MCP Hub
Back to servers

sentinel-mcp

An MCP server for AI-powered API testing that enables automated positive, negative, and security testing directly from AI chat interfaces. It supports multiple AI providers and generates detailed security reports.

glama
Updated
Apr 21, 2026

sentinel-mcp

MCP Server untuk AI-powered API testing — positive, negative, dan security testing langsung dari chat AI.

Fitur

  • 3 jenis testing: positive (happy path), negative (edge case), security (SQLi, XSS, auth, dll)
  • Multi AI provider: Ollama (local), Claude, OpenAI, Gemini — bisa switch per perintah
  • Auto report: hasil analisis AI langsung disimpan sebagai Markdown
  • MCP native: langsung dipakai dari Claude Desktop, Cursor, Windsurf, Cline

Struktur Project

sentinel-mcp/
├── src/
│   ├── index.ts              # MCP server entry point
│   ├── types.ts              # Type definitions
│   ├── tools/
│   │   └── apiTest.ts        # MCP tool handlers
│   ├── runner/
│   │   ├── runner.ts         # HTTP test engine
│   │   └── loader.ts         # YAML config loader
│   ├── providers/
│   │   ├── factory.ts        # Provider resolver
│   │   ├── prompt.ts         # Shared prompt builder
│   │   ├── ollama.ts         # Ollama adapter
│   │   ├── claude.ts         # Claude adapter
│   │   ├── openai.ts         # OpenAI adapter
│   │   └── gemini.ts         # Gemini adapter
│   └── reports/
│       └── generator.ts      # Markdown report generator
├── tests/endpoints/
│   └── suite.yaml            # Definisi endpoint yang ditest
├── reports/                  # Output report (auto-created)
├── .env.example
└── claude_desktop_config.example.json

Quick Start

1. Install dependencies

cd sentinel-mcp
npm install

2. Setup environment

cp .env.example .env
# Edit .env sesuai kebutuhanmu

3. Install Ollama (untuk local AI)

# macOS / Linux
curl -fsSL https://ollama.ai/install.sh | sh
ollama pull llama3

4. Definisikan endpoint di suite.yaml

Edit tests/endpoints/suite.yaml sesuai API kamu.

5. Daftarkan ke Claude Desktop

Salin isi claude_desktop_config.example.json ke:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Ganti path absolut sesuai lokasi project kamu, lalu restart Claude Desktop.

Cara Pakai di Chat

# Test semua endpoint, pakai provider default
"test semua endpoint API saya"

# Test endpoint tertentu
"test endpoint login"

# Ganti provider saat testing
"test semua endpoint pakai claude"
"jalankan security test pakai openai"
"test endpoint create-user pakai gemini"

# Cek provider yang tersedia
"provider apa yang tersedia?"

Security Testing yang Dilakukan

TestDeskripsi
No AuthAkses endpoint tanpa Authorization header
SQL InjectionPayload ' OR 1=1-- dan variasinya
XSSPayload <script>alert(1)</script> dan reflection check
Info LeakCek apakah error response bocorkan stack trace / SQL
Oversized PayloadKirim 100KB payload untuk cek DoS resistance

Format Report

Report disimpan di folder reports/ dengan nama YYYY-MM-DD-[provider].md.

Isi report:

  • Skor keseluruhan (0-100)
  • Ringkasan dari AI
  • Daftar bug dengan severity dan rekomendasi fix
  • Temuan keamanan dengan cara mitigasi
  • Detail per endpoint (semua test case)

Menambah Endpoint Baru

Edit tests/endpoints/suite.yaml:

- name: nama-endpoint
  method: POST          # GET | POST | PUT | PATCH | DELETE
  path: /api/resource
  auth: true            # sertakan Authorization header?
  expectedStatus: 201
  body:
    field: value
  expectedFields:
    - id
    - name

Reviews

No reviews yet

Sign in to write a review