--- title: "Nucleus MCP Server" slug: "nucleus-mcp-server" updated: 2026-05-31T19:55:35Z published: 2026-05-31T19:55:35Z canonical: "help.nucleussec.com/nucleus-mcp-server" --- > ## Documentation Index > Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt > Use this file to discover all available pages before exploring further. # Nucleus MCP Server ## Overview The **Nucleus MCP (Model Context Protocol) Server** allows customers to securely connect their AI systems to **Nucleus data and workflows**. It provides a standardized and secure interface for AI-driven automation, natural language querying, and contextual enrichment across the Nucleus platform - all while maintaining full adherence to existing **access control** and **data governance** policies. --- ## Initial Setup Connecting to the MCP Server is straightforward. To set up the integration: 1. In your AI client or platform, locate the required configuration area for MCP or external data connectors. 2. Enter your MCP URL in the following format: `https://[your-nucleus-instance].nucleussec.com/nucleus/mcp ` 3. Authenticate using your Nucleus account credentials and follow the on-screen prompts to authorize access. Once authenticated, the AI system connects to your Nucleus instance and can access permitted data in accordance with your assigned access controls. --- ## RBAC / AGAC Integration The MCP Server fully respects the **Role-Based Access Control (RBAC)** and **Asset Group Access Control (AGAC)** policies defined in your Nucleus environment. - **RBAC Enforcement** All AI interactions are bound by the same permissions as the authenticated user. If a user cannot access specific features or data in the Nucleus interface, neither can their connected AI. - **AGAC Enforcement** Asset-based restrictions remain fully enforced through the MCP Server. **Important:**AI systems connecting through MCP do not bypass Nucleus access controls. They function as secure, permission-aware extensions of the authenticated user. Permissions are enforced at the time queries are processed in Nucleus, so administrators may restrict or expand a user’s access at any time and subsequent interactions via MCP will behave accordingly. --- ## Included Tools The MCP Server provides structured access to key components of the Nucleus platform. These tools allow AI systems to retrieve and summarize information across your security program, including: - **Project Management Tools** Retrieve lists of projects or detailed information about individual projects. - **Asset Management Tools** Access data about assets, including asset details, findings, associated groups, and related metrics. - **Findings and Vulnerability Management Tools** Obtain vulnerability trend information, view findings sorted by risk, and pull current vulnerability metrics. - **Nucleus Query Language (NQL) Tools** Query Nucleus data directly using NQL. These tools let an AI client discover what datasets are available, retrieve the full NQL syntax reference, and execute NQL queries against your findings, assets, and related datasets. NQL tools honor the same RBAC and AGAC enforcement described above — no additional access is granted through NQL. MCP tools will be updated periodically and will be visible in your AI client's connector UI. --- ## Suggested Use Cases The MCP Server supports a wide range of AI-enabled workflows, such as: - **Natural Language Queries** Ask questions in plain language (e.g. "Show all critical vulnerabilities in production assets"); the AI client can leverage NQL Metadata and NQL Reference tools to discover what data is available and supported syntax; then translates these questions into NQL queries and runs them through the NQL Query tool. All NQL access remains bound by the user's RBAC/AGAC permissions. - **Automated Alert Enrichment** Integrate MCP with a SIEM or SOAR platform to provide AI-assisted enrichment of alerts. - **Remediation Planning** Generate prioritized remediation strategies based on active findings. - **Executive Summaries** Produce AI-generated reports on vulnerability trends, risk posture, or remediation performance. - **Cross-System Correlation** Use AI to combine Nucleus data with information from other tools for broader context. --- ## Known Supported AI Clients The following AI platforms have been tested and are known to operate successfully with the Nucleus MCP Server: - ChatGPT - Claude - Augment Code **Note:**Nucleus does not offer official support or non-support for specific AI platforms or clients. Compatibility may vary depending on client-side implementation of the MCP standard and is subject to change based on AI client performance and configuration. --- ## AI Control and Responsibility Nucleus provides the MCP Server as a secure integration layer but does not control, monitor, or validate how connected AI systems interpret or process data once it is delivered from Nucleus. Customers are responsible for: - Managing and reviewing AI data access scopes outside of Nucleus - Ensuring compliance with internal governance and external regulations - Validating AI-generated outputs before using them in production or automation workflows Nucleus cannot guarantee the accuracy, reliability, or security of outputs from external AI systems. --- ## Dedicated MCP Access Permission Access to the MCP Server is governed by a dedicated permission within the Nucleus role model. - MCP access is **enabled by default for all out-of-the-box roles in Nucleus.** - MCP will **not function** if API access is disabled for the user or role. See [Users, Roles & Permissions](/v1/docs/users-roles-and-permissions) for more information on how roles work in Nucleus. --- ## Summary The Nucleus MCP Server provides a secure, governed, and flexible connection between Nucleus and the AI ecosystem. By maintaining strict adherence to RBAC and AGAC, and by giving customers full control over how their AI systems interact with Nucleus data, MCP enables responsible, intelligent automation across security operations.