Skip to main content
Glama
SECRET4422

GuardRail MCP v2.0 (Enterprise)

by SECRET4422

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
GUARDRAIL_ENTERPRISENoSet to '1' to enable enterprise features (RBAC, policy packs, audit logs, etc.)
GUARDRAIL_HTTP_API_KEYNoAPI key required when running in HTTP mode for authentication
GUARDRAIL_ENTERPRISE_CONFIGNoPath to the enterprise configuration JSON file

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": false
}

Tools

Functions exposed to the LLM to take actions

NameDescription
audit_code_safetyA

Hybrid multi-engine scan: secrets regex, Python AST + advanced multi-hop taint, tree-sitter structural sinks, language grids, custom rules/plugins. Returns redacted issues, engines used, risk score, security_verdict.

audit_cloud_costC

Rough AWS/GCP monthly SKU catalog estimate from IaC text.

audit_infra_securityC

IaC misconfigs + budget gate on estimated monthly burn.

scan_repositoryB

Parallel recursive repo scan with optional incremental cache.

scan_git_diffB

Scan only files changed in a git range (PR/diff) or staged changes.

scan_dependenciesC

Dependency inventory + optional OSV CVE query.

export_sarifC

Convert issues to SARIF 2.1.0 JSON.

generate_sbomC

Generate CycloneDX and/or SPDX SBOM JSON.

suggest_fixesC

Template or LLM-assisted fix drafts for findings (never auto-applied).

audit_container_configD

Dockerfile / Kubernetes security heuristics.

full_pipelineD

Repo/diff scan + deps + fixes + SARIF + SBOM.

list_pluginsA

List loaded plugins and custom rule counts.

engine_statusB

Report hybrid engine capabilities (tree-sitter langs, plugins, etc.).

security_scoreC

Compute security score/grade from an issues list and optionally record history.

scan_historyC

Return recent dashboard scan history from local SQLite.

enterprise_healthC

Enterprise health, metrics, and non-secret config status.

enterprise_policy_statusB

Show active policy pack and gate thresholds for the caller tenant.

evaluate_policyC

Run policy pack evaluation against a prior scan result object.

compliance_reportC

Generate a lightweight compliance evidence report for auditors.

list_audit_eventsC

List recent in-memory audit events (operator+).

issue_access_tokenC

Issue a short-lived JWT (admin). Requires GUARDRAIL_JWT_SECRET.

reload_enterprise_configC

Reload enterprise YAML/JSON from disk (admin).

manage_tenantC

Inspect or update in-memory tenant quota counters (admin).

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/SECRET4422/guardrail-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server