RAD Security

Instructions

Implementation Reference

• src/operations/findings.ts:51-94 (handler)

  The core handler function implementing the logic for listing security findings. It constructs filter parameters and queries the RAD Security API's unified_findings/groups endpoint.
  export async function listFindings( client: RadSecurityClient, limit: number = 20, types?: string[], severities?: string[], source_types?: string[], source_kinds?: string[], source_names?: string[], source_namespaces?: string[], status: string = "open", from_time: string = "now-7d", to_time?: string ): Promise<any> { const filterParam = makeFilter({ type: types, severity: severities, source_type: source_types, source_kind: source_kinds, source_name: source_names, source_namespace: source_namespaces, status: status, }); const params: Record<string, any> = { limit, filters: filterParam, from: from_time, }; if (to_time) { params.to = to_time; } const response = await client.makeRequest( `/accounts/${client.getAccountId()}/unified_findings/groups`, params ); return { size: response.length, entries: response, has_more: response.length === limit, }; }
• src/operations/findings.ts:11-22 (schema)

  Zod input schema defining parameters for filtering and paginating security findings, used by the tool.
  export const listFindingsSchema = z.object({ limit: z.number().optional().default(20).describe("Number of findings to return"), types: z.array(z.enum(types)).optional().describe("List of finding types to filter by"), severities: z.array(z.enum(severities)).optional().describe("List of severity levels to filter by"), source_kinds: z.array(z.string()).optional().describe("List of source kinds to filter by. i.e. Deployment,Pod,Container,Node,etc."), source_types: z.array(z.enum(source_types)).optional().describe("List of source types to filter by"), source_names: z.array(z.string()).optional().describe("List of source names to filter by"), source_namespaces: z.array(z.string()).optional().describe("List of source namespaces to filter by"), status: z.enum(statuses).optional().default("open").describe("Status of the findings to filter by"), from_time: z.string().optional().default("now-7d").describe("From time in RFC3339 or relative format, i.e. now-7d"), to_time: z.string().optional().describe("To time in RFC3339 or relative format, i.e. now-7d"), });
• src/index.ts:426-429 (registration)

  Tool registration in the MCP server's ListToolsRequest handler, defining the tool name, description, and input schema.
  name: "list_security_findings", description: "List security findings with optional filtering by types, severities, sources, and status", inputSchema: zodToJsonSchema(findings.listFindingsSchema),
• src/index.ts:1242-1264 (registration)

  Dispatch registration in the MCP server's CallToolRequest handler that validates input with the schema and invokes the listFindings handler function.
  case "list_security_findings": { const args = findings.listFindingsSchema.parse( request.params.arguments ); const response = await findings.listFindings( client, args.limit, args.types, args.severities, args.source_types, args.source_kinds, args.source_names, args.source_namespaces, args.status, args.from_time, args.to_time ); return { content: [ { type: "text", text: JSON.stringify(response, null, 2) }, ], }; }
• src/operations/findings.ts:30-48 (helper)

  Utility function used by the handler to build comma-separated filter strings from array or single value parameters.
  function makeFilter(filterObj: Record<string, string | string[] | undefined>): string { const filters: string[] = []; for (const [key, value] of Object.entries(filterObj)) { if (!value) continue; if (Array.isArray(value)) { for (const item of value) { if (item) { filters.push(`${key}:${item}`); } } } else { filters.push(`${key}:${value}`); } } return filters.join(","); }