Developers / Developer Tooling

Expose Cosantoir runtime evaluations as MCP tools for agents and internal operator workflows.

7 categories27 pagesUpdated Jan 1, 1970

# MCP Server @cosantoir/mcp turns the production runtime modules into MCP tools. It is designed for incident review, release checks, support triage, and agentic security workflows that need the real Cosantoir backend contract. ## Install ``bash npm install -D @cosantoir/mcp ` ## Environment `bash COSANTOIR_API_KEY=dp_live_example ` The server also reads ~/.cosantoir/config.json, so cosantoir login and cosantoir-mcp share the same local credential source. Runtime API keys identify the billable Cosantoir workspace, project, site, environment, and policy set; pass userId to tools when an agent is evaluating a request for a specific SaaS customer. ## Tools - check_runtime for API-key readiness, site resolution, policy, billing, and requested module scopes. - lookup_ip for IP reputation, network, privacy, and recommended action. - validate_email for syntax, domain, MX, disposable, and abuse checks, with optional userId. - consume_rate_limit for route-aware rate-limit verification, with optional userId. - evaluate_waf_rule for managed and custom WAF policy decisions, with optional userId. - evaluate_signup for combined signup fraud decisions, with optional userId. - evaluate_bot for verified-bot and automation scoring, with optional userId. ## Client Configuration `json { "mcpServers": { "cosantoir": { "command": "cosantoir-mcp", "env": { "COSANTOIR_API_KEY": "set-your-runtime-api-key" } } } } ` MCP tool calls return the same response envelope as the SDK: siteId, result`, request ids, correlation ids, and backend headers.

Last updated Jan 1, 1970