How do I use api-redbox-mcp?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@api-redbox-mcp Run a stealth port scan on api.target.com" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

api-redbox-mcp

by alfredojrc

Overview Schema Related Servers Score Discussions

Python

Remote

API-RedBox-MCP

Containerized Kali Linux sandboxes exposing an MCP (Model Context Protocol) interface. Designed for LLM-driven security analysis of published REST APIs.

Pragmatic Truth

Giving an LLM unconstrained shell access is a catastrophic risk. This project enforces boundaries. If Claude hallucinates or encounters a prompt injection payload in a target's API response, the blast radius is confined to a disposable container.

Related MCP server: Kali Linux MCP Server

Deployment

# Build the minimal Kali sandbox
docker build -t api-redbox-mcp .

# Run ephemerally, hardened. nmap uses an unprivileged TCP connect scan (-sT),
# so NO capabilities are required — the container drops them all.
docker run --rm \
  --network target_vlan \
  --add-host api.target.com:203.0.113.10 --dns 0.0.0.0 \
  --user 1000:1000 \
  --cap-drop=ALL --security-opt no-new-privileges \
  --read-only \
  --tmpfs /tmp --tmpfs /home/mcpbot/.cache \
  --pids-limit 256 --memory 1g --cpus 2 \
  -p 127.0.0.1:8000:8000 \
  api-redbox-mcp

The MCP server is then reachable at http://127.0.0.1:8000/mcp (Streamable HTTP). Egress should additionally be restricted to the target API's IP range via a host DOCKER-USER iptables rule (default-deny the sandbox subnet, allow only the target CIDR).

This server cannot be installed

license - not found

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/alfredojrc/api-redbox-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server