mastyf-ai
OfficialServer Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| PORT | No | Port for the proxy and dashboard. Default is 4000. | 4000 |
| OLLAMA_BASE_URL | No | Base URL for Ollama LLM server, e.g., http://127.0.0.1:11434. | |
| MASTYF_AI_DB_PATH | No | Path to the SQLite database file. Default is ~/.mastyf-ai/history.db. | ~/.mastyf-ai/history.db |
| MASTYF_AI_LLM_MODEL | No | LLM model name, e.g., qwen3:8b. | |
| MASTYF_AI_LLM_PROVIDER | No | LLM provider, e.g., ollama. | |
| DASHBOARD_AUTH_DISABLED | No | Set to 'true' to disable dashboard authentication (default for local dev). | true |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
| logging | {} |
| prompts | {} |
| resources | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| scan_securityA | Scan MCP server configurations for security vulnerabilities (CVEs, auth, typo-squatting, secrets) |
| audit_costsB | Audit token usage and estimate costs per MCP server |
| check_healthB | Check health, latency, and reliability of MCP servers |
| full_reportA | Generate a complete security, cost, and health report for all MCP servers |
| start_behavior_observationC | Start observing AI agent tool calls to learn usage patterns for policy generation |
| stop_behavior_observationA | Stop the current observation window and finalize collected data |
| generate_policy_from_observationsA | Generate a minimal-privilege YAML policy based on observed tool call patterns |
| suggest_policy_improvementsA | Compare observed behavior against current policy and suggest additions/removals |
| observation_statusA | Get current behavior observation status and summary |
| scan_prompt_injectionB | Scan tool call arguments for prompt injection payloads targeting downstream AI agents |
| prompt_injection_reportB | Get prompt injection detection statistics |
| predict_threatsA | Generate threat forecast for all configured MCP servers with 30/90/365-day projections |
| threat_forecast_for_serverA | Detailed threat forecast for a specific server with risk factors and preemptive hardening recommendations |
| preemptive_recommendationsA | Get suggested preemptive policy changes based on threat forecasts |
| verify_supply_chainB | Full supply chain integrity verification with signed attestation for MCP server packages |
| supply_chain_statusB | Current trust graph state for all MCP server packages |
| sbom_exportC | Export Software Bill of Materials for MCP server packages |
| detect_driftA | Compare current MCP server behavior against a known-good baseline to detect anomalies |
| capture_baselineC | Capture current server state as a known-good behavioral baseline |
| rollback_server_configB | Revert to a previous known-good configuration snapshot |
| drift_historyB | List all detected drift events |
| generate_compliance_evidenceC | Generate auditor-ready compliance evidence bundle for a framework |
| compliance_gap_analysisC | Identify missing compliance controls and recommend policies |
| compliance_postureB | Get current compliance posture score across all frameworks |
| list_compliance_frameworksA | List all supported compliance frameworks |
| run_self_assessmentC | Run a full autonomous red team assessment with attack generation and policy testing |
| schedule_red_teamB | Configure periodic autonomous red team assessments |
| red_team_resultsB | Get latest red team assessment results and recommendations |
| ab_test_policyC | A/B test a proposed policy change against historical attack corpus |
| contribute_threat_signatureB | Submit an anonymized threat signature to the cross-deployment intelligence mesh |
| threat_intel_statusB | Get mesh connectivity, contribution stats, and known threat feed |
| deploy_honeypotB | Deploy an ephemeral decoy MCP server to detect adversarial probing |
| honeypot_reportA | Get attack patterns observed by all active honeypots |
| destroy_honeypotB | Tear down a specific honeypot and retrieve captured data |
| list_honeypotsA | List all active and destroyed honeypots with summary |
| negotiate_agent_trustB | Initiate an automated trust handshake with another AI agent behind Mastyf AI |
| agent_trust_statusB | View all active trust relationships and session details |
| revoke_agent_trustC | Immediately terminate a trust relationship |
| trust_registry_listA | List all registered agents in the trust registry |
| agentic_statusA | Get overall status of all agentic AI features including metrics, scheduler, and task queue |
| compute_trust_scoreB | Compute an A+-F trust score for an MCP server across 8 security dimensions (like SSL Labs for MCP) |
| scan_response_dlpB | Scan MCP tool responses for PII, credentials, sensitive paths, and data exfiltration |
| certify_serverC | Run MCP server certification (Bronze/Silver/Gold/Platinum) |
| list_certified_serversC | List MCP servers in the local certification registry with level and expiry |
| verify_certificationC | Verify a server certification attestation (JWS) and level |
| declare_intentC | Declare session intent and allowed tools for intent-binding enforcement |
| run_protocol_fuzzerB | Run MCP protocol fuzzer — test defenses against malformed JSON-RPC, overflow, injection |
| check_slaB | Check SLA compliance — p50/p95 latency, error rate, circuit breaker state per tool |
| run_incident_playbookD | Execute an incident response playbook (prompt_injection, credential_leak, shell_injection) |
| get_agent_reputationC | Get agent reputation score — Trusted/Standard/Suspicious/Blocked tier with bypass rate and entropy |
| harden_configA | Analyze MCP server config and get A-F hardening grade with one-click recommendations |
| detect_collusionC | Detect agent-to-agent collusion patterns (recon-then-exploit, coordinated exfil, token sharing) |
| policy_to_natural_languageA | Explain MCP Mastyf AI policy YAML in plain English for compliance stakeholders |
| natural_language_to_policyA | Convert a natural-language security goal into a draft YAML policy rule (requires approval before enforce) |
| query_server_reputationC | Query decentralized MCP server reputation (8-dimension consensus score) |
| quantify_insurance_riskC | Compute cyber insurance ALE (Annualized Loss Expectancy) for an MCP server |
| evaluate_agent_trustC | Thompson Sampling — run Bayesian bandit trust sampling for an agent (Beta posterior, exploration/exploitation) |
| tune_policy_ruleC | Contextual Bandit (LinUCB) — select optimal policy action (enforce/relax/skip) based on context |
| adapt_thresholdC | SARSA — adaptively tune rate limit, latency limit, or confidence threshold via reinforcement learning |
| select_fuzz_strategyC | REINFORCE — use policy gradient to select optimal fuzzer mutation strategy |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| audit-config | Generate security audit instructions for an MCP server config |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Latest Scan Report | Most recent security scan results across all MCP servers |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mastyf-ai/mastyf.ai'
If you have feedback or need assistance with the MCP directory API, please join our Discord server