pangea-mcp-server
Verified Safeby pangeacyber
Overview
Integrates various Pangea security services as tools for AI agents via the Model Context Protocol (MCP).
Installation
npx @pangeacyber/mcp-server --transport httpStream --port 8080Environment Variables
- PANGEA_VAULT_TOKEN
- PANGEA_VAULT_ITEM_ID
- PANGEA_AUDIT_CONFIG_ID
- PANGEA_AUTHN_ISSUER
- PANGEA_AUTHN_CLIENT_ID
- PANGEA_AUTHN_CLIENT_SECRET
Security Notes
The server implements strong security practices by integrating Pangea's AI Guard for both pre-tool input and post-tool output validation and redaction, significantly reducing risks like prompt injection or data leakage. Sensitive Pangea API tokens are securely fetched from Pangea Vault at runtime, rather than being hardcoded or directly exposed as environment variables. OAuth client secrets for authentication are also stored in Vault. No 'eval' or similar dangerous code execution patterns were found. Network risks are managed through explicit HTTP transport with optional Pangea AuthN for access control. The hardcoded Pangea domain is a configuration, not a vulnerability. Overall, a well-secured application.
Similar Servers
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
toolhive-studio
ToolHive is a desktop application (Electron UI) for discovering, deploying, and managing Model Context Protocol (MCP) servers in isolated containers, and connecting them to AI agents and clients.
notebooklm-mcp-secure
Provides programmatic access and management of NotebookLM and Google Gemini for AI agents, offering deep research capabilities, document analysis, and comprehensive compliance and security features.
pangea-mcp-proxy
The Pangea MCP proxy secures communications between an MCP client and any MCP server by running all MCP I/O through Pangea AI Guard to block prompt injections, malicious content, and PII.