sentinel-mcp

sentinel-mcp

An MCP server for AI-powered API testing that enables automated positive, negative, and security testing directly from AI chat interfaces. It supports multiple AI providers and generates detailed security reports.

Category
Visit Server

README

sentinel-mcp

MCP Server untuk AI-powered API testing — positive, negative, dan security testing langsung dari chat AI.

Fitur

  • 3 jenis testing: positive (happy path), negative (edge case), security (SQLi, XSS, auth, dll)
  • Multi AI provider: Ollama (local), Claude, OpenAI, Gemini — bisa switch per perintah
  • Auto report: hasil analisis AI langsung disimpan sebagai Markdown
  • MCP native: langsung dipakai dari Claude Desktop, Cursor, Windsurf, Cline

Struktur Project

sentinel-mcp/
├── src/
│   ├── index.ts              # MCP server entry point
│   ├── types.ts              # Type definitions
│   ├── tools/
│   │   └── apiTest.ts        # MCP tool handlers
│   ├── runner/
│   │   ├── runner.ts         # HTTP test engine
│   │   └── loader.ts         # YAML config loader
│   ├── providers/
│   │   ├── factory.ts        # Provider resolver
│   │   ├── prompt.ts         # Shared prompt builder
│   │   ├── ollama.ts         # Ollama adapter
│   │   ├── claude.ts         # Claude adapter
│   │   ├── openai.ts         # OpenAI adapter
│   │   └── gemini.ts         # Gemini adapter
│   └── reports/
│       └── generator.ts      # Markdown report generator
├── tests/endpoints/
│   └── suite.yaml            # Definisi endpoint yang ditest
├── reports/                  # Output report (auto-created)
├── .env.example
└── claude_desktop_config.example.json

Quick Start

1. Install dependencies

cd sentinel-mcp
npm install

2. Setup environment

cp .env.example .env
# Edit .env sesuai kebutuhanmu

3. Install Ollama (untuk local AI)

# macOS / Linux
curl -fsSL https://ollama.ai/install.sh | sh
ollama pull llama3

4. Definisikan endpoint di suite.yaml

Edit tests/endpoints/suite.yaml sesuai API kamu.

5. Daftarkan ke Claude Desktop

Salin isi claude_desktop_config.example.json ke:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Ganti path absolut sesuai lokasi project kamu, lalu restart Claude Desktop.

Cara Pakai di Chat

# Test semua endpoint, pakai provider default
"test semua endpoint API saya"

# Test endpoint tertentu
"test endpoint login"

# Ganti provider saat testing
"test semua endpoint pakai claude"
"jalankan security test pakai openai"
"test endpoint create-user pakai gemini"

# Cek provider yang tersedia
"provider apa yang tersedia?"

Security Testing yang Dilakukan

Test Deskripsi
No Auth Akses endpoint tanpa Authorization header
SQL Injection Payload ' OR 1=1-- dan variasinya
XSS Payload <script>alert(1)</script> dan reflection check
Info Leak Cek apakah error response bocorkan stack trace / SQL
Oversized Payload Kirim 100KB payload untuk cek DoS resistance

Format Report

Report disimpan di folder reports/ dengan nama YYYY-MM-DD-[provider].md.

Isi report:

  • Skor keseluruhan (0-100)
  • Ringkasan dari AI
  • Daftar bug dengan severity dan rekomendasi fix
  • Temuan keamanan dengan cara mitigasi
  • Detail per endpoint (semua test case)

Menambah Endpoint Baru

Edit tests/endpoints/suite.yaml:

- name: nama-endpoint
  method: POST          # GET | POST | PUT | PATCH | DELETE
  path: /api/resource
  auth: true            # sertakan Authorization header?
  expectedStatus: 201
  body:
    field: value
  expectedFields:
    - id
    - name

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured
E2B

E2B

Using MCP to run code via e2b.

Official
Featured