SOLUTIONS · BY WHAT THEY TOUCH Payments Code & CI Data & databases Infrastructure Customer ops Org-wide rollout SOLUTIONS · BY AGENT TYPE Coding agents Customer-support agents Internal copilots Autonomous agents MCP DIRECTORY Tools Policies Risk Levels Token Cost MCP SECURITY MCP Security Attack Database MCP Incidents Compliance LEARN Blog Research State of MCP Glossary Integrations Compare Scan STACK CHECK DOCS PRICING GET STARTED

// MCP TOOL REFERENCE

RAD SECURITY TOOLS

55 tools from the RAD Security MCP Server, categorised by risk level.

View the RAD Security policy →

// ALL 55 RAD SECURITY TOOLS

READ 47 tools

Read get_cluster_details Get detailed information about a specific Kubernetes cluster managed by RAD Security Read get_container_details Get detailed information about a container secured by RAD Security Read get_container_llm_analysis Get LLM analysis of a container Read get_containers_baselines Get runtime baselines for multiple containers Read get_containers_process_trees Get process trees for multiple containers Read get_cve Get details for a specific CVE ID. Source: cve-search.org Read get_dashboard Get detailed information about a specific dashboard Read get_dashboard_template Get detailed information about a specific dashboard template Read get_identity_details Get detailed information about a specific identity in a Kubernetes cluster Read get_image_sbom Get the SBOM of a container image Read get_inbox_item_details Get detailed information about a specific inbox item Read get_k8s_resource_details Get the latest manifest of a Kubernetes resource Read get_k8s_resource_misconfig Get detailed information about a specific Kubernetes resource misconfiguration Read get_latest_30_cves Get the latest/newest 30 CVEs including CAPEC, CWE and CPE expansions. Source: cve-search.org Read get_top_vulnerable_images Get the most vulnerable images from your account Read get_widget_template Get detailed information about a specific widget template Read get_workflow Get detailed information about a specific workflow by ID. It contains the workflow definition, default argu... Read get_workflow_run Get detailed information about a specific workflow run Read list_clusters List Kubernetes clusters managed by RAD Security Read list_containers List containers secured by RAD Security with optional filtering by image name, image digest, namespace, clu... Read list_cve_products Get a list of all products associated with a vendor in the CVE database. Source: cve-search.org Read list_cve_vendors Get a list of all vendors in the CVE database. Source: cve-search.org Read list_dashboard_templates List dashboard templates with optional filtering by category Read list_dashboards List dashboards for the account Read list_external_integrations List external integrations configured for the tenant (e.g., Slack, AWS CloudTrail, Okta). Returns integrati... Read list_identities Get list of identities for a specific Kubernetes cluster Read list_image_vulnerabilities List vulnerabilities in a container image with optional filtering by severity Read list_images List container images with optional filtering by page, page size, sort, and search query Read list_inbox_items List inbox items with optional filtering by any field. Multiple filters can be combined eg. Read list_k8s_resource_misconfig_policies List available misconfiguration policies used by RAD Security to detect Kubernetes resource misconfigurations Read list_k8s_resource_misconfigs Get manifest misconfigurations for a Kubernetes resource Read list_k8s_resources List Kubernetes resources with optional filtering by namespace, resource types, and cluster Read list_knowledge_base_collections List all collections in your organization Read list_knowledge_base_documents List documents in your organization Read list_security_findings List security findings with optional filtering by types, severities, sources, and status Read list_widget_templates List widget templates with optional filtering by visualization type and category Read list_workflow_runs List workflow runs with optional filtering by workflow ID Read list_workflow_schedules List workflow schedules with optional filtering by workflow ID Read list_workflows List all workflows Read query_knowledge_base_document Query a CSV document from the knowledge base using natural language. IMPORTANT: This tool ONLY works with C... Read radql_get_type_metadata Get schema/metadata for a specific RadQL data type. Shows available fields, data types, which fields can be... Read radql_list_data_types List all available RadQL data types (discovery). ALWAYS call this FIRST before using other RadQL tools to d... Read radql_list_filter_values List possible values for a filter field (e.g., namespace list, cluster list, severity values). Useful for b... Read radql_query Execute RadQL queries for security investigations. Supports: list (filter/search), get_by_id (single item),... Read search_cves Search CVEs by vendor and optionally product. Source: cve-search.org Read search_knowledge_base Search your organization Read who_shelled_into_pod Get k8s audit logs with information about users who shelled into a pod

WRITE 5 tools

Write add_workflow_schedule Add a cron-based schedule to a workflow. The schedule will trigger the workflow automatically at the specif... Write create_custom_workflow Create a new custom workflow from YAML definition. The YAML will be validated before deployment. Write mark_inbox_item_as_false_positive Mark an inbox item as a false positive with a reason Write update_custom_workflow Update an existing custom workflow with new YAML. Only custom workflows (created via create_custom_workflow... Write update_security_finding_status Update the status of a security finding

EXECUTE 3 tools

Execute run_workflow Run a workflow with optional argument overrides Execute radql_batch_query Execute multiple RadQL queries in parallel for efficiency. Useful for fetching related data from different ... Execute radql_query_builder Helper tool to build RadQL queries programmatically from structured conditions. Useful when you need to con...

// FAQ

How many tools does the RAD Security MCP server have? +

The RAD Security MCP server exposes 55 tools across 3 categories: Read, Write, Execute.

How do I enforce policies on RAD Security tools? +

Route the RAD Security server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do RAD Security tools fall into? +

RAD Security tools are categorised as Read (47), Write (5), Execute (3). Each category has a recommended default policy.

Enforce policy on every RAD Security tool call.

Start from RAD Security, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.