Latent Defense MCP Server
OfficialAllows mapping GitHub repositories into an infrastructure graph for attack path analysis and security triage.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Latent Defense MCP ServerMap all repositories in our GitHub org"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Latent Defense MCP Server
MCP server that connects Claude Code to your Latent Defense deployment. Map GitHub repositories into an infrastructure graph, discover attack paths with the JEPA energy model, and triage findings — all from your terminal.
Quick start
# 1. Install
pip install git+https://github.com/latent-defense/mcp-server-public.git
# 2. Scaffold config and skills into your project
cd your-project
latent-defense-mcp-init
# 3. Edit .mcp.json — set your API key and portal URL
# 4. Start Claude Code (or restart if already running)
# 5. Type: "Map all repositories in our GitHub org"Related MCP server: Claude Code Connector MCP
Setup
Step 1 — Install the MCP server
pip install git+https://github.com/latent-defense/mcp-server-public.gitStep 2 — Get your portal URL and API key
Log in to your Latent Defense portal
Go to Settings → API Keys
Click Generate API Key — it starts with
sk_ld_Copy the key (it's only shown once)
Your portal URL is the base URL you use to access the portal (e.g. https://portal.acme.latentdefense.ai).
Step 3 — Add a GitHub PAT to the credential broker
The mapper needs a GitHub Personal Access Token to clone your repositories.
Create a GitHub PAT with
reposcope (or fine-grained with read access to your target repos)In the portal, go to Settings → Credentials
Select a profile from the dropdown (e.g.
github) or create a new oneUnder Source Code, add a GitHub PAT credential and paste your token
Click Verify All — it should show a green verified status
Remember the profile name (e.g. github) — you'll need it when mapping.
Step 4 — Configure Claude Code
Run latent-defense-mcp-init in your project directory:
latent-defense-mcp-initThis creates:
.mcp.json— MCP server configuration.claude/skills/map/— guided mapping workflow skill.claude/skills/research/— interactive JEPA inference skill
Now edit .mcp.json and replace the placeholder values:
{
"mcpServers": {
"latent-defense": {
"command": "latent-defense-mcp",
"env": {
"LATENT_DEFENSE_API_KEY": "sk_ld_your_key_here",
"LATENT_DEFENSE_URL": "https://portal.your-deployment.com"
}
}
}
}If your portal uses a self-signed certificate, add
"LATENT_DEFENSE_VERIFY_SSL": "false"to theenvblock.
If
latent-defense-mcpis not on your PATH, use the full path — runwhich latent-defense-mcpto find it.
Step 5 — Start Claude Code
Start Claude Code (or restart if already running). You should see latent-defense appear in the MCP server list. If it doesn't, check the API key and portal URL in .mcp.json.
Mapping your infrastructure
Start a mapping run
Tell Claude what to map:
Map all repositories in the acme-corp GitHub orgOr use the /map skill for a guided workflow — it will ask you for repositories, credential profile, and scope.
Claude will:
Ask which credential profile to use (the one you set up in Step 3, e.g.
github)Create the mapping run and show you the run ID
Monitor progress — you'll see agent counts and completion status
Report results when done — node count, edge count, and the repository/branch IDs
What gets mapped
The mapper clones each repository and builds a semantic graph of your infrastructure:
IaC (Terraform, CloudFormation, Helm charts) → cloud resources, networking, IAM
Kubernetes manifests → deployments, services, RBAC, network policies
CI/CD pipelines (GitHub Actions, GitLab CI) → workflows, secrets, deployment targets
Application code → HTTP endpoints, service-to-service calls, auth checks
Dockerfiles → container images, base images, exposed ports
Configuration files → environment variables, secret references, database connections
A mapping of ~50 repositories takes 15-30 minutes.
Troubleshooting mapping
Error | Cause | Fix |
"Repository not accessible without a VCS credential" | No GitHub PAT in the credential profile | Add a PAT in Settings → Credentials and verify it |
"No scope target is accessible" | Wrong credential profile name | Check the profile dropdown in Settings → Credentials for the correct name |
401 Unauthorized | Bad or expired API key | Generate a new key in Settings → API Keys |
Run stuck in | Large scope, planner is working | Normal for 50+ repos — wait for it |
Finding attack paths
Once you have a mapped graph, use the /research skill to discover attack paths.
Start a research session
Find attack paths in our infrastructureOr use /research for the guided workflow. Claude will:
Load your graph into the JEPA engine (takes 2-5 minutes for large graphs — Claude will tell you when it's ready)
Survey the attack surface — find entry points, high-value targets, credential stores
Build threat models — hypothetical attack chains targeting your infrastructure
Match against real infrastructure — the JEPA model scores each hop based on the full graph structure
Validate against compensating controls — high-energy hops indicate the model detected a security control blocking that transition
Submit confirmed paths to triage — only paths that survive validation
Understanding results
The JEPA model assigns energy scores to each hop in an attack path:
Energy | Meaning |
< 0.5 | Easy — minimal barriers, attacker can traverse freely |
0.5 - 2.0 | Medium — some controls present but traversable |
> 2.0 | Hard — significant compensating control detected (network policy, RBAC boundary, security group, etc.) |
Lower energy = easier for an attacker = higher risk.
When Claude finds a high-energy hop, it inspects the nodes on both sides to identify the specific control — a network policy, a pod security context, an RBAC binding — and names it in the analysis.
Research modes
Mode | When to use | Example prompt |
Proactive scan | Find the most dangerous paths that exist | "Find attack paths in our infrastructure" |
Detection triage | Investigate a specific CVE or alert | "Is CVE-2024-1234 exploitable in our infrastructure?" |
Query | Answer a security posture question | "Is our production database reachable from the public internet?" |
Example: full workflow
1. "Map all repositories in our GitHub org"
→ Claude creates a mapping run, monitors progress, reports results
2. "Find attack paths in our infrastructure"
→ Claude loads the graph into JEPA, surveys entry points and targets
3. Claude builds threat models and matches them:
→ "CI/CD pipeline → GitHub Actions secrets → Terraform → K8s secret → production database"
→ Path energy: -0.85 (easy traversal)
→ 3/3 nodes matched, all hops confirmed
4. Claude validates each hop:
→ "The deploy workflow writes ANTHROPIC_API_KEY to secrets.tfvars — no environment gate"
→ "K8s secret bundles 4 keys in one object — compromise of any consumer yields all"
5. Claude submits the validated path to triage with remediation guidanceSkills
This repo includes two Claude Code skills:
Skill | Command | What it does |
Map |
| Guided mapping — asks for repos, credential profile, monitors progress, reports results |
Research |
| Interactive JEPA inference — loads graph, builds threat models, matches, validates, submits paths |
Skills are installed by latent-defense-mcp-init into .claude/skills/. They guide Claude through each workflow step by step.
Environment variables
Variable | Required | Default | Description |
| Yes | — | API key from portal (starts with |
| No |
| Portal base URL |
| No |
| Set to |
Tool reference
Mapping
Tool | Description |
| Create a mapping run — accepts repos, cloud accounts, k8s clusters, domains, CIDRs, web endpoints |
| Get run status: routing → planning → running → committing → completed. Shows agent counts and progress |
| List recent mapping runs with status and trigger type |
| List agents spawned by a run (planner, modality agents) with per-agent status |
| Cancel a running or stuck mapping run |
| Trigger a scan via map-trigger (adds dedup + rate limiting — use for production scheduled scans) |
| List recent trigger events (manual scans, webhooks, scheduled) |
| Active runs, rate limiting state, failure counts |
| List cron-based recurring scan schedules |
| Manually trigger a scheduled scan now |
Infrastructure graph
Tool | Description |
| List all InfraDB repositories with node/edge counts |
| Get repository details |
| List branches in a repository (each branch is an independent graph state) |
| Get branch details — head commit, graph stats |
| Get the full materialized graph (all nodes + edges) for a branch |
| Create a new branch (fork from existing for analysis) |
| List commits on a branch (newest first) — each commit is a graph delta |
| Diff two commits — shows added/removed/modified nodes and edges |
| Full-text search for nodes in a repository |
| List raw JEPA attack paths stored on a branch (pre-triage) |
| Overall InfraDB stats — repo count, total nodes/edges, storage |
JEPA inference
Tool | Description |
| Trigger a batch JEPA inference run on a branch — discovers attack paths automatically |
| List recent inference runs |
| Get inference run status and results |
| Ingest a security detection from an external tool (scanner, SIEM) to trigger targeted inference |
| List JEPA inference schedules (cron-based recurring runs) |
| Create a recurring inference schedule (e.g. nightly on all branches) |
| Delete an inference schedule |
Triage
Tool | Description |
| List attack paths — filter by status (new/acknowledged/validated/escalated) and min risk score |
| Get full path details — steps, MITRE ATT&CK mappings, risk score, energy breakdown |
| Update triage status (acknowledge, close, etc.) |
| Dispatch a path for sandbox validation (Parser → Exploit → Grader agents in an isolated container) |
| Escalate a validated path to the ticketing system |
| Triage statistics — counts by status, severity, repository |
Webhooks
Tool | Description |
| Register a webhook for triage events (e.g. Slack notification on new attack paths) |
| List registered webhooks |
| Delete a webhook |
| Send a synthetic test event to verify delivery |
| Get delivery history — success/failure per attempt |
| Validate a Jinja2 webhook template against sample data |
Connectors
Tool | Description |
| List data source connectors (GuardDuty, Inspector, Qualys, Tenable, etc.) |
| Create a new connector for automated artifact ingestion |
| Get connector details — status, last poll time, config |
| Update connector config or enable/disable |
| Delete a connector |
| Trigger an immediate poll (fetch latest data from the source now) |
| Test connectivity without persisting artifacts |
| Health summary across all connectors — sorted unhealthy-first |
| List available connector types and their required config fields |
| Ingestion stats — total artifacts, connector health, last poll times |
Validation & ticketing
Tool | Description |
| Get validation run status — step counts, progress, verdict |
| List remediation tickets |
| Get ticket details — linked attack path, status, external ticket URL |
Graph-oracle (interactive JEPA tools)
These tools power the /research skill. They auto-manage an oracle session — no manual session creation needed.
Tool | Description |
| Load a branch graph into the JEPA engine. Returns immediately — encoding runs in background (2-5 min for large graphs) |
| Check if graph encoding is complete ( |
| Get loaded graph stats — node/edge counts, type distribution, available edge types |
| Browse nodes by type (e.g. all |
| Semantic node lookup — returns best match with full neighbor details |
| Search nodes by text similarity using MiniLM embeddings |
| Add a node to the threat model |
| Add an edge to the threat model |
| View the current threat model (nodes and edges) |
| Clear the threat model and start fresh |
| Match threat model against real infrastructure — returns Mermaid diagram with node matches (cosine scores), BFS paths (energy scores), and implicit edges |
| Iterative energy-scored refinement — returns per-iteration Mermaid diagrams with entry candidates, per-hop transition energy, and convergence status |
| Submit a discovered attack path as a chain of node descriptions (e.g. "API gateway → auth service → database") |
| Submit all matched paths from the current threat model to triage |
| List built-in threat model templates (identity, network, data, supply chain, cloud) |
| Load a template into the threat model (replaces current) |
| Save the current threat model as a reusable template |
| Destroy the oracle session and start fresh |
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/latent-defense/mcp-server-public'
If you have feedback or need assistance with the MCP directory API, please join our Discord server