Which integrations are available for this server?

Enables searching, validating, and executing Atomic Red Team tests via Google AI Studio or Gemini.

How do I use Atomic Red Team MCP?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Atomic Red Team MCP list atomic tests for T1059.002" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Atomic Red Team MCP

by cyberbuff

Overview Schema Related Servers Score Discussions

Python

Remote

Atomic Red Team MCP Server

An MCP (Model Context Protocol) server that provides access to Atomic Red Team tests.

Available Tools and Resources

The server provides the following MCP tools:

query_atomics - Search atomics by technique ID, name, description, or platform
refresh_atomics - Download latest atomics from GitHub
validate_atomic - Validate atomic test YAML
get_validation_schema - Get the atomic test schema
execute_atomic - Execute atomic tests (requires ART_EXECUTION_ENABLED=true)

And resources:

file://documents/{technique_id} - Read atomic test files by technique ID

Usage Examples

"Search mshta atomics for windows"
"Show me all the atomic tests for T1059.002"
"Find all the applescript atomics for macOS"
"Validate this atomic test YAML "

Installation

The Atomic Red Team MCP server can be installed in various development tools and AI assistants. Choose your platform below for detailed installation instructions:

Quick Start

Recommended: Using uvx

uvx atomic-red-team-mcp

Using Docker

docker run --rm -i ghcr.io/cyberbuff/atomic-red-team-mcp:latest

Platform-Specific Guides

VSCode - Installation guide for VSCode
Claude Desktop & Claude Code - Installation guide for Anthropic's Claude Desktop app and Claude Code CLI
Cursor - Installation guide for Cursor IDE
Windsurf - Installation guide for Windsurf editor
Google AI Studio / Gemini - Installation guide for Google's AI tools
Other Tools - Cline, Zed, and generic MCP clients

Installation Methods

Each platform supports multiple installation methods:

uvx (Recommended) - Easiest setup, automatic updates
Docker - Isolated environment, consistent across systems
Remote Server ⚠️ - Hosted on Railway (free tier, may have limits)

Configuration

Environment Variables

Check the .env.example file for a list of environment variables and their default values.

Server Configuration

ART_MCP_TRANSPORT - Transport protocol (stdio, sse, streamable-http)
ART_MCP_HOST - Server host address (default: 0.0.0.0)
ART_MCP_PORT - Server port number (default: 8000)

Repository Configuration

ART_GITHUB_URL - GitHub URL for atomics repository (default: https://github.com)
ART_GITHUB_USER - GitHub user/org (default: redcanaryco)
ART_GITHUB_REPO - Repository name (default: atomic-red-team)
ART_DATA_DIR - Local directory path where atomic test files are stored (default: ./atomics)

Security Configuration

ART_EXECUTION_ENABLED - Enable the execute_atomic tool (default: false). Set to true, 1, or yes to enable. ⚠️ WARNING: Only enable in controlled environments as this allows executing potentially dangerous security tests.
Enable Authentication if you are hosting a remote MCP server

Authentication Configuration

ART_AUTH_TOKEN - Static bearer token for authentication (optional, authentication disabled if not set)
ART_AUTH_CLIENT_ID - Client identifier for authenticated requests (default: authorized-client)

Enabling Atomic Test Execution

By default, the execute_atomic tool is disabled for safety reasons. To enable it:

# Using uvx
ART_EXECUTION_ENABLED=true uvx atomic-red-team-mcp

⚠️ Security Warning: Only enable atomic test execution in controlled, isolated environments (like test VMs or sandboxes). These tests can modify system state, create files, execute commands, and perform actions that may be flagged as malicious by security tools.

Authentication

The server supports static token authentication for securing access to the MCP tools and resources. When enabled, clients must include a bearer token in the Authorization header:

Authorization: Bearer <your-token>

To enable authentication:

Set the ART_AUTH_TOKEN environment variable:

export ART_AUTH_TOKEN="your-secure-token-here"

Start the server (authentication is automatically enabled)

Clients authenticate by including the token in requests:

curl -H "Authorization: Bearer your-secure-token-here" http://localhost:8000

Security Notes:

Authentication is disabled by default (no token required)
When ART_AUTH_TOKEN is set, all requests must include a valid bearer token
Use strong, randomly generated tokens in production
Never commit tokens to version control
For development/testing, use a simple token. For production, use a cryptographically secure token

Example with Docker:

docker run --rm -i \
  -e ART_AUTH_TOKEN="my-secure-token" \
  -e ART_AUTH_CLIENT_ID="my-client" \
  ghcr.io/cyberbuff/atomic-red-team-mcp:latest

Built With

This server cannot be installed

license - permissive license

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

3wRelease cycle

11Releases (12mo)

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/cyberbuff/atomic-red-team-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server