API ReferenceMCP Integration

MCP Integration

The Model Context Protocol (MCP) server allows AI assistants like Claude Code to interact with ClawNex tools directly during conversations.

Server Details

PropertyValue
Server nameclawnex
Protocol version2024-11-05
Primary transportstdio (JSON-RPC 2.0)
Optional transportHTTP SSE
Default HTTP port5002 (configurable via MCP_PORT)

Starting the Server

Stdio mode (default, for Claude Code):

npx tsx ~/sentinel/src/mcp/server.ts

HTTP SSE mode (for browser-based or remote clients):

MCP_ENABLED=1 MCP_PORT=5002 npx tsx ~/sentinel/src/mcp/server.ts

HTTP mode provides:

  • GET /sse — Server-Sent Events stream
  • POST /message — JSON-RPC message endpoint
  • GET /health — Health check

RBAC and MCP

The MCP server is not affected by RBAC. It runs on a separate port with localhost-only CORS and calls internal API routes on 127.0.0.1:5001 directly. No session cookies or CSRF tokens are needed.

Available Tools

shield_scan

Scan text through the 155-rule prompt shield.

Input: text (required), direction (optional: inbound or outbound)

Verdict: BLOCK | Score: 85
Detections: prompt-injection-override, system-prompt-extraction

check_posture

Get the current security posture including threat score, posture score, and service health.

Input: none

Threat Score: 23 | Posture Score: 82
Services: shield: healthy, proxy: healthy, database: healthy

query_threats

Get active security alerts and threats.

Input: severity (optional), limit (optional, default 20)

Active Alerts (3):
1. [CRITICAL] Prompt injection detected in production traffic
2. [HIGH] Unusual token consumption spike
3. [MEDIUM] New agent registered without approval

review_audit

Query the audit trail for recent security events.

Input: action (optional), since (optional ISO 8601), limit (optional, default 20)

Audit Events (2):
1. [2026-04-08T10:00:00Z] api_key_created: Created API key "CI/CD Pipeline"
2. [2026-04-08T09:30:00Z] setting_changed: Updated proxy_block_mode to "on"

manage_access

Add or remove entries in access control lists.

Input: action (add/remove), list_type (allow/deny), entry_type (IP/DOMAIN), value, reason (optional)

Successfully added DOMAIN "malicious-site.com" to deny list.

Claude Code Configuration

Add to your Claude Code MCP configuration:

{
  "mcpServers": {
    "clawnex": {
      "command": "npx",
      "args": ["tsx", "/path/to/sentinel/src/mcp/server.ts"]
    }
  }
}
Public API (v1)Standalone