Ayurak / Aristiun · MCP Server

See every risk in your system.
Then fix it — from your assistant.

Threat modeling, code, cloud, pipelines, shadow AI and compliance — as one server you call from ChatGPT, Claude, Gemini or your CLI over MCP. It doesn't just find your risk. It fixes it.

One endpointOAuth 2.1In the MCP registry
Aribot — call your AI security agent from ChatGPT, Gemini, Claude or your CLI
STRIDE + LINDDUNthreat modeling
AWS · Azure · GCPcloud posture
NIST · ISO 27001 · SOC 2compliance coverage
Detect → Heal → Verifyit fixes what it finds
One model, not five tools

Unified threat modeling. Security, cloud, compliance and cost — in one graph.

Aribot builds one threat model per system and layers every discipline onto it — then keeps every link traceable, from the threat all the way to the fix.

Security

STRIDE + LINDDUN
  • Threats per component and data flow
  • Attack paths and blast radius
  • Reachability-verified in real code

Cloud

AWS · Azure · GCP
  • Live posture folded into the model
  • Misconfiguration → threat → control
  • CIS and NIST aligned

Compliance

NIST · ISO 27001 · SOC 2
  • Each threat mapped to the controls it breaks
  • Framework coverage and control status
  • See what a scan already satisfies

Economics

Value at risk
  • Business impact × exposure, per threat
  • Cost of the fix, priced up front
  • Dollars saved once it’s healed

Traceability

End to end
  • One graph across every discipline
  • Query any link, in either direction
  • Evidence for every finding and fix
ThreatRequirementControlFrameworkCodeFix
How it works

Connect once. Then just ask.

Point your AI tool at one MCP endpoint, approve a scoped sign-in, and run real security work in the assistant you already use — no new dashboard.

Connect an assistant →
  1. 1Connect — add the MCP server, approve the OAuth prompt.
  2. 2Ask — "threat-model this design", "scan this repo", "find shadow AI".
  3. 3It fixes it — returns the fix, applies it on approval, and shows you it worked.
The engine room

Everything it does. Four engines.

Not one appointment — a set of security agents behind one governed endpoint, with threat modeling at the core and a fix at the end of every finding.

Threat modeling

The lead capability
  • STRIDE and LINDDUN, per component and data flow
  • Mapped to NIST / ISO 27001 / SOC 2 controls
  • Traceability: threat → control → fix
  • Verify a threat is really reachable in code

Code & pipeline

  • Static analysis of a connected repo
  • CI/CD and supply-chain checks
  • Generate an SBOM
  • Catch risky steps before they ship

Cloud & compliance

  • Posture across AWS, Azure and GCP
  • Aligned to CIS and NIST
  • Framework coverage and control status
  • See what a scan already satisfies

Discover & fix

  • Find shadow AI and ungoverned APIs
  • Assess third-party vendor posture
  • Get the fix — code, cloud, or IaC
  • Apply it under approval; confirm it worked
Connect in a minute

Point any MCP client at one URL.

Claude & Claude Code
Add the server and approve the OAuth prompt.
claude mcp add --transport http aribot https://mcp.aribot.ayurak.com/mcp
ChatGPT
Settings → Connectors → Add → paste https://mcp.aribot.ayurak.com/mcp and approve.
Gemini / any MCP client
Point it at https://mcp.aribot.ayurak.com/mcp. OAuth auto-discovers at /.well-known/oauth-authorization-server.
Official MCP registry
Listed as io.github.aristiun/aribot — installable from Cursor, VS Code, Claude Desktop and more.
Endpoints & auth

Everything you need to connect.

MCP serverhttps://mcp.aribot.ayurak.com/mcp
TransportStreamable HTTP
AuthOAuth 2.1 — Authorization Code + PKCE, Dynamic Client Registration
Discoveryhttps://mcp.aribot.ayurak.com/.well-known/oauth-authorization-server
Scopesread:findings read:threatmodel read:insights run:scan run:codereview write:threatmodel run:remediation
Registryio.github.aristiun/aribot

Every call is checked against your licence, the scopes you granted, your team's roles and your tenant boundary. Usage is metered; every action is logged. No company ever sees another's data.

Tools

The MCP tools it exposes.

generate_threat_modelverify_threats_in_codeget_traceabilityget_framework_coveragediscover_shadow_aiget_api_securityget_cloud_complianceget_remediationget_billing