security-orchestra
OfficialClick on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@security-orchestraSize generator for 500 kW data center load with N+1 redundancy."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Security Orchestra
50+ specialized AI agents & 8 compound chains for data center critical power infrastructure.
Installation
Claude Desktop (hosted)
Add to your claude_desktop_config.json:
{
"mcpServers": {
"security-orchestra": {
"url": "https://security-orchestra-orchestrator.onrender.com",
"transport": "sse"
}
}
}Claude Code (CLI)
claude mcp add security-orchestra https://security-orchestra-orchestrator.onrender.com --transport ssenpx (Smithery)
npx -y @smithery/cli@latest mcp add robotfleet-hq/security-orchestraInstall via Smithery.
Restart your MCP client. All tools are immediately available.
Related MCP server: CalcsLive MCP Server
What It Does
Security Orchestra provides deterministic, standards-based calculations for every phase of data center infrastructure — from site selection to commissioning. Every agent returns structured JSON with citations to applicable codes (NEC, NFPA, IEEE, ASHRAE, Uptime Institute).
Tool Categories
Category | Agents | Standards |
Generator Sizing |
| NEC, NFPA 110, NFPA 30 |
NFPA 110 Compliance |
| NFPA 110 Level 1 & Level 2 |
UPS / ATS Sizing |
| IEEE 485, IEEE 1184, NEC 700/701/702 |
PUE & Efficiency |
| ASHRAE TC 9.9 |
Cooling Load |
| ASHRAE |
ROI / TCO |
| — |
Tier Certification |
| Uptime Institute Tier I-IV |
Utility Interconnect |
| Utility-specific |
Network Design |
| — |
Physical Security |
| NIST CSF, SOC 2, ISO 27001 |
Site & Construction |
| NEPA, local codes |
Sustainability |
| GHG Protocol, IRA |
Operations |
| NFPA, OEM specs |
Compound Chains (8)
Chains run multiple agents sequentially and return a combined result:
Chain | Pipeline |
| Generator > NFPA 110 > UPS > ROI |
| UPS > ATS > Generator > Fuel Storage > NFPA 110 |
| Site Scoring > Tier Cert > Utility Interconnect > Compliance |
| Site Scoring > Tier Cert > Utility > Permits > Cost > Timeline |
| PUE > Cooling Load > TCO Analyzer |
| Cooling > Chiller > CRAC vs CRAH > Airflow > Economizer |
| NC Utility Interconnect > Generator > NFPA 110 > UPS |
| Carbon > Solar > Battery > Energy Procurement > Environmental |
Supported Protocols
Security Orchestra exposes every tool across six agent-communication protocols:
Protocol | Status | Endpoint | Use Case |
MCP (Model Context Protocol) | Live | SSE: | Claude Desktop, Claude Code, Cursor, any MCP client |
A2A (Agent2Agent) | Live |
| Google agent-to-agent discovery and task delegation |
OpenAI Agents SDK | Live |
| OpenAI-compatible tool-call format |
AG-UI | Live |
| CopilotKit streaming agent UI |
ACP (Agent Communication Protocol) | Live |
| IBM BeeAI agent communication |
AGNTCY / OASF | Live | Per-agent ACP endpoints + OASF manifests | Cisco AGNTCY interoperability |
Live Endpoints
URL | |
MCP (SSE) |
|
Agent Card (A2A) |
|
A2A Tasks |
|
Health |
|
Landing Page | |
Smithery |
Response Contract
Every tool call returns a CanonicalResponse — same shape regardless of protocol:
{
"agent_id": "generator_sizing",
"agent_version": "1.0",
"protocol_version": "1.0",
"execution_context": "deterministic_calc",
"status": "success",
"result": { /* structured data */ },
"data_freshness": {
"validated_at": "2026-03-28",
"standards_ref": ["NFPA 110:2022"],
"stale_risk": "medium"
},
"a2a": {
"task_id": "uuid-v4",
"input_tokens_used": 0,
"credits_consumed": 5,
"callable_by": ["google-a2a", "openai-agents", "ag-ui", "acp", "agntcy"]
}
}Latency
All 50+ individual agents are deterministic TypeScript calculations — no LLM calls, no external I/O.
Context | Description | Latency |
| All 50+ individual agents | < 100 ms |
| All 8 compound chains | 0.5-5 s |
| Cached result | < 10 ms |
All 50+ Agents
Power & Electrical
Agent | What it does |
| Size generators for data center loads with NEC/NFPA compliance |
| Size UPS systems per IEEE 485/1184 — VRLA or Li-ion, N/N+1/2N configs |
| Size automatic transfer switches per NEC 700/701/702 |
| Design diesel fuel storage per NFPA 30 — tanks, containment, SPCC |
| Validate emergency generator compliance per NFPA 110 |
| Analyze THD in power distribution per IEEE 519 |
| Calculate voltage drop per NEC 210.19 |
| Analyze rack power density and PDU sizing per NEC 645 |
| Design BESS for backup, peak shaving, demand response |
| Model utility demand response program participation |
Cooling & Mechanical
Agent | What it does |
| Calculate cooling load per ASHRAE TC 9.9 |
| Calculate PUE with optimization recommendations |
| Size water-cooled and air-cooled chillers |
| Compare CRAC vs CRAH — cost, efficiency, constraints |
| Model hot/cold aisle containment and CFM requirements |
| Analyze free-cooling potential by climate zone |
| Design humidification systems per ASHRAE A1 envelope |
Network & Connectivity
Agent | What it does |
| Design spine-leaf network topology |
| Size north-south and east-west bandwidth |
| Design DNS — authoritative, recursive, anycast, DNSSEC |
| Plan IP addressing and VLAN architecture |
| Design BGP peering and route reflector architecture |
| Analyze fiber routes and carrier diversity |
| Calculate propagation latency by medium and hop count |
Site & Construction
Agent | What it does |
| Score candidate sites across power, connectivity, risk, cost |
| Estimate $/MW construction costs with regional factors |
| Phase-by-phase schedule with regulatory modifiers |
| Model permitting timelines across jurisdictions |
| Assess NOx/PM2.5/CO2 emissions per EPA AP-42 |
| Assess water supply, stress risk, and recycled water options |
| Analyze generator noise vs local ordinances |
| Find federal/state incentives, IRA credits, utility rebates |
Utility & Interconnect
Agent | What it does |
| Analyze utility interconnect for 9 major US utilities |
| North Carolina-specific utility interconnect analysis |
| Evaluate PPA, direct access, and retail energy strategies |
| Analyze on-site solar PV — capacity, IRA credits, payback |
| Calculate Scope 1/2/3 emissions per GHG Protocol |
Compliance & Certification
Agent | What it does |
| Validate against Uptime Institute Tier I-IV standards |
| Assess tier certification readiness with gap analysis |
| Check SOC 2, ISO 27001, NIST CSF, PCI DSS, FedRAMP |
Physical Security
Agent | What it does |
| Design layered physical security per Uptime tier standards |
| Design biometric access control — FAR/FRR, throughput |
| Calculate CCTV coverage, storage, and retention |
| Map controls to NIST CSF and CIS benchmarks |
Financial & Operations
Agent | What it does |
| Calculate NPV, IRR, payback using DCF analysis |
| Analyze total cost of ownership over facility life |
| Model SLA availability against tier benchmarks |
| Forecast capacity runway and expansion triggers |
| Build annual PM schedules per NFPA and OEM specs |
| Design change management process per tier class |
| Generate commissioning plans per ASHRAE Guideline 1.2 |
| Design clean agent fire suppression per NFPA 2001/75 |
Architecture
+------------------------------------------------------+
| MCP Client (Claude Desktop / Claude Code / Cursor) |
+-------------------------+----------------------------+
| SSE (MCP protocol)
v
+------------------------------------------------------+
| orchestrator/ (Node.js on Render) |
| |
| Auth > Rate Limit > Validation > Credit Gate > Run |
| |
| 50+ agents & 8 chains |
| Protocols: MCP, A2A, OpenAI, AG-UI, ACP, AGNTCY |
+----------+----------------------------+--------------+
| HTTP (credit check/deduct) | write
v v
+--------------------+ +--------------------+
| billing-api/ | | audit.db |
| (Express HTTP) | | (SQLite) |
| Stripe webhooks | +--------------------+
+--------------------+Pricing
Tier | Monthly | Credits | Rate Limit |
Free | $0 | 100 | 10/min |
Starter | $29 | 500 | 60/min |
Pro | $99 | 2,000 | 300/min |
Enterprise | $499 | 10,000 | 1,000/min |
Get a free API key: Sign up
Self-Hosting
Prerequisites
Node.js 18+
npm 9+
Install & Run
git clone https://github.com/RobotFleet-HQ/security-orchestra
cd security-orchestra
# Build
cd orchestrator && npm install && npm run build && cd ..
cd billing-api && npm install && npm run build && cd ..
# Configure
cd orchestrator && cp .env.example .env
npm run generate-key myuser free # generates sk_live_... key
# Run
cd orchestrator && npm start # Terminal 1
cd billing-api && npm start # Terminal 2Connect Claude Desktop (self-hosted)
{
"mcpServers": {
"security-orchestra": {
"command": "node",
"args": ["/path/to/security-orchestra/orchestrator/dist/index.js"],
"env": {
"ORCHESTRATOR_API_KEY": "sk_live_your_key",
"BILLING_API_URL": "http://localhost:3001"
}
}
}
}Repository Structure
security-orchestra/
├── orchestrator/ # MCP server — 50+ agents & 8 chains
│ └── src/
│ ├── index.ts # Entry point, tool registry
│ ├── auth.ts # API key auth
│ ├── rateLimit.ts # Sliding-window rate limiter
│ ├── validation.ts # Input sanitization
│ ├── billing.ts # Credit check/deduct
│ ├── canonical.ts # CanonicalResponse shape
│ └── audit.ts # Audit log
├── billing-api/ # HTTP API — users, credits, Stripe
├── [agent]-agent/ # 50+ individual agent modules
├── smithery.yaml # Smithery registry config
├── mcp.json # MCP registry manifest
└── LICENSE # MITSecurity
API key authentication on all tool calls
Input validation and sanitization on every request
Sliding-window rate limiting per key and tier
Audit logging of all tool invocations
No LLM calls in individual agents — deterministic calculations only
Credit-gated access prevents abuse
License
MIT — RobotFleet HQ
This server cannot be installed
Maintenance
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/RobotFleet-HQ/security-orchestra'
If you have feedback or need assistance with the MCP directory API, please join our Discord server