/sde-mcp/venv/lib/python3.10/site-packages" } } } }

Step 7: Test Specific Features

Test Survey Management:

# In Cursor or MCP Inspector "What are the current survey answers for project 1?" "Add Python to project 1's survey"

Test Repository Scanning:

"List my scan connections" "Scan https://github.com/org/repo for project 1"

Test Diagrams:

"List diagrams for project 1" "Create a diagram from description: Web app with database"

Debugging

Enable verbose logging:

# Add to your code temporarily import logging logging.basicConfig(level=logging.DEBUG)

Check API connectivity:

from sde_mcp_server.api_client import SDElementsAPIClient client = SDElementsAPIClient( host="https://your-instance.com", api_key="your-key" ) # Test connection if client.test_connection(): print("✓ Connected to SD Elements") else: print("✗ Connection failed")

Common issues:

"Configuration error": Check SDE_HOST and SDE_API_KEY are set
"Authentication failed": Verify your API key is valid
"Connection error": Check network access to SD Elements instance
Module import errors: Ensure virtual environment is activated

Building

# Build the package uv build # Install locally for testing uv pip install dist/*.whl # Test the installed package sde-mcp-server

Key Features & Use Cases

1. Project & Application Management

Create and manage projects:

"Create a new project called 'Mobile Banking App' in application 456" "Update project 123's description to 'Customer-facing mobile banking application'" "List all projects and show their status" "Delete project 789"

Manage applications:

"Create an application called 'Customer Portal'" "List all applications" "Update application 456's description" "Get details for application 123"

2. Natural Language Survey Management

Set surveys using plain English instead of answer IDs:

"Set the survey for project 123 to: Python, Django, PostgreSQL, AWS, Docker"

Add/remove specific technologies:

"Add Redis and Kubernetes to project 123" "Remove Java from the survey" "Replace MySQL with PostgreSQL"

Query current configuration:

"What answers are in the survey for project 123?" "Show me the current survey answers" "Show the survey answers grouped by section"

Commit survey changes:

"Commit the survey draft for project 123"

No need to know answer IDs - just use technology names like "Java", "Python", "AWS", etc.

3. Automated Repository Scanning

Scan repositories to auto-populate surveys:

"Scan https://github.com/myorg/api-service for project 123"

The system will:

Detect programming languages, frameworks, databases
Identify cloud technologies and dependencies
Automatically update the project survey
Lock the project during scan for data integrity

Check scan progress:

"Is my scan complete?" "What did the repository scan detect?" "Show scan status for project 123" "List all scans" "List available repository connections"

4. Threat Model Diagrams

Manage diagrams:

"List all diagrams for project 123" "Get diagram 456" "Create a new diagram for project 123" "Update diagram 456 with new data" "Delete diagram 789"

Note: The Project Diagrams feature must be enabled on your SD Elements instance. Contact your Customer Success Manager to enable this feature.

5. Countermeasure Management

Track and manage security countermeasures:

"List all countermeasures for project 123" "Show open countermeasures for project 123" "Get details for countermeasure 456" "Update countermeasure 456 status to complete" "Add notes to countermeasure 789"

6. Advanced Reporting

Work with reports:

"List all available reports" "Run report 123 in JSON format" "Get report 456 configuration" "Create a report showing all projects with their countermeasure status"

Execute custom Cube queries:

"Execute a Cube query to analyze security trends" "Run a custom query on the countermeasure schema"

Use the Advanced Reports and Cube API to generate custom analytics and insights from your SD Elements data.

7. User & Team Management

Manage users and teams:

"List all active users" "Get details for user 123" "Who am I? (get current authenticated user)" "List all business units" "Get business unit 456 details"

8. Connection Testing & Generic API Access

Test API connectivity:

"Test the connection to SD Elements" "Verify my API credentials"

Make custom API requests:

"Make a GET request to endpoint projects/123/" "Call the custom API endpoint with specific parameters"

Features

Natural Language Control: Manage SD Elements using plain English
Full API Coverage: Supports all major SD Elements API endpoints
Authentication: Secure API key-based authentication
Error Handling: Comprehensive error handling and validation
Environment Configuration: Flexible configuration via environment variables
Modern Python: Built with modern Python packaging (uv, pyproject.toml)
MCP Compliant: Fully compatible with the Model Context Protocol

Complete Example Workflows

Project Setup Workflow

# Create application and project "Create an application called 'E-Commerce Platform'" → AI: "Created application (ID: 456)" "Create a project called 'Payment Service' in application 456" → AI: "Created project (ID: 789)" # Set up initial survey "Set the survey for project 789 to: Python, FastAPI, PostgreSQL, Redis, AWS, Docker" → AI: "Survey updated with 6 answers" # Verify setup "List all projects and show their details" → AI: Shows all projects including the new one "Get details for project 789" → AI: Shows full project details including survey configuration

Survey Management Workflow

# Check current state "What's in the survey for project 123?" → AI: "Currently has: Java, MySQL, Tomcat, On-Premise" # Make changes "Replace Java with Python, MySQL with PostgreSQL, and Tomcat with Docker" → AI: "Updated survey. Removed: Java, MySQL, Tomcat. Added: Python, PostgreSQL, Docker" # Add new technology "Add Redis for caching" → AI: "Added Redis. Total answers: 5" # View detailed survey "Show me the survey answers grouped by section" → AI: Shows answers organized by survey sections (Architecture, Technologies, etc.) # Commit changes "Commit the survey draft for project 123" → AI: "Survey draft committed successfully"

Repository Scanning Workflow

# First time setup (one-time) "List my scan connections" → AI: "Found 1 connection: GitHub (ID: 1)" # Scan repositories (anytime) "Scan https://github.com/company/api-service for project 456" → AI: "Scan started (ID: 789). Analyzing repository..." # Check progress "What's the status of scan 789?" → AI: "Scan complete! Detected: Python, FastAPI, PostgreSQL, Docker, AWS" # List all scans "List all scans for project 456" → AI: Shows scan history with status and results # Survey is now auto-populated "Show me the survey" → AI: "Survey has 15 answers based on repository scan"

Diagram Management Workflow

# List diagrams "List all diagrams for project 123" → AI: Shows all diagrams with names and IDs # View diagram "Get diagram 456" → AI: Returns full diagram data # Create diagram "Create a new diagram called 'System Architecture' for project 123" → AI: "Diagram created successfully" # Update diagram "Update diagram 456 with new data" → AI: "Diagram updated successfully" # Delete diagram "Delete diagram 789" → AI: "Diagram deleted successfully"

Note: Diagrams must be created/edited through the SD Elements UI or API with proper JSON schema. The feature requires CSM enablement.

Countermeasure Management Workflow

# View countermeasures "List all countermeasures for project 123" → AI: Shows all countermeasures with status "Show only open countermeasures for project 123" → AI: Filters to show incomplete countermeasures # Update countermeasure "Get details for countermeasure 456" → AI: Shows full countermeasure details "Update countermeasure 456 status to completed" → AI: "Countermeasure marked as completed" "Add a note to countermeasure 456: Implemented OAuth 2.0 with JWT tokens" → AI: "Note added successfully"

Reporting Workflow

# List and run reports "List all available reports" → AI: Shows existing reports "Run report 123 in JSON format" → AI: Executes report and returns JSON data "Get report 456 configuration" → AI: Shows report query structure and parameters # Create custom reports "Create a report showing all projects with their security status" → AI: Creates custom report with specified parameters # Execute Cube queries "Execute a Cube query on the countermeasure schema" → AI: Runs query and returns results

User & Team Management Workflow

# User management "List all active users" → AI: Shows list of active users "Who am I?" → AI: "You are: John Doe (john.doe@company.com), Role: Admin" "Get details for user 123" → AI: Shows user profile and permissions # Business units "List all business units" → AI: Shows organizational structure "Get business unit 456 details" → AI: Shows business unit info with associated applications

Full Project Lifecycle Example

# 1. Initial Setup "Create application 'Banking Services'" "Create project 'Mobile App' in application 123" # 2. Configure via repository scan "Scan https://github.com/company/mobile-app for project 456" "Wait for scan to complete and commit survey" # 3. Manage diagrams (if enabled) "List diagrams for project 456" "Create a new diagram for the project" # 4. Track security work "List all countermeasures for project 456" "Update high-priority countermeasures" # 5. Monitor progress "Generate a security status report for project 456" "Show countermeasure completion trends" # 6. Make updates "Add Kubernetes to the survey" "Update project components" # 7. Create reports "Create a report showing security status for all projects" "Run report 123 to analyze countermeasure trends"

API Coverage

This server provides comprehensive access to SD Elements functionality:

Core Resources

Projects: Full CRUD (Create, Read, Update, Delete) operations
Applications: Create, list, view, and update applications
Business Units: List and view organizational structure

Security Management

Countermeasures: List, view, update status, and add notes
Project Surveys: Full survey management with natural language support
- Set answers using technology names (no ID lookup needed)
- Add/remove specific answers incrementally
- View current configuration in multiple formats
- Commit survey drafts
- Auto-resolve dependencies

Automation & Integration

Repository Scanning: Automated technology detection
- GitHub and GitLab integration
- Automatic survey population
- Scan status tracking
- Historical scan management
Threat Model Diagrams: Complete diagram lifecycle (requires CSM enablement)
- Full CRUD operations
- List, view, create, update, and delete diagrams
- Work with diagram data via API

Analytics & Reporting

Advanced Reports: Flexible reporting and analytics
- List available reports
- Execute existing reports (JSON/CSV output)
- Create custom reports with Cube API
- Execute Cube queries directly for advanced analytics

User & Team Management

Users: List users, view profiles, get current user
Authentication: Test API connectivity and credentials

Advanced Features

Generic API Access: Make custom API calls to any SD Elements endpoint
Flexible Configuration: Environment-based setup with .env support
Natural Language Interface: Control everything through plain English commands

License

This project is licensed under the MIT License - see the LICENSE file for details.

Contributing

Fork the repository
Create a feature branch (git checkout -b feature/amazing-feature)
Commit your changes (git commit -m 'Add some amazing feature')
Push to the branch (git push origin feature/amazing-feature)
Open a Pull Request

Support

For issues and questions:

Check the Issues page
Review the SD Elements API documentation
Ensure your API key has proper permissions

Note: This is an unofficial MCP server for SD Elements. For official SD Elements support, please contact Security Compass.

Deploy Server

HTTP connection URL

security – no known vulnerabilities

license - permissive license

quality - confirmed to work

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Tools

View all tools

A Model Context Protocol server that provides SD Elements API integration, enabling LLMs to interact with SD Elements security development lifecycle platform.

Related Resources

Reddit Discussion about this server

Related MCP Servers

MongoDB
kiliczsh
A
security
A
license
A
quality
A Model Context Protocol server that provides access to MongoDB databases. This server enables LLMs to inspect collection schemas and execute read-only queries.
Last updated -
8
292
264
MIT License
MCP Salesforce Connector
smn2gnt
A
security
A
license
A
quality
A Model Context Protocol server that enables LLMs to interact with Salesforce data through SOQL queries, SOSL searches, and various API operations including record management.
Last updated -
10
140
MIT License
Example MCP SSE Server
keepview
-
security
F
license
-
quality
A Model Context Protocol server that enables real-time communication using Server-Sent Events (SSE), providing standardized model management and resource templating capabilities.
Last updated -
Swagger/OpenAPI MCP Server
gulbaki
A
security
F
license
A
quality
A Model Context Protocol server that enables LLMs to explore and interact with API specifications by providing tools for loading, browsing, and getting detailed information about API endpoints.
Last updated -
4
10
13

View all related MCP servers

Appeared in Searches

A server that scans projects for security vulnerabilities and recommends fixes