playbooks

home / mcp / securityhub mcp server

SecurityHub MCP Server

MCP Server generated by mcp.ag2.ai

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "anaskhillo-aws-securityhub": {
      "url": "https://api.apis.guru/v2/specs/amazonaws.com/securityhub/2018-10-26/openapi.json",
      "headers": {
        "CONFIG": "{\"servers\": [...] }",
        "SECURITY": "API_KEY=abc123",
        "CONFIG_PATH": "path/to/config.json"
      }
    }
  }
}

You run an MCP (Multi-Agent Conversation Protocol) server that exposes an OpenAPI-based interface for AWS SecurityHub. You can connect to a remote MCP endpoint or run a local MCP server and talk to it from your client to perform authorized actions, fetch data, and automate workflows without writing repetitive integration code.

How to use

Connect to the HTTP MCP endpoint to access the AWS SecurityHub API surface through your MCP client. You can also run a local MCP server instance and interact with it via the chosen transport mode (stdio or sse). In both cases, your client sends requests following the MCP protocol and receives structured responses that you can route into your automation, dashboards, or tooling.

How to install

# Prerequisites
Python 3.9+
pip and uv

# Step 1: Install dependencies
# If you are using a development environment with a preconfigured container:
pip install -e ".[dev]"

# If you are not using the dev container, you can install directly with the editable flag
pip install -e ".[dev]"

# Alternatively, you can use uv to run the editable install (if you prefer)
uv pip install --editable ".[dev]"

# Step 2: Start the local MCP server in stdio mode
python mcp_server/main.py stdio

# Step 3: Optional runtime environment variables for configuration
# CONFIG_PATH - Path to a JSON configuration file
# CONFIG - JSON string containing the configuration
# SECURITY - Environment variables for security parameters (e.g., API keys)

Additional sections

Configuration and runtime notes help you tailor the MCP server to your environment. The server supports multiple transport modes, including stdio and sse. When starting a local server, you can point to a configuration via environment variables like CONFIG_PATH or CONFIG, and you can secure access using SECURITY-related parameters.

Development and quality practices are in place to keep the project healthy. Linting is performed with Ruff, static typing with MyPy, and tests with PyTest. You can also run static analysis tools through a dedicated script to verify code quality and security posture.

Available tools

lint

Run linting to ensure code quality using Ruff.

format

Format code using Ruff to maintain consistent style.

static_analysis

Perform static analysis (mypy, bandit, semgrep) to catch type and security issues.

tests

Run tests with pytest and generate a coverage report.

precommit

Run pre-commit hooks to catch issues before committing.