Pangea MCP Server

Pangea MCP Server

A Model Context Protocol server that provides Claude with access to Pangea's security services, including AI Guard, Domain Intel, Embargo checks, IP Intelligence, Redaction, Secure Audit Log, URL Intelligence, and Vault services.

Category
访问服务器

README

Pangea MCP Server

A Model Context Protocol (MCP) server that provides integration with Pangea APIs.

sample output

Prerequisites

  • Node.js v22.15.0 or greater.
  • A Pangea API token with access to all of AI Guard, Domain Intel, Embargo, IP Intel, Redact, Secure Audit Log, URL Intel, and Vault. This token needs to be stored in Pangea Vault. See Service Tokens for documentation on how to create and manage Pangea API tokens.
  • A Pangea API token with access to Vault. This will be used to fetch the above token at runtime.
  • A Pangea Secure Audit Log configuration with the "Standard Audit Log Config" schema. See Multiple Service Configurations for documentation on how to create a new Secure Audit Log configuration. Note down the configuration ID for later.

The first API token may look like:

sample API token

Pangea setup from scratch

This section will go over how to set up a brand new Pangea account for this MCP server.

  1. Create a Pangea account at https://pangea.cloud/signup. During the account creation process, an organization (top-level group) and project (individual app) will be created as well. On the "Get started with a common service" dialog, just click on the Skip button to get redirected to the developer console.
  2. In the developer console, there will be a list of services in the left hand panel. Click on the Vault service to enable it. Vault provides secure storage of secrets, cryptographic keys, and Pangea API tokens.
  3. In the modal, there will be a prompt to create a new Pangea API token or to extend an existing one. Choose Create a new token and click on Done. This is the token that will be used later as the PANGEA_VAULT_TOKEN environment variable.
  4. In the left hand panel, click on the Secure Audit Log service to enable it. Secure Audit Log provides transparent, immutable, and cryptographically verifiable tamperproof audit logging.
  5. Continue with the default Standard Audit Log schema.
  6. In the modal, there will be a prompt to create a new Pangea API token or to extend an existing one. Choose Create a new token. Ensure that the Store token in Vault checkbox is checked, then click Done.
  7. The Config ID displayed on the destination page is what will be used later as the PANGEA_AUDIT_CONFIG_ID environment variable.
  8. Now the second token that was created must be extended to the rest of Pangea's services. For each of the following services, click on its respective item in the left hand panel and, in the modal that appears, choose Extend an existing token. Select the token that was created in the previous step (not the first token that was created for Vault alone), then click Done.
    1. AI Guard — Protects data and interactions with LLMs.
    2. Domain Intel — Retrieves intelligence data for submitted domains. Supported providers: DomainTools, CrowdStrike, WhoisXML API.
    3. Embargo — Checks IPs and country codes against known sanction and trade embargo lists.
    4. IP Intel — IP monitoring. Supported providers: Team CYMRU, CrowdStrike, Digital Element.
    5. Redact — Controls sensitive information by performing redaction using defined rules.
    6. URL Intel — Retrieves intelligence about known URLs. Supported provider: CrowdStrike.
    7. Vault — Secure storage of secrets, cryptographic keys, and Pangea API tokens.
  9. Navigate to https://console.pangea.cloud/project/credentials. The token that has been extended to all of the above services should be displayed with a "Stored" indicator under the Vault column. Click on that to navigate straight to the Vault item that contains that token. The ID of this item is what will be used as the PANGEA_VAULT_ITEM_ID environment variable.

Usage with Claude Desktop

Edit the following configuration file (create it if it does not exist):

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json

Replace (or merge) the file contents with the following:

{
  "mcpServers": {
    "pangea": {
      "command": "npx",
      "args": ["-y", "@pangeacyber/mcp-server"],
      "env": {
        "PANGEA_VAULT_TOKEN": "pts_00000000000000000000000000000000",
        "PANGEA_VAULT_ITEM_ID": "pvi_00000000000000000000000000000000",
        "PANGEA_AUDIT_CONFIG_ID": "pci_00000000000000000000000000000000"
      }
    }
  }
}
  1. Update the PANGEA_VAULT_TOKEN value to the Pangea Vault API token.
  2. Update the PANGEA_VAULT_ITEM_ID value to the Vault item ID that contains the API token that will be used to call all other Pangea services.
  3. Update the PANGEA_AUDIT_CONFIG_ID value to the Secure Audit Log configuration ID.
  4. Restart Claude Desktop.

Tools

AI Guard

  • prompt_guard — Analyze and redact text to avoid manipulation of the model, addition of malicious content, and other undesirable data transfers.

Domain Intel

  • lookup_domain_reputation — Look up reputation score(s) for one or more domains.
  • whois — Retrieve WHOIS (an Internet resource's registered users or assignees) for a domain.

Embargo

  • check_ip_embargo — Check one or more IP addresses against known sanction and trade embargo lists.
  • check_iso_code_embargo — Check a country code against known sanction and trade embargo lists.

File Intel

  • lookup_file_reputation — Retrieve a reputation score for a set of file hashes.

IP Intel

  • lookup_ip_address_reputation — Look up reputation score(s) for one or more IP addresses.
  • lookup_domain_from_ip_address — Retrieve the domain name associated with one or more IP addresses.
  • is_proxy — Determine if one or more IP addresses originate from a proxy.
  • is_vpn — Determine if one or more IP addresses originate from a VPN.
  • geolocate — Geolocate, or retrieve location information associated with, one or more IP addresses.

Redact

  • redact — Redact sensitive information from provided text.

Secure Audit Log

  • log_entry — Create a log entry in the Secure Audit Log.
  • search_log — Search the Secure Audit Log.

URL Intel

  • lookup_url_reputation — Look up reputation score(s) for one or more URLs.

Vault

  • get_vault_item — Retrieve details for a Vault key, secret, token, or folder.
  • list_vault_items — Retrieve an array of Vault items matching a given filter, including secrets, keys, tokens, and folders, along with their common details.
  • delete_vault_item — Delete a Vault key, secret, token, or folder.
  • generate_key — Generate a symmetric or asymmetric key.

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
e2b-mcp-server

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方
精选
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选