bob-mcp-vuln-workflow
v0.0.7
Published
MCP server for vulnerability workflow writeback to Jira/GitHub
Downloads
698
Readme
bob-mcp-vuln-workflow
MCP server for vulnerability workflow writeback to Jira/GitHub.
Quick Start
Add to your VS Code global settings (Cmd+Shift+P → Open User Settings (JSON)):
Example 1: Mandatory Only
This is the minimum required configuration to get the server working.
{
"mcpServers": {
"bob-mcp-vuln-workflow": {
"command": "npx",
"args": ["-y", "bob-mcp-vuln-workflow"],
"env": {
"JIRA_BASE_URL": "https://jsw.ibm.com",
"JIRA_PAT": "your-jira-pat",
"JIRA_USERNAME": "your-jira-username",
"GITHUB_BASE_URL": "https://github.ibm.com/api/v3",
"GITHUB_TOKEN": "your-github-token"
}
}
}
}Example 2: Mandatory + Email
Adds email notifications for workflow summaries.
{
"mcpServers": {
"bob-mcp-vuln-workflow": {
"command": "npx",
"args": ["-y", "bob-mcp-vuln-workflow"],
"env": {
"JIRA_BASE_URL": "https://jsw.ibm.com",
"JIRA_PAT": "your-jira-pat",
"JIRA_USERNAME": "your-jira-username",
"GITHUB_BASE_URL": "https://github.ibm.com/api/v3",
"GITHUB_TOKEN": "your-github-token",
"BOB_AUTOMATION_SMTP_HOST": "smtp.company.com",
"BOB_AUTOMATION_SMTP_PORT": "587",
"BOB_AUTOMATION_SMTP_USER": "your-smtp-user",
"BOB_AUTOMATION_SMTP_PASS": "your-smtp-password",
"BOB_AUTOMATION_EMAIL_FROM": "[email protected]",
"BOB_AUTOMATION_EMAIL_TO": "[email protected]"
}
}
}
}Example 3: All Parameters
Complete configuration with all optional parameters for customization.
{
"mcpServers": {
"bob-mcp-vuln-workflow": {
"command": "npx",
"args": ["-y", "bob-mcp-vuln-workflow"],
"env": {
"JIRA_BASE_URL": "https://jsw.ibm.com",
"JIRA_PAT": "your-jira-pat",
"JIRA_USERNAME": "your-jira-username",
"GITHUB_BASE_URL": "https://github.ibm.com/api/v3",
"GITHUB_TOKEN": "your-github-token",
"DEFAULT_READY_STATUS": "Ready To Deploy",
"DEFAULT_INVESTIGATING_STATUS": "Investigating",
"DEFAULT_DEVIATION_STATUS": "Deviation Request",
"BOB_AUTOMATION_SMTP_HOST": "smtp.company.com",
"BOB_AUTOMATION_SMTP_PORT": "587",
"BOB_AUTOMATION_SMTP_USER": "your-smtp-user",
"BOB_AUTOMATION_SMTP_PASS": "your-smtp-password",
"BOB_AUTOMATION_EMAIL_FROM": "[email protected]",
"BOB_AUTOMATION_EMAIL_TO": "[email protected]",
"LOG_LEVEL": "info"
}
}
}
}Tools
check_setup— Validate Jira/GitHub configurationpost_jira_comment— Post comment to Jira issueget_jira_transitions— Fetch valid Jira transitionstransition_jira_issue— Transition Jira issue statuspost_github_issue_comment— Post comment to GitHub issuegenerate_workflow_comment— Generate structured comment bodyrecommend_next_status— Recommend next Jira statussend_workflow_summary_email— Send workflow summary email
Prompts
update-vulnerability-workflow— Interactively write back to sourcetransition-jira-vulnerability— Interactively transition Jira issuecomment-on-source-issue— Interactively add comment to source
Environment Variables Reference
Required
| Variable | Description |
|----------|-------------|
| JIRA_BASE_URL | Jira base URL (e.g., https://jsw.ibm.com) |
| JIRA_PAT | Jira Personal Access Token |
| JIRA_USERNAME | Jira username |
| GITHUB_BASE_URL | GitHub API base URL |
| GITHUB_TOKEN | GitHub personal access token |
Optional - Jira Status
| Variable | Description | Default |
|----------|-------------|---------|
| DEFAULT_READY_STATUS | Status for ready to deploy | Ready To Deploy |
| DEFAULT_INVESTIGATING_STATUS | Status for investigating | Investigating |
| DEFAULT_DEVIATION_STATUS | Status for deviation request | Deviation Request |
Optional - Email
| Variable | Description |
|----------|-------------|
| BOB_AUTOMATION_SMTP_HOST | SMTP server host |
| BOB_AUTOMATION_SMTP_PORT | SMTP port (587 or 465) |
| BOB_AUTOMATION_SMTP_USER | SMTP username |
| BOB_AUTOMATION_SMTP_PASS | SMTP password |
| BOB_AUTOMATION_EMAIL_FROM | Sender email address |
| BOB_AUTOMATION_EMAIL_TO | Default recipient email |
Optional - Other
| Variable | Description |
|----------|-------------|
| LOG_LEVEL | Logging level (e.g., info, warn, error) |
IBM Bob Limitations
This server uses IBM internal APIs and requires IBM network access.