Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| TRANSPORT_TYPE | No | Transport type for Docker container deployment (streamable or sse) | streamable |
| EXCLUDE_TOOLKITS | No | Comma-separated list of toolkits to exclude (all except these will be enabled). Note: If INCLUDE_TOOLKITS is set, EXCLUDE_TOOLKITS is ignored | |
| INCLUDE_TOOLKITS | No | Comma-separated list of toolkits to include (only these will be enabled). Available toolkits: containers, clusters, identities, audit, cloud_inventory, images, kubeobject, misconfigs, runtime, runtime_network, threats, findings, cves, inbox, workflows | |
| RAD_SECURITY_ACCOUNT_ID | No | Your RAD Security account ID | |
| RAD_SECURITY_SECRET_KEY | No | Your RAD Security secret key | |
| RAD_SECURITY_ACCESS_KEY_ID | No | Your RAD Security access key ID |
Schema
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| list_containers | List containers secured by RAD Security with optional filtering by image name, image digest, namespace, cluster_id, or free text search |
| get_container_details | Get detailed information about a container secured by RAD Security |
| list_clusters | List Kubernetes clusters managed by RAD Security |
| get_cluster_details | Get detailed information about a specific Kubernetes cluster managed by RAD Security |
| list_identities | Get list of identities for a specific Kubernetes cluster |
| get_identity_details | Get detailed information about a specific identity in a Kubernetes cluster |
| who_shelled_into_pod | Get users who shelled into a pod with the given name and namespace around the given time |
| list_cloud_resources | List cloud resources for a specific provider with optional filtering |
| get_cloud_resource_details | Get detailed information about a specific cloud resource |
| get_cloud_resource_facets | Get available facets for filtering cloud resources from a provider |
| get_cloud_resource_facet_value | Get values for a specific facet from a cloud provider |
| list_images | List container images with optional filtering by page, page size, sort, and search query |
| list_image_vulnerabilities | List vulnerabilities in a container image with optional filtering by severity |
| get_top_vulnerable_images | Get the most vulnerable images from your account |
| get_image_sbom | Get the SBOM of a container image |
| get_k8s_resource_details | Get the latest manifest of a Kubernetes resource |
| list_k8s_resources | List Kubernetes resources with optional filtering by namespace, resource types, and cluster |
| list_k8s_resource_misconfigs | Get manifest misconfigurations for a Kubernetes resource |
| get_k8s_resource_misconfig | Get detailed information about a specific Kubernetes resource misconfiguration |
| list_k8s_resource_misconfig_policies | List available misconfiguration policies used by RAD Security to detect Kubernetes resource misconfigurations |
| get_containers_process_trees | Get process trees for multiple containers |
| get_containers_baselines | Get runtime baselines for multiple containers |
| get_container_llm_analysis | Get LLM analysis of a container's process tree |
| list_http_requests | List HTTP requests insights with optional filtering by method, path, source and destination workloads, and PII detection |
| list_network_connections | List network connections with optional filtering |
| list_network_connection_srcs | List network connection sources with optional filtering by source and destination workloads |
| list_threat_vectors | List threat vectors |
| list_security_findings | List security findings with optional filtering by types, severities, sources, and status |
| update_security_finding_status | Update the status of a security finding |
| list_cve_vendors | Get a list of all vendors in the CVE database. Source: cve-search.org |
| list_cve_products | Get a list of all products associated with a vendor in the CVE database. Source: cve-search.org |
| search_cves | Search CVEs by vendor and optionally product. Source: cve-search.org |
| get_cve | Get details for a specific CVE ID. Source: cve-search.org |
| get_latest_30_cves | Get the latest/newest 30 CVEs including CAPEC, CWE and CPE expansions. Source: cve-search.org |
| mark_inbox_item_as_false_positive | Mark an inbox item as a false positive with a reason |
| list_inbox_items | List inbox items with optional filtering by any field. Multiple filters can be combined eg. 'search:cve-2024-12345 and severity:high' |
| get_inbox_item_details | Get detailed information about a specific inbox item |