Spectra Assure Community MCP Server

The ReversingLabs Spectra Assure Community MCP Server checks open source packages for malware, vulnerabilities, tampering, and policy violations using Spectra Assure Community data.

It runs as a Docker container and integrates with any MCP client (Gemini CLI, Claude Desktop, Claude Code, Cursor, and more) to enable on-demand security analysis directly within your development environment.

Table of Contents

• Spectra Assure Community MCP Server
  • Table of Contents
  • Overview
    • Tools
      • rl_protect_scan
      • rl_protect_scan_manifest
      • rl_protect_summarize
      • rl_protect_interpret
      • rl_protect_diff_behavior
      • rl_protect_report
    • Examples
      • Example 1: Checking a specific package version
      • Example 2: Scanning a manifest file
      • Example 3: Comparing package versions
    • Adjusting tool usage with custom prompts
  • Installation and usage
    • Getting the Docker image
    • Mounting your project directory
    • Example setup with Gemini CLI
    • Example setup with Claude Code
    • Example setup with Claude Desktop
    • Example setup with Ollama + Continue (Visual Studio Code)
  • Configuration reference
    • Authentication
    • Scan options
    • Network

Overview

Tools

rl_protect_scan

Scan open source packages for supply chain risk. Call this tool before adding, recommending, or importing any open source package. A REJECT result means the package has violated configured policy and should not be used.

Arguments:

• purls (str, required): A comma-separated list of package PURLs. Version is optional; omitting it scans the latest version.

  Examples:

  pkg:npm/react@19.1.5,pkg:pypi/requests@2.32.3
  

  pkg:npm/express
  

• report_name (str, required): A descriptive name for the report (e.g. "express-scan", "deps-update"). A random suffix is appended automatically to avoid collisions.

• profile (str, optional): Scanning profile keyword (minimal, baseline, hardened) or path to a custom profile. Default: hardened.

• check_deps (str, optional): Comma-separated dependency scopes to scan. Must include release or develop. Values: release, develop, optional, transitive. Default: release only.

Returns:

A compact JSON summary. Use rl_protect_summarize for full assessment detail on any package.

{
  "report_id": "express-scan-a1b2c3d4",
  "metadata": { "timestamp": "...", "duration": "...", "profile": "..." },
  "summary": { "reject": 0, "warn": 1, "pass": 0, "total": 1 },
  "packages": [
    {
      "purl": "pkg:npm/express@5.1.0",
      "recommendation": "APPROVE",
      "worst_status": "warning",
      "worst_label": "1 high severity vulnerabilities"
    }
  ],
  "errors": []
}

rl_protect_scan_manifest

Scan a manifest or lock file (package.json, requirements.txt, pyproject.toml, setup.cfg, Gemfile, gemspec) for supply chain risk. The file must be accessible inside the container via a volume mount.

Arguments:

• manifest_path (str, required): Container-relative path to the manifest file (e.g. "/project/package.json").
• report_name (str, required): A descriptive name for the report.
• profile (str, optional): Scanning profile keyword or path. If not specified, the predefined hardened profile is used by default.
• check_deps (str, optional): Comma-separated dependency scopes to scan. Must include release or develop. Values: release, develop, optional, transitive. Default: release only.

Returns:

The same compact JSON structure as rl_protect_scan. Use rl_protect_summarize for full assessment details on any package.

rl_protect_summarize

Summarize packages with issues from a saved report. Returns full assessment details (secrets, licenses, vulnerabilities, hardening, tampering, malware, repository) for packages with a REJECT recommendation or any non-pass result. Passing packages are omitted. Aggregate counts cover the full scan.

Arguments:

• report_id (str, required): The report_id returned by rl_protect_scan.

rl_protect_interpret

Extract a specific slice of a saved report as structured JSON.

Arguments:

• report_id (str, required): The report_id returned by rl_protect_scan.
• task (str, required): One of: vulnerabilities, indicators, malware, overrides, governance, dependencies, errors.
• package (str, optional): PURL substring to filter results to a specific package.

rl_protect_diff_behavior

Compare behaviors between two versions of the same package. Detects suspicious changes that may indicate supply chain tampering — assessment regressions, new malware indicators, added CVEs, and policy violations.

Arguments:

• package (str, required): Package name to compare (substring match).
• report_id (str): Report containing both versions (from a single scan).
• old_report_id / new_report_id (str): Separate reports for old and new versions.
• old_version / new_version (str, optional): Pin specific versions when more than two are present.
• reverse (bool, optional): Swap old and new (use when downgrading).

rl_protect_report

Generate a structured Markdown report from a saved scan report. The report includes a summary table, per-package assessment details, malware and governance callouts, a vulnerability table, and a prioritised version update plan.

Arguments:

• report_id (str, required): The report_id returned by rl_protect_scan.

• template (str, optional): Report template controlling the level of detail. Default: expanded.

  Template	Content
  concise	Summary table (linked to Spectra Assure Community) + Version Update Plan only
  expanded	Rejected packages with assessment, vulnerabilities, and license info
  verbose	Full detail: rejected + warnings + passing, assessment table, policy violations

• output_path (str, optional): Container path inside /output where the Markdown file will be written (e.g. "/output/report.md"). Requires the /output volume mount. When omitted, the Markdown is returned as a string.

Returns:

The file path (when output_path is provided) or a Markdown string (when omitted).

Examples

Example 1: Checking a specific package version

Prompt:

Check if @crowdstrike/commitlint version 8.1.2 is okay to use

The LLM calls rl_protect_scan with purls="pkg:npm/@crowdstrike/commitlint@8.1.2" and presents the results using the display format embedded in the tool description.

Example 2: Scanning a manifest file

Prompt:

Scan my project dependencies for security issues

The container must have the project directory mounted (-v /path/to/project:/project:ro). The LLM calls rl_protect_scan_manifest with the path to the manifest file (e.g. "/project/package.json"). It can then use rl_protect_interpret to drill into specific findings.

Example 3: Comparing package versions

Prompt:

I'm upgrading express from 4.21.0 to 5.1.0 — are there any new risks?

The LLM scans both versions together with rl_protect_scan, then calls rl_protect_diff_behavior with the report_id to compare assessment changes, new CVEs, and behavior indicator diffs between versions.

Adjusting tool usage with custom prompts

The tool descriptions influence how the LLM uses them. rl_protect_scan includes the hint "Call this tool before adding, recommending, or importing any open source package", which nudges proactive scanning. You can reinforce or adjust this behavior through your MCP client's system prompt or custom instructions.

Installation and usage

Prerequisites:

• Docker
• A ReversingLabs Spectra Assure account (Community or Enterprise)

Getting the Docker image

The image is on Docker Hub. Docker pulls it automatically on first run, so just configure your MCP client as shown below.

To build it yourself (e.g. to add a corporate CA certificate):

git clone https://github.com/reversinglabs/rl-mcp
docker build -t reversinglabs/rl-mcp-community:latest rl-mcp

Mounting your project directory

The container cannot access your host filesystem by default. Two optional volume mounts extend its capabilities:

Mount	Purpose	Access
-v /path/to/your/project:/project:ro	Manifest scanning with rl_protect_scan_manifest — pass container-relative paths like "/project/package.json"	Read-only
-v /path/to/your/reports:/output	Report file output with rl_protect_report — pass output_path="/output/report.md" to write there	Read-write

Keeping the project mount read-only ensures the container can never write back into your source tree. The /output mount is separate so write access is scoped only to the reports directory.

Add the relevant -v flags to the args array in your MCP client configuration. See the per-client examples below.

Example setup with Gemini CLI

Prerequisites:

• Gemini CLI

Add the following to your Gemini settings.json file:

• Windows: %USERPROFILE%\.gemini\settings.json
• macOS & Linux: ~/.gemini/settings.json

NOTE: A local .gemini/settings.json in your project's directory can override the global settings.

Community account:

{
  // ... other settings
  "mcpServers": {
    "rl_mcp_server": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "RL_TOKEN=rlcmm-your-token-here",
        "-v", "/path/to/your/project:/project:ro",  // optional: for manifest scanning
        "-v", "/path/to/your/reports:/output",       // optional: for report file output
        "reversinglabs/rl-mcp-community:latest"
      ]
    }
  }
}

Enterprise account:

{
  // ... other settings
  "mcpServers": {
    "rl_mcp_server": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "RL_TOKEN=rls3c-your-token-here",
        "-e", "RL_PORTAL_SERVER=https://my.secure.software/organization",
        "-e", "RL_PORTAL_ORG=MyOrganization",
        "-v", "/path/to/your/project:/project:ro",  // optional: for manifest scanning
        "-v", "/path/to/your/reports:/output",       // optional: for report file output
        "reversinglabs/rl-mcp-community:latest"
      ]
    }
  }
}

Example setup with Claude Code

claude mcp add --transport stdio rl-protect \
  -- docker run --rm -i \
  -e RL_TOKEN=rlcmm-your-token-here \
  -v /path/to/your/project:/project:ro \
  -v /path/to/your/reports:/output \
  reversinglabs/rl-mcp-community:latest

Note: the token must be passed via -e in the Docker args, not via --env, since --env sets variables on the host process and they don't propagate into the container. Both -v mounts are optional — see Mounting your project directory.

Example setup with Claude Desktop

Add to your Claude Desktop configuration file:

• Windows: %APPDATA%\Claude\claude_desktop_config.json
• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "rl-protect": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "RL_TOKEN=rlcmm-your-token-here",
        "-v", "/path/to/your/project:/project:ro",
        "-v", "/path/to/your/reports:/output",
        "reversinglabs/rl-mcp-community:latest"
      ]
    }
  }
}

Both -v mounts are optional — see Mounting your project directory.

Example setup with Ollama + Continue (Visual Studio Code)

Prerequisites:

• Ollama
• A local model from the Ollama Library (e.g., llama3.1:8b)
• Visual Studio Code
• The Continue VS Code extension

1. Add the MCP Server in Continue:

   • Open the Continue extension (left sidebar) and go to Settings -> Tools -> Add MCP Server.
   • This will create a new-mcp-server.yaml file in your workspace.

2. Configure the MCP Server:

   name: Spectra Assure Community MCP
   version: 0.0.1
   schema: v1
   mcpServers:
     - name: Spectra Assure Community MCP
       command: docker
       args:
         - run
         - --rm
         - -i
         - -e
         - RL_TOKEN=rlcmm-your-token-here
         - -v
         - /path/to/your/project:/project:ro  # optional: for manifest scanning
         - -v
         - /path/to/your/reports:/output      # optional: for report file output
         - reversinglabs/rl-mcp-community:latest
       env: {}

3. Verify the setup:

   • The server should appear under Continue Settings -> Tools -> MCP Servers and be running.

4. Configure the Continue Agent:

   • In Continue, use the Plan or Agent mode to interact with MCP Servers (Chat mode is not supported).
   • Select the Agent mode.
   • Add the local LLM you have installed (e.g., Llama 3.1 8B).

Configuration reference

All configuration is via environment variables passed to the container.

Authentication

Variable	Required	Description
RL_TOKEN	Yes	Spectra Assure Community token. Prefix determines account type: rlcmm = Community, rls3c = Enterprise.
RL_PORTAL_SERVER	Enterprise only	Portal server URL (e.g. https://my.secure.software/organization)
RL_PORTAL_ORG	Enterprise only	Portal organization name
RL_PORTAL_GROUP	No	Portal group (Enterprise only)

Scan options

Variable	Default	Description
RL_PROFILE	rl-protect default	Scan profile: minimum, baseline, hardened, or path to custom profile
RL_CONCURRENCY	—	Number of threads for dependency lookups
RL_SCAN_TIMEOUT	600	Scan timeout in seconds
RL_PROTECT_BIN	rl-protect	Path to the rl-protect binary
RL_REPORTS_DIR	/app/reports	Directory where scan reports are stored inside the container
RL_SCRIPTS_DIR	/app/scripts	Directory where interpretation scripts are located inside the container
RL_OUTPUT_DIR	/output	Directory where rl_protect_report writes Markdown files; mount a host directory here for access

Network

Variable	Description
RL_CA_PATH	Path to custom CA certificate store
RL_PROXY_SERVER	Proxy URL
RL_PROXY_PORT	Proxy port
RL_PROXY_USER	Proxy username
RL_PROXY_PASSWORD	Proxy password