Pangea MCP Server

Pangea MCP Server

A Model Context Protocol server that provides Claude with access to Pangea's security services, including AI Guard, Domain Intel, Embargo checks, IP Intelligence, Redaction, Secure Audit Log, URL Intelligence, and Vault services.

Category
Visit Server

README

Pangea MCP Server

A Model Context Protocol (MCP) server that provides integration with Pangea APIs.

sample output

Prerequisites

  • Node.js v22.15.0 or greater.
  • A Pangea API token with access to all of AI Guard, Domain Intel, Embargo, IP Intel, Redact, Secure Audit Log, URL Intel, and Vault. This token needs to be stored in Pangea Vault. See Service Tokens for documentation on how to create and manage Pangea API tokens.
  • A Pangea API token with access to Vault. This will be used to fetch the above token at runtime.
  • A Pangea Secure Audit Log configuration with the "Standard Audit Log Config" schema. See Multiple Service Configurations for documentation on how to create a new Secure Audit Log configuration. Note down the configuration ID for later.

The first API token may look like:

sample API token

Pangea setup from scratch

This section will go over how to set up a brand new Pangea account for this MCP server.

  1. Create a Pangea account at https://pangea.cloud/signup. During the account creation process, an organization (top-level group) and project (individual app) will be created as well. On the "Get started with a common service" dialog, just click on the Skip button to get redirected to the developer console.
  2. In the developer console, there will be a list of services in the left hand panel. Click on the Vault service to enable it. Vault provides secure storage of secrets, cryptographic keys, and Pangea API tokens.
  3. In the modal, there will be a prompt to create a new Pangea API token or to extend an existing one. Choose Create a new token and click on Done. This is the token that will be used later as the PANGEA_VAULT_TOKEN environment variable.
  4. In the left hand panel, click on the Secure Audit Log service to enable it. Secure Audit Log provides transparent, immutable, and cryptographically verifiable tamperproof audit logging.
  5. Continue with the default Standard Audit Log schema.
  6. In the modal, there will be a prompt to create a new Pangea API token or to extend an existing one. Choose Create a new token. Ensure that the Store token in Vault checkbox is checked, then click Done.
  7. The Config ID displayed on the destination page is what will be used later as the PANGEA_AUDIT_CONFIG_ID environment variable.
  8. Now the second token that was created must be extended to the rest of Pangea's services. For each of the following services, click on its respective item in the left hand panel and, in the modal that appears, choose Extend an existing token. Select the token that was created in the previous step (not the first token that was created for Vault alone), then click Done.
    1. AI Guard — Protects data and interactions with LLMs.
    2. Domain Intel — Retrieves intelligence data for submitted domains. Supported providers: DomainTools, CrowdStrike, WhoisXML API.
    3. Embargo — Checks IPs and country codes against known sanction and trade embargo lists.
    4. IP Intel — IP monitoring. Supported providers: Team CYMRU, CrowdStrike, Digital Element.
    5. Redact — Controls sensitive information by performing redaction using defined rules.
    6. URL Intel — Retrieves intelligence about known URLs. Supported provider: CrowdStrike.
    7. Vault — Secure storage of secrets, cryptographic keys, and Pangea API tokens.
  9. Navigate to https://console.pangea.cloud/project/credentials. The token that has been extended to all of the above services should be displayed with a "Stored" indicator under the Vault column. Click on that to navigate straight to the Vault item that contains that token. The ID of this item is what will be used as the PANGEA_VAULT_ITEM_ID environment variable.

Usage with Claude Desktop

Edit the following configuration file (create it if it does not exist):

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Replace (or merge) the file contents with the following:

{
  "mcpServers": {
    "pangea": {
      "command": "npx",
      "args": ["-y", "@pangeacyber/mcp-server"],
      "env": {
        "PANGEA_VAULT_TOKEN": "pts_00000000000000000000000000000000",
        "PANGEA_VAULT_ITEM_ID": "pvi_00000000000000000000000000000000",
        "PANGEA_AUDIT_CONFIG_ID": "pci_00000000000000000000000000000000"
      }
    }
  }
}
  1. Update the PANGEA_VAULT_TOKEN value to the Pangea Vault API token.
  2. Update the PANGEA_VAULT_ITEM_ID value to the Vault item ID that contains the API token that will be used to call all other Pangea services.
  3. Update the PANGEA_AUDIT_CONFIG_ID value to the Secure Audit Log configuration ID.
  4. Restart Claude Desktop.

Tools

AI Guard

  • prompt_guard — Analyze and redact text to avoid manipulation of the model, addition of malicious content, and other undesirable data transfers.

Domain Intel

  • lookup_domain_reputation — Look up reputation score(s) for one or more domains.
  • whois — Retrieve WHOIS (an Internet resource's registered users or assignees) for a domain.

Embargo

  • check_ip_embargo — Check one or more IP addresses against known sanction and trade embargo lists.
  • check_iso_code_embargo — Check a country code against known sanction and trade embargo lists.

File Intel

  • lookup_file_reputation — Retrieve a reputation score for a set of file hashes.

IP Intel

  • lookup_ip_address_reputation — Look up reputation score(s) for one or more IP addresses.
  • lookup_domain_from_ip_address — Retrieve the domain name associated with one or more IP addresses.
  • is_proxy — Determine if one or more IP addresses originate from a proxy.
  • is_vpn — Determine if one or more IP addresses originate from a VPN.
  • geolocate — Geolocate, or retrieve location information associated with, one or more IP addresses.

Redact

  • redact — Redact sensitive information from provided text.

Secure Audit Log

  • log_entry — Create a log entry in the Secure Audit Log.
  • search_log — Search the Secure Audit Log.

URL Intel

  • lookup_url_reputation — Look up reputation score(s) for one or more URLs.

Vault

  • get_vault_item — Retrieve details for a Vault key, secret, token, or folder.
  • list_vault_items — Retrieve an array of Vault items matching a given filter, including secrets, keys, tokens, and folders, along with their common details.
  • delete_vault_item — Delete a Vault key, secret, token, or folder.
  • generate_key — Generate a symmetric or asymmetric key.

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured