Skip to main content
Glama
mastyf-ai

mastyf-ai

Official

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
PORTNoPort for the proxy and dashboard. Default is 4000.4000
OLLAMA_BASE_URLNoBase URL for Ollama LLM server, e.g., http://127.0.0.1:11434.
MASTYF_AI_DB_PATHNoPath to the SQLite database file. Default is ~/.mastyf-ai/history.db.~/.mastyf-ai/history.db
MASTYF_AI_LLM_MODELNoLLM model name, e.g., qwen3:8b.
MASTYF_AI_LLM_PROVIDERNoLLM provider, e.g., ollama.
DASHBOARD_AUTH_DISABLEDNoSet to 'true' to disable dashboard authentication (default for local dev).true

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{}
logging
{}
prompts
{}
resources
{}

Tools

Functions exposed to the LLM to take actions

NameDescription
scan_securityA

Scan MCP server configurations for security vulnerabilities (CVEs, auth, typo-squatting, secrets)

audit_costsB

Audit token usage and estimate costs per MCP server

check_healthB

Check health, latency, and reliability of MCP servers

full_reportA

Generate a complete security, cost, and health report for all MCP servers

start_behavior_observationC

Start observing AI agent tool calls to learn usage patterns for policy generation

stop_behavior_observationA

Stop the current observation window and finalize collected data

generate_policy_from_observationsA

Generate a minimal-privilege YAML policy based on observed tool call patterns

suggest_policy_improvementsA

Compare observed behavior against current policy and suggest additions/removals

observation_statusA

Get current behavior observation status and summary

scan_prompt_injectionB

Scan tool call arguments for prompt injection payloads targeting downstream AI agents

prompt_injection_reportB

Get prompt injection detection statistics

predict_threatsA

Generate threat forecast for all configured MCP servers with 30/90/365-day projections

threat_forecast_for_serverA

Detailed threat forecast for a specific server with risk factors and preemptive hardening recommendations

preemptive_recommendationsA

Get suggested preemptive policy changes based on threat forecasts

verify_supply_chainB

Full supply chain integrity verification with signed attestation for MCP server packages

supply_chain_statusB

Current trust graph state for all MCP server packages

sbom_exportC

Export Software Bill of Materials for MCP server packages

detect_driftA

Compare current MCP server behavior against a known-good baseline to detect anomalies

capture_baselineC

Capture current server state as a known-good behavioral baseline

rollback_server_configB

Revert to a previous known-good configuration snapshot

drift_historyB

List all detected drift events

generate_compliance_evidenceC

Generate auditor-ready compliance evidence bundle for a framework

compliance_gap_analysisC

Identify missing compliance controls and recommend policies

compliance_postureB

Get current compliance posture score across all frameworks

list_compliance_frameworksA

List all supported compliance frameworks

run_self_assessmentC

Run a full autonomous red team assessment with attack generation and policy testing

schedule_red_teamB

Configure periodic autonomous red team assessments

red_team_resultsB

Get latest red team assessment results and recommendations

ab_test_policyC

A/B test a proposed policy change against historical attack corpus

contribute_threat_signatureB

Submit an anonymized threat signature to the cross-deployment intelligence mesh

threat_intel_statusB

Get mesh connectivity, contribution stats, and known threat feed

deploy_honeypotB

Deploy an ephemeral decoy MCP server to detect adversarial probing

honeypot_reportA

Get attack patterns observed by all active honeypots

destroy_honeypotB

Tear down a specific honeypot and retrieve captured data

list_honeypotsA

List all active and destroyed honeypots with summary

negotiate_agent_trustB

Initiate an automated trust handshake with another AI agent behind Mastyf AI

agent_trust_statusB

View all active trust relationships and session details

revoke_agent_trustC

Immediately terminate a trust relationship

trust_registry_listA

List all registered agents in the trust registry

agentic_statusA

Get overall status of all agentic AI features including metrics, scheduler, and task queue

compute_trust_scoreB

Compute an A+-F trust score for an MCP server across 8 security dimensions (like SSL Labs for MCP)

scan_response_dlpB

Scan MCP tool responses for PII, credentials, sensitive paths, and data exfiltration

certify_serverC

Run MCP server certification (Bronze/Silver/Gold/Platinum)

list_certified_serversC

List MCP servers in the local certification registry with level and expiry

verify_certificationC

Verify a server certification attestation (JWS) and level

declare_intentC

Declare session intent and allowed tools for intent-binding enforcement

run_protocol_fuzzerB

Run MCP protocol fuzzer — test defenses against malformed JSON-RPC, overflow, injection

check_slaB

Check SLA compliance — p50/p95 latency, error rate, circuit breaker state per tool

run_incident_playbookD

Execute an incident response playbook (prompt_injection, credential_leak, shell_injection)

get_agent_reputationC

Get agent reputation score — Trusted/Standard/Suspicious/Blocked tier with bypass rate and entropy

harden_configA

Analyze MCP server config and get A-F hardening grade with one-click recommendations

detect_collusionC

Detect agent-to-agent collusion patterns (recon-then-exploit, coordinated exfil, token sharing)

policy_to_natural_languageA

Explain MCP Mastyf AI policy YAML in plain English for compliance stakeholders

natural_language_to_policyA

Convert a natural-language security goal into a draft YAML policy rule (requires approval before enforce)

query_server_reputationC

Query decentralized MCP server reputation (8-dimension consensus score)

quantify_insurance_riskC

Compute cyber insurance ALE (Annualized Loss Expectancy) for an MCP server

evaluate_agent_trustC

Thompson Sampling — run Bayesian bandit trust sampling for an agent (Beta posterior, exploration/exploitation)

tune_policy_ruleC

Contextual Bandit (LinUCB) — select optimal policy action (enforce/relax/skip) based on context

adapt_thresholdC

SARSA — adaptively tune rate limit, latency limit, or confidence threshold via reinforcement learning

select_fuzz_strategyC

REINFORCE — use policy gradient to select optimal fuzzer mutation strategy

Prompts

Interactive templates invoked by user choice

NameDescription
audit-configGenerate security audit instructions for an MCP server config

Resources

Contextual data attached and managed by the client

NameDescription
Latest Scan ReportMost recent security scan results across all MCP servers

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/mastyf-ai/mastyf.ai'

If you have feedback or need assistance with the MCP directory API, please join our Discord server