mcp
Verified Safeby tenzir
Overview
This server enables AI assistants to interact with the Tenzir data pipeline engine for security operations, providing tools for TQL pipeline execution, documentation access, OCSF integration, package management, and code generation.
Installation
docker run -i tenzir/mcpEnvironment Variables
- GITHUB_TOKEN
- DEBUG
Security Notes
The server's `run_pipeline` tool executes the `tenzir` binary with user-provided TQL code or file paths directly via `asyncio.create_subprocess_exec`. While `shell=True` is not used, potentially malicious input in the `pipeline` argument (if it contains shell metacharacters or refers to malicious paths) could pose a risk if generated by a compromised or poorly-controlled AI agent. Similarly, `package_add_operator` and `package_add_test` write user-provided TQL code and data to the filesystem. The bootstrap process (`_download_docs`, `_download_ocsf`) fetches documentation and OCSF schemas from external URLs (GitHub, schema.ocsf.io), which introduces a supply chain risk if those sources were compromised. No hardcoded secrets or obvious 'eval' usage were found.
Similar Servers
tfmcp
A CLI tool enabling LLMs to interact with and manage Terraform infrastructure through the Model Context Protocol (MCP), offering advanced analysis and security features.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp_massive
An AI agent orchestration server, likely interacting with LLMs and managing multi-agent workflows.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.