A community-driven registry for the Claude Code ecosystem. Not affiliated with Anthropic.
Are you the author? Sign in to claim
MCP server for AI agent for cybersecurity: automate assessment of documents, questionnaires & reports. Multi-format pars
DocSentinel
AI-powered SSDLC platform — Secure your software from requirements to operations
DocSentinel is an AI-powered SSDLC (Secure Software Development Lifecycle) platform for security teams. It automates security activities across all six phases of the software development lifecycle using intelligent AI agents orchestrated by LangGraph and powered by LangChain. It automates the review of security-related documents, forms, and reports — from requirements and design through development, testing, deployment, and operations — comparing inputs against your policy and knowledge base to produce structured assessment reports with risks, compliance gaps, and remediation suggestions.
Instead of only reviewing documents at the pre-release stage, DocSentinel embeds security from day one:
| SSDLC Phase | What DocSentinel Does |
|---|---|
| Requirements | Extract security requirements, identify compliance obligations (GDPR, PCI DSS, SOC2) |
| Design | Automated threat modeling (STRIDE/DREAD), security architecture review, SDR reports |
| Development | Secure coding assessment, SAST findings triage, coding guidance |
| Testing | SAST/DAST report analysis, penetration test review, vulnerability prioritization |
| Deployment | Configuration security review, hardening assessment, release sign-off |
| Operations | Vulnerability monitoring, incident response assistance, log audit |
Built as a React console + headless API + MCP service, DocSentinel integrates into local security review workflows, CI/CD pipelines, AI agents (Claude Desktop, Cursor, OpenClaw), and existing security operations.
Ideal for enterprises that need to scale security assessments across many projects and SSDLC stages without proportionally scaling headcount.
| Pain Point | DocSentinel Solution |
|---|---|
| Fragmented SSDLC coverage Most tools only address testing/deployment. | Full lifecycle agents cover all 6 SSDLC phases with dedicated AI personas. |
| Fragmented criteria Policies, standards, and precedents are scattered. | Single knowledge base ensures consistent findings and traceability. |
| No automated threat modeling Threat models are created ad-hoc. | Design Agent generates STRIDE/DREAD threat models from architecture docs. |
| Heavy questionnaire workflow Endless review cycles. | Automated first-pass and gap analysis reduces manual back-and-forth rounds. |
| SAST/DAST report overload Too many findings, too little context. | Testing Agent triages, prioritizes, and maps findings to threat models. |
| Pre-release review pressure Everything lands on security at the end. | Shift-left approach catches issues early in requirements and design. Structured reports help reviewers focus on decision-making. |
| Scale vs. consistency Manual reviews vary by reviewer. | LangGraph workflows and unified pipeline ensure consistent, auditable assessment across projects. |
| SSDLC coverage gaps Security involvement is uneven across lifecycle stages; early stages get less scrutiny. | Stage-aware assessment covers all 6 SSDLC stages with dedicated skills and checklists. |
See the full problem statement and SSDLC phase details in SPEC.md.
DocSentinel is built on a React Console plus FastAPI/MCP access layer, with LangGraph for stateful agent orchestration and LangChain for unified LLM access. Six phase-specific agents are coordinated by a graph-based state machine with cross-phase context sharing. The orchestrator coordinates parsing, SSDLC stage routing, the knowledge base (RAG), skills, and the LLM. You can use cloud or local LLMs and optional integrations (e.g. AAD, ServiceNow) as your environment requires.
flowchart TB
subgraph User["User / Security Staff"]
end
subgraph Access["Access Layer"]
Console["React Console<br/>(Vite + Tailwind)"]
API["REST API<br/>(FastAPI)"]
MCP["MCP Server<br/>(stdio)"]
end
subgraph Orchestration["SSDLC Orchestration (LangGraph)"]
Router["Phase Router"]
A1["Requirements Agent"]
A2["Design Agent"]
A3["Development Agent"]
A4["Testing Agent"]
A5["Deployment Agent"]
A6["Operations Agent"]
end
subgraph Core["Core Services"]
KB["Knowledge Base (RAG)"]
Parser["Parser"]
Skill["Skills"]
Mem["Memory"]
end
subgraph LLM["LLM Layer (LangChain)"]
Abst["LLM Abstraction"]
end
subgraph Backends["LLM Backends"]
Cloud["OpenAI / Claude / Qwen"]
Local["Ollama / vLLM"]
end
User --> Console
User --> API
Console --> API
User --> MCP
API --> Router
MCP --> Router
Router --> A1 & A2 & A3 & A4 & A5 & A6
A1 & A2 & A3 & A4 & A5 & A6 --> KB & Parser & Skill
A1 & A2 & A3 & A4 & A5 & A6 --> Abst
Abst --> Cloud & Local
Data flow (simplified):
Detailed architecture: ARCHITECTURE.md and docs/01-architecture-and-tech-stack.md.
Six dedicated AI agents, each with phase-specific skills, prompts, and knowledge base collections. Run individual phases or a full end-to-end SSDLC assessment:
Submit security questionnaires, design documents, or audit reports. DocSentinel analyzes them using configured LLMs and identifies:
Upload your organization's security policies, standards, and past audits. Phase-specific collections ensure each agent retrieves the most relevant context:
Powered by LangChain + LangGraph — stateful, graph-based agent workflows with conditional routing per SSDLC stage. Parallel execution of Policy and Evidence agents, followed by Drafter and Reviewer agents.
Designed as a headless service. Integrate into CI/CD pipelines via REST API, or use as a super-tool within AI agents (Claude Desktop, Cursor, OpenClaw) via MCP.
Connect DocSentinel to Claude Desktop, Cursor, or OpenClaw to use it as a powerful SSDLC security skill.
Once connected, you can ask your AI agent:
"Analyze the attached
requirements.pdffor missing security requirements using DocSentinel.""Run a STRIDE threat model on
system-design.pdfusing the Design Agent.""Triage these SonarQube SAST findings and prioritize by risk."
Add to your claude_desktop_config.json:
{
"mcpServers": {
"docsentinel": {
"command": "/path/to/DocSentinel/.venv/bin/python",
"args": ["/path/to/DocSentinel/app/mcp_server.py"],
"env": {
"OPENAI_API_KEY": "sk-...",
"CHROMA_PERSIST_DIR": "/absolute/path/to/data/chroma"
}
}
}
}
docsentinelstdio/path/to/DocSentinel/.venv/bin/python/path/to/DocSentinel/app/mcp_server.pySee full guide in docs/06-agent-integration.md.
git clone https://github.com/arthurpanhku/DocSentinel.git
cd DocSentinel
chmod +x deploy.sh
./deploy.sh
Prerequisites: Python 3.10+. Optional: Ollama (ollama pull llama2).
git clone https://github.com/arthurpanhku/DocSentinel.git
cd DocSentinel
python3 -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install -r requirements.txt
cp .env.example .env # Edit if needed: LLM_PROVIDER=ollama or openai
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000
DocSentinel includes a React + TypeScript + Vite + Tailwind CSS console for assessments, knowledge base operations, skills, and system status.
npm install --prefix frontend
npm run build --prefix frontend
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000
Open http://localhost:8000/console. For frontend-only development, run:
npm run dev --prefix frontend
The Vite dev server proxies /api, /health, and /config to http://localhost:8000.
The Settings page can update the running server's LLM provider, model, base URL, and API key. API keys are only returned to the UI as masked previews. For persistent startup defaults, set the matching values in .env.
# Run a Design phase assessment (threat modeling)
curl -X POST "http://localhost:8000/api/v1/assessments" \
-F "files=@examples/architecture-doc.pdf" \
-F "phase=design" \
-F "scenario_id=threat-modeling"
# Response: { "task_id": "...", "status": "accepted" }
# Get the result
curl "http://localhost:8000/api/v1/assessments/TASK_ID"
# Upload a security policy to the requirements KB collection
curl -X POST "http://localhost:8000/api/v1/kb/documents" \
-F "file=@examples/sample-policy.txt" \
-F "collection=kb_requirements"
# Query the KB (RAG)
curl -X POST "http://localhost:8000/api/v1/kb/query" \
-H "Content-Type: application/json" \
-d '{"query": "What are the access control requirements?", "top_k": 5}'
A hosted deployment is available on Fronteir AI.
DocSentinel/
├── frontend/ # React + TypeScript + Vite + Tailwind console
├── app/ # Application code
│ ├── api/ # REST routes: assessments, KB, health, skills
│ ├── agent/ # LangGraph orchestrator, phase agents, skills
│ │ ├── orchestrator.py # LangGraph state machine & phase routing
│ │ ├── agents/ # Phase-specific agent implementations
│ │ ├── ssdlc/ # SSDLC pipeline: stage router, stage skills, checklists
│ │ ├── skills_registry.py # Built-in skills per SSDLC phase
│ │ └── skills_service.py # Skill CRUD and management
│ ├── core/ # Config, guardrails, security, DB
│ ├── kb/ # Knowledge Base (Chroma + LightRAG graph RAG)
│ ├── llm/ # LangChain LLM abstraction (OpenAI, Ollama)
│ ├── parser/ # Document parsing (Docling + SAST/DAST + legacy)
│ ├── models/ # Pydantic / SQLModel models
│ ├── main.py # FastAPI app entry point
│ └── mcp_server.py # MCP Server for agent integration
├── tests/ # Automated tests (pytest)
├── examples/ # Sample files (questionnaires, policies, reports)
├── docs/ # Design & Spec documentation
│ ├── 01-architecture-and-tech-stack.md
│ ├── 02-api-specification.yaml
│ ├── 03-assessment-report-and-skill-contract.md
│ ├── 04-integration-guide.md
│ ├── 05-deployment-runbook.md
│ ├── 06-agent-integration.md
│ └── schemas/
├── .github/ # Issue/PR templates, CI (Actions)
├── Dockerfile
├── docker-compose.yml
├── docker-compose.ollama.yml
├── CONTRIBUTING.md
├── CODE_OF_CONDUCT.md
├── CHANGELOG.md
├── SPEC.md # PRD with SSDLC phase definitions
├── ARCHITECTURE.md # System architecture with LangGraph design
├── LICENSE
├── SECURITY.md
├── requirements.txt
├── requirements-dev.txt
└── .env.example
| Variable | Description | Default |
|---|---|---|
LLM_PROVIDER | ollama or openai | ollama |
OLLAMA_BASE_URL / OLLAMA_MODEL | Local LLM | http://localhost:11434 / llama2 |
OPENAI_API_KEY / OPENAI_MODEL | OpenAI | -- |
ANTHROPIC_API_KEY / ANTHROPIC_MODEL | Anthropic Claude | -- / claude-3-5-sonnet-latest |
QWEN_API_KEY / QWEN_MODEL | Qwen DashScope OpenAI-compatible API | -- / qwen-plus |
DEEPSEEK_API_KEY / DEEPSEEK_MODEL | DeepSeek OpenAI-compatible API | -- / deepseek-chat |
COMPAT_API_KEY / COMPAT_BASE_URL / COMPAT_MODEL | Any OpenAI-compatible hosted API | -- |
LOCAL_API_KEY / LOCAL_BASE_URL / LOCAL_MODEL | Local OpenAI-compatible API | -- / http://localhost:1234/v1 / local-model |
CHROMA_PERSIST_DIR | Vector DB path | ./data/chroma |
PARSER_ENGINE | Parser: auto, docling, or legacy | auto |
ENABLE_GRAPH_RAG | Enable LightRAG graph retrieval | true |
LANGGRAPH_CHECKPOINT_DIR | LangGraph checkpoint persistence | ./data/checkpoints |
SSDLC_DEFAULT_PHASES | Default phases for full assessment | requirements,design,development,testing,deployment,operations |
SSDLC_DEFAULT_STAGE | Default SSDLC stage if not specified | auto |
UPLOAD_MAX_FILE_SIZE_MB / UPLOAD_MAX_FILES | Upload limits | 50 / 10 |
See .env.example and docs/05-deployment-runbook.md for full options.
| Layer | Technology | Purpose |
|---|---|---|
| Agent Orchestration | LangGraph | Stateful graph-based SSDLC workflow engine |
| LLM Framework | LangChain | Unified LLM abstraction, prompts, tools, RAG |
| Web/API | FastAPI | Async REST API with auto OpenAPI |
| Vector Store | ChromaDB + LightRAG | Hybrid vector + graph RAG |
| Parsing | Docling + legacy fallback | Multi-format document parsing |
| LLM Providers | OpenAI, Ollama | Cloud and local LLM support |
| Language | Python 3.10+ | Primary development language |
chmod +x test_integration.sh
./test_integration.sh
pip install -r requirements-dev.txt
pytest
pytest tests/test_skills_api.py # Run specific test
Issues and Pull Requests are welcome. Please read CONTRIBUTING.md for setup, tests, and commit guidelines. By participating you agree to the CODE_OF_CONDUCT.md.
AI-Assisted Contribution: We encourage using AI tools to contribute! Check out CONTRIBUTING_WITH_AI.md for best practices.
Submit a Skill Template: Have a great security persona for an SSDLC phase? Submit a Skill Template or add it to examples/templates/.
This project is licensed under the MIT License — see the LICENSE file for details.
If you use DocSentinel in your organization or contribute back, we'd love to hear from you (e.g. via GitHub Discussions or Issues).
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
Browser automation using accessibility snapshots instead of screenshots
English-first Korean equity intelligence MCP — DART filings, foreign-holder 5%-rule flows, activist filings, KRX news. F
Unity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control sc
