{"id":43169514,"url":"https://github.com/adhit-r/aran-mcp","last_synced_at":"2026-02-01T02:16:29.596Z","repository":{"id":311319313,"uuid":"1042802185","full_name":"adhit-r/aran-mcp","owner":"adhit-r","description":"Enterprise-Grade MCP (Model Context Protocol) Security and Management Platform","archived":false,"fork":false,"pushed_at":"2025-12-13T18:52:43.000Z","size":7754,"stargazers_count":0,"open_issues_count":29,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-15T13:30:54.217Z","etag":null,"topics":["ai","ai-security","cybersecurity","mcp","mcp-security","mcp-server","ml"],"latest_commit_sha":null,"homepage":"https://adhit-r.github.io/aran-mcp/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adhit-r.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":"docs/ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-22T15:45:02.000Z","updated_at":"2025-12-13T18:52:47.000Z","dependencies_parsed_at":"2025-08-28T07:23:18.569Z","dependency_job_id":null,"html_url":"https://github.com/adhit-r/aran-mcp","commit_stats":null,"previous_names":["radhi1991/aran-mcp","adhit-r/aran-mcp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/adhit-r/aran-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adhit-r%2Faran-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adhit-r%2Faran-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adhit-r%2Faran-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adhit-r%2Faran-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adhit-r","download_url":"https://codeload.github.com/adhit-r/aran-mcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adhit-r%2Faran-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28965047,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-01T02:14:24.993Z","status":"ssl_error","status_checked_at":"2026-02-01T02:13:55.706Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-security","cybersecurity","mcp","mcp-security","mcp-server","ml"],"created_at":"2026-02-01T02:16:27.389Z","updated_at":"2026-02-01T02:16:29.589Z","avatar_url":"https://github.com/adhit-r.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Aran MCP Sentinel\n\nEnterprise-grade security and management platform for Model Context Protocol (MCP) deployments. Discover, monitor, secure, and manage MCP servers with comprehensive tooling and real-time threat detection.\n\n## Overview\n\nAran MCP Sentinel provides comprehensive security, monitoring, and management capabilities for MCP server deployments. The platform enables organizations to discover, document, test, and secure MCP implementations with enterprise-grade tooling and real-time threat detection.\n\n## Key Features\n\n### Server Discovery and Catalog\n- Automated discovery of MCP endpoints and services\n- Comprehensive catalog of available MCP servers and tools\n- Version tracking and compatibility management\n- Service health monitoring and status reporting\n\n### Interactive Documentation\n- Swagger-like API documentation for MCP endpoints\n- Tool and endpoint specifications with usage examples\n- Versioned documentation history\n- Code snippets and integration guides\n\n### Security Testing and Analysis\n- Comprehensive test suite for MCP implementations\n- Automated security scanning and vulnerability assessment\n- OWASP MCP Top 10 compliance checking\n- Real-time threat detection and risk scoring\n- Integration with CI/CD pipelines\n\n### Health Monitoring\n- Continuous uptime and performance monitoring\n- Response time tracking and alerting\n- Service availability metrics\n- Historical trend analysis\n\n### Enterprise Deployment\n- Secure configuration templates\n- Deployment best practices and guidelines\n- Environment validation\n- Rollback and recovery procedures\n\n## Technology Stack\n\n### Backend\n- Language: Go 1.22+\n- Web Framework: Gin\n- Database: PostgreSQL (via Supabase)\n- Authentication: JWT, Authelia, Clerk, Neon Auth\n- Logging: Zap\n- Configuration: YAML-based configuration\n- Testing: Go Test\n- Containerization: Docker\n\n### Frontend\n- Framework: Next.js 14 (App Router)\n- Language: TypeScript 5.0+\n- UI Library: React 18\n- Styling: Tailwind CSS\n- State Management: React Query\n- Form Handling: React Hook Form with Zod validation\n- UI Components: Radix UI with custom components\n- Charts: Recharts\n- Icons: Lucide React\n\n### Infrastructure\n- Database: Supabase (PostgreSQL)\n- Deployment: Docker, Docker Compose, Kubernetes\n- CI/CD: GitHub Actions\n- Monitoring: Prometheus, Grafana\n\n## Quick Start\n\n### Prerequisites\n- Go 1.22 or later\n- Node.js 18 or later\n- Docker (optional, for containerized deployment)\n- PostgreSQL database (Supabase recommended)\n\n### Backend Setup\n\n1. Clone the repository:\n```bash\ngit clone https://github.com/adhit-r/aran-mcp.git\ncd aran-mcp\n```\n\n2. Navigate to the backend directory:\n```bash\ncd backend\n```\n\n3. Copy the example configuration:\n```bash\ncp configs/config.example.yaml configs/config.yaml\n```\n\n4. Update `configs/config.yaml` with your database credentials and settings.\n\n5. Install Go dependencies:\n```bash\ngo mod download\n```\n\n6. Run database migrations:\n```bash\n# Migrations are located in backend/migrations/\n# Apply them to your PostgreSQL database\n```\n\n7. Start the backend server:\n```bash\ngo run cmd/server/main.go\n```\n\nThe API will be available at `http://localhost:8080`\n\n### Frontend Setup\n\n1. Navigate to the frontend directory:\n```bash\ncd frontend\n```\n\n2. Install dependencies:\n```bash\nnpm install\n```\n\n3. Create a `.env.local` file with your configuration:\n```env\nNEXT_PUBLIC_API_URL=http://localhost:8080\n```\n\n4. Start the development server:\n```bash\nnpm run dev\n```\n\nThe frontend will be available at `http://localhost:3000`\n\n### Docker Setup\n\n1. Build and start all services:\n```bash\ndocker-compose up --build\n```\n\n2. Access the application:\n- Frontend: http://localhost:3000\n- Backend API: http://localhost:8080\n\n## Repository Organization\n\nThe repository is organized following industry best practices for clarity and maintainability. See [ORGANIZATION.md](ORGANIZATION.md) and [docs/STRUCTURE.md](docs/STRUCTURE.md) for detailed structure documentation.\n\n## Project Structure\n\n```\naran-mcp/\n├── backend/                 # Go backend application\n│   ├── cmd/server/         # Main application entry point\n│   ├── internal/           # Internal packages\n│   │   ├── auth/          # Authentication handlers\n│   │   ├── config/        # Configuration management\n│   │   ├── database/      # Database models and connection\n│   │   ├── discovery/     # MCP server discovery\n│   │   ├── mcp/           # MCP protocol implementation\n│   │   ├── monitoring/    # Health monitoring\n│   │   └── security/      # Security testing\n│   ├── configs/           # Configuration files\n│   ├── migrations/        # Database migrations\n│   └── go.mod            # Go module definition\n├── frontend/              # Next.js frontend application\n│   ├── src/\n│   │   ├── app/          # Next.js app router pages\n│   │   ├── components/  # React components\n│   │   ├── lib/         # Utility libraries\n│   │   └── types/       # TypeScript type definitions\n│   └── package.json\n├── mcp-server/           # Reference MCP server implementation\n├── docs/                 # Documentation\n│   ├── architecture/    # System architecture docs\n│   ├── security/        # Security documentation\n│   └── specs/          # Technical specifications\n├── scripts/             # Utility scripts\n├── monitoring/          # Prometheus and Grafana configs\n└── docker-compose.yml   # Docker Compose configuration\n```\n\n## API Documentation\n\n### Core Endpoints\n\n#### MCP Servers\n- `GET /api/v1/mcp/servers` - List all MCP servers\n- `GET /api/v1/mcp/servers/:id` - Get server details\n- `POST /api/v1/mcp/servers` - Register a new MCP server\n- `PUT /api/v1/mcp/servers/:id` - Update server configuration\n- `DELETE /api/v1/mcp/servers/:id` - Remove a server\n- `GET /api/v1/mcp/servers/:id/status` - Get server health status\n\n#### Server Discovery\n- `POST /api/v1/discovery/scan` - Scan for MCP servers\n- `GET /api/v1/discovery/endpoints` - List discovered endpoints\n- `POST /api/v1/discovery/endpoints/:id/scan` - Scan specific endpoint\n\n#### Security Testing\n- `POST /api/v1/security/test` - Run security tests\n- `GET /api/v1/security/tests/:id` - Get test results\n- `GET /api/v1/security/owasp` - OWASP MCP Top 10 compliance\n\n#### Monitoring\n- `GET /api/v1/monitoring/health/:server_id` - Check server health\n- `POST /api/v1/monitoring/health/check-all` - Check all servers\n- `GET /api/v1/monitoring/servers` - List monitored servers\n- `GET /api/v1/monitoring/alerts` - Get monitoring alerts\n\n#### Health Check\n- `GET /health` - Service health status\n\nFor comprehensive API documentation, see [docs/API_DOCUMENTATION.md](docs/API_DOCUMENTATION.md).\n\n## Configuration\n\n### Backend Configuration\n\nThe backend uses YAML configuration files located in `backend/configs/`. Copy `config.example.yaml` to `config.yaml` and update with your settings:\n\n```yaml\nserver:\n  port: 8080\n  host: \"0.0.0.0\"\n\ndatabase:\n  host: \"localhost\"\n  port: 5432\n  user: \"postgres\"\n  password: \"password\"\n  name: \"aran_mcp\"\n  ssl_mode: \"disable\"\n\nauth:\n  jwt_secret: \"your-secret-key\"\n  token_expiry: \"24h\"\n```\n\n### Frontend Configuration\n\nCreate a `.env.local` file in the frontend directory:\n\n```env\nNEXT_PUBLIC_API_URL=http://localhost:8080\nNEXTAUTH_SECRET=your-secret-here\nNEXTAUTH_URL=http://localhost:3000\n```\n\n## Security\n\n### Security Best Practices\n\nAran MCP Sentinel implements comprehensive security measures integrated with the [SAFE-MCP threat modeling framework](https://github.com/SAFE-MCP/safe-mcp):\n\n1. **Threat Modeling**: Structured threat intelligence using MITRE ATT\u0026CK methodology with 81 documented techniques\n2. **Prompt Injection Detection**: Real-time detection of malicious prompt manipulation attempts (SAFE-T1102)\n3. **Tool Poisoning Prevention**: Validation of tool metadata and capabilities (SAFE-T1001)\n4. **Privilege Abuse Monitoring**: Tracking and alerting on excessive permissions (SAFE-T1104, SAFE-T1309)\n5. **Authentication**: Multiple authentication providers (JWT, Authelia, Clerk, Neon Auth)\n6. **Input Validation**: Comprehensive input sanitization and validation (SAFE-M-4, SAFE-M-5)\n7. **Secure Communication**: TLS/SSL for all communications\n8. **Credential Management**: Secure storage and rotation of API keys\n9. **Behavioral Monitoring**: Anomaly detection using baseline analysis (SAFE-M-11)\n10. **Mitigation Framework**: 47 actionable security controls with effectiveness ratings\n\n### SAFE-MCP Integration\n\nAran integrates the SAFE-MCP framework providing:\n- **14 Tactical Categories**: Complete MITRE ATT\u0026CK-aligned threat coverage\n- **Real-time Detection**: Pattern matching for known attack techniques\n- **Risk Assessment**: Automated threat scoring and mitigation recommendations\n- **Compliance Mapping**: Links to MITRE ATT\u0026CK for regulatory compliance\n\nSee [Threat Modeling Documentation](docs/security/THREAT_MODELING.md) for complete details.\n\n### OWASP MCP Top 10\n\nThe platform addresses the OWASP MCP Top 10 security risks:\n\n1. Prompt Injection\n2. Tool Poisoning\n3. Privilege Abuse\n4. Tool Shadowing\n5. Indirect Prompt Injection\n6. Sensitive Data Exposure\n7. Command/SQL Injection\n8. Rug Pull Attacks\n9. Denial of Wallet/Service\n10. Authentication Bypass\n\nFor detailed security documentation, see [docs/security/SECURITY_ARCHITECTURE.md](docs/security/SECURITY_ARCHITECTURE.md).\n\n## Development\n\n### Building the Backend\n\n```bash\ncd backend\ngo build -o bin/server cmd/server/main.go\n```\n\n### Building the Frontend\n\n```bash\ncd frontend\nnpm run build\n```\n\n### Running Tests\n\nBackend tests:\n```bash\ncd backend\ngo test ./...\n```\n\nFrontend tests:\n```bash\ncd frontend\nnpm test\n```\n\n### Code Quality\n\nBackend linting:\n```bash\ncd backend\ngolangci-lint run\n```\n\nFrontend linting:\n```bash\ncd frontend\nnpm run lint\n```\n\n## Contributing\n\nWe welcome contributions from the community. Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n### Development Workflow\n\n1. Fork the repository\n2. Create a feature branch from `main`\n3. Make your changes following our coding standards\n4. Write tests for new functionality\n5. Ensure all tests pass\n6. Submit a pull request\n\n## Documentation\n\nComprehensive documentation is available in the `docs/` directory:\n\n- [API Documentation](docs/API_DOCUMENTATION.md) - Complete API reference\n- [System Architecture](docs/architecture/SYSTEM_ARCHITECTURE.md) - Architecture overview\n- [Security Architecture](docs/security/SECURITY_ARCHITECTURE.md) - Security design\n- [Roadmap](docs/ROADMAP.md) - Development roadmap\n- [Testing Guide](docs/TESTING_GUIDE.md) - Testing documentation\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## Support\n\nFor issues, questions, or contributions:\n- GitHub Issues: https://github.com/adhit-r/aran-mcp/issues\n- Documentation: See the `docs/` directory\n\n## Acknowledgments\n\nBuilt on the Model Context Protocol specification. Special thanks to the open source community and contributors.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadhit-r%2Faran-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadhit-r%2Faran-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadhit-r%2Faran-mcp/lists"}