AI_SOC_MCP_Server_Sher
AI\_SOC\_MCP\_Server\_Sher
README
MCP AI SOC Sher
A powerful AI-driven Security Operations Center (SOC) Text2SQL framework based MCP Server (Local and Remote) for converting natural language Prompts to SQL queries dynamically, with integrated security threat analysis and monitoring.
Features
- Text2SQL Conversion: Convert natural language queries to optimized SQL
- Multiple Interfaces: Support for STDIO, SSE, and REST API
- Security Threat Analysis: Built-in SQL query security analysis
- Multiple Database Support: Connect to SQLite or Snowflake databases
- Streaming Responses: Real-time query processing feedback
- SOC Monitoring: Security Operations Center monitoring capabilities
Installation
pip install mcp-ai-soc-sher
Quick Start
# Set your OpenAI API key
import os
os.environ["OPENAI_API_KEY"] = "your-api-key-here"
# Use as local server
from mcp_ai_soc_sher.local import LocalMCPServer
server = LocalMCPServer()
server.start()
# Or run from command line
# mcp-ai-soc --type local --stdio --sse
Command Line Usage
# Run local server with STDIO interface
mcp-ai-soc --type local --stdio
# Run local server with SSE interface
mcp-ai-soc --type local --sse
# Run remote server with REST API
mcp-ai-soc --type remote
Configuration
Create a .env file with your configuration:
OPENAI_API_KEY=your_openai_api_key_here
MCP_DB_URI=sqlite:///your_database.db
MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true
See the documentation for all configuration options.
Example
import json
import requests
# Query the server
response = requests.post(
"http://localhost:8000/api/sql",
headers={"Content-Type": "application/json", "X-API-Key": "your-api-key"},
json={
"query": "Find all suspicious login attempts in the last 24 hours",
"optimize": True,
"execute": True
}
)
# Process the response
result = response.json()
print(f"SQL Query: {result['sql']}")
if result['results']:
print("Results:")
for row in result['results']:
print(row)
Security Features
- Rule-based and AI-powered SQL query security analysis
- Detection of potential SQL injection attacks
- Sensitive table access monitoring
- Configurable security levels and actions
License
MIT License with Additional Conditions. Copyright (c) 2025 Akram Sheriff.
See LICENSE for details.
Contributing
Contributions are welcome! Please see CONTRIBUTING.md for guidelines.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.