{"id":"cyberbuff-atomic-red-team-mcp","name":"atomic-red-team-mcp","homepage":null,"repo_url":"https://github.com/cyberbuff/atomic-red-team-mcp","category":"security","subcategories":[],"tags":["mcp","atomic-red-team","security-testing","validation","execution-optional","agent-tools"],"what_it_does":"Provides an MCP (Model Context Protocol) server that exposes Atomic Red Team test content and operations, including searching for “atomics,” refreshing/downloading atomic definitions, validating atomic YAML, retrieving a validation schema, and (optionally) executing atomic tests when explicitly enabled.","use_cases":["Integrate Atomic Red Team test discovery into AI assistants via MCP tools","Validate Atomic Red Team atomic test YAML before publishing/using","Programmatically search and enumerate atomic tests by technique ID, name, description, or platform","Optionally execute selected atomic tests in controlled environments"],"not_for":["Internet-facing production use without strong authentication and isolation","Running destructive or state-changing tests in uncontrolled environments","Use as a general-purpose orchestration tool without guardrails for execution"],"best_when":"Used locally or in a locked-down test environment where tool execution is disabled by default or tightly controlled.","avoid_when":"Avoid enabling execute capability on systems where untrusted users or agents can trigger test execution.","alternatives":["Directly use Atomic Red Team/atomic-operator tooling without an MCP wrapper","Build a custom MCP server around Atomic Red Team with tighter execution controls and audit logging","Use other security test harnesses/frameworks that focus on safe, non-destructive validation first"],"af_score":60.2,"security_score":56.8,"reliability_score":32.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:45:02.287173+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Static bearer token (ART_AUTH_TOKEN) via Authorization: Bearer <token>"],"oauth":false,"scopes":false,"notes":"Authentication is disabled by default unless ART_AUTH_TOKEN is set. Token is static (no OAuth flow) and appears to gate all MCP tool/resource access when enabled."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"README mentions an optional remote server (hosted on Railway) with a free tier, but no concrete limits or pricing are provided in the provided content."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":60.2,"security_score":56.8,"reliability_score":32.5,"mcp_server_quality":70.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":85.0,"rate_limit_clarity":10.0,"tls_enforcement":80.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":60.0,"secret_handling":70.0,"security_notes":"Execution is explicitly disabled by default (ART_EXECUTION_ENABLED=false) with a warning about dangerous security tests. Optional static bearer token authentication (ART_AUTH_TOKEN) can protect remote hosting, but it is static and appears coarse-grained (no scoped permissions). TLS transport enforcement is not explicitly stated in the provided text; transport is configurable (ART_MCP_TRANSPORT). Secrets guidance recommends not committing tokens, implying expected safe handling.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":40.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"No explicit idempotency guarantees described. Tools include refresh/download and optional execution, which are likely non-idempotent depending on implementation.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["execute_atomic is disabled by default; enabling ART_EXECUTION_ENABLED can cause potentially dangerous system changes","If auth is not configured (ART_AUTH_TOKEN unset), an MCP server may be accessible without authentication when exposed remotely"]}}