nathan/nexus-mcp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nexus-mcp/documentation/Nexus MCP - Tool Inventory.md
nathan e6e4810e47 feat(docs): update tool inventory and add resilience documentation 
- Updated Nexus MCP Tool Inventory with new NEXUS references and improved tool descriptions.
- Added comprehensive README.md for Nexus MCP, detailing architecture, folder structure, and tool references.
- Introduced RESILIENCE.md to document the new enterprise system resilience features, including automatic retry logic and circuit breaker patterns.
- Created TEST_VALIDATION_REPORT.md summarizing test results and server capabilities post-rebuild.
- Established a canonical work item register (nexus-work-item-register.md) to track NEXUS-XXX work items and their statuses.
- Updated scripts to reflect changes in work item references from WIS to NEXUS.
2026-04-14 14:53:02 -04:00

146 lines
7.7 KiB
Markdown
Raw Blame History

# Nexus MCP - Tool inventory
A complete reference of every service and tool currently registered in the Nexus MCP server. Sorted alphabetically by service, then by tool name within each service.
---
## Active Directory
**Shard:** `identity` | **Status:** 🟢 Green (NEXUS-017)
| Tool | Description |
|---|---|
| `ad_get_disabled_accounts` | Returns all disabled user accounts in Active Directory. |
| `ad_get_group_members` | Returns all members of an AD group by its distinguished name. |
| `ad_get_stale_accounts` | Returns active AD accounts with no recorded login activity within a configurable number of days (default: 90). |
| `ad_get_user` | Looks up a single AD user by their sAMAccountName (login name) and returns a normalized user object. |
| `ad_get_user_by_email` | Looks up a single AD user by their email address and returns a normalized user object. |
| `ad_list_groups` | Lists all security and distribution groups in Active Directory. |
| `ad_search_users` | Searches AD users by display name or sAMAccountName fragment and returns a list of normalized user objects. |
---
## Audit (cross-system)
**Shard:** `audit` + `main.py` | **Status:** 🟢 Green
| Tool | Description |
|---|---|
| `nexus_audit_recent` | Returns the last *n* entries from the Nexus-MCP SOC 2 structured audit log. Each entry includes tool name, shard, action category, redacted argument summary, status, and latency. |
| `nexus_audit_stats` | Returns aggregate statistics over the entire audit log, including total call count, status breakdown, shard breakdown, top-10 tools by call volume, and recent errors. |
| `scan_department_mismatches` | Detects workers whose department in Workday differs from their department attribute in Active Directory. Severity: MEDIUM. |
| `scan_job_title_drift` | Detects workers whose job title in Workday differs from their title attribute in Active Directory. Severity: MEDIUM. |
| `scan_name_variance_mismatches` | Detects AD display names that do not align with the legal or preferred name stored in Workday. Severity: LOW. |
| `scan_status_reconciliation` | Detects workers who are terminated in Workday but still have an enabled account in Active Directory. Severity: HIGH. |
---
## BMC Helix (ITSM)
**Shard:** `itsm` | **Status:** 🔴 Red (Planned)
| Tool | Description |
|---|---|
| `helix_get_incident` | Retrieves full details for a single Helix incident ticket by its Entry ID (e.g. `INC0001234`). |
| `helix_get_problem` | Retrieves a Helix problem investigation record by its problem ID (e.g. `PRB0000456`). |
| `helix_list_changes` | Lists change requests from BMC Helix with optional status filter (e.g. Draft, Scheduled, In Progress). |
| `helix_list_cmdb_assets` | Lists hardware assets registered in the BMC Helix CMDB. |
| `helix_list_incidents` | Lists incidents from BMC Helix ITSM with optional filters for status and assignee. |
| `helix_search_cmdb` | Searches the BMC Helix CMDB for configuration items (CIs) matching a name fragment. |
---
## FedEx
**Shard:** `logistics` | **Status:** 🔴 Red (Planned — credentials pending)
| Tool | Description |
|---|---|
| `fedex_get_rates` | Returns available FedEx shipping service options and rates between two postal codes for a given package weight. |
| `fedex_get_shipment_events` | Returns the full ordered list of scan events (location, timestamp, description) for a single FedEx tracking number. |
| `fedex_track_multiple` | Tracks up to 30 FedEx shipments in a single API call and returns tracking results for each. |
| `fedex_track_shipment` | Tracks a single FedEx shipment by tracking number and returns full tracking details including current status and estimated delivery. |
| `fedex_validate_address` | Validates a shipping address against the FedEx Address Validation API and returns the classification and resolved address. |
---
## Microsoft Entra ID
**Shard:** `identity` | **Status:** 🟢 Green (NEXUS-017)
| Tool | Description |
|---|---|
| `entra_get_conditional_access_policies` | Lists all Conditional Access policies configured in the Entra ID tenant. |
| `entra_get_group_members` | Lists members of an Entra ID group by its object ID. |
| `entra_get_risky_users` | Lists users currently flagged as risky by Entra ID Identity Protection. Requires `IdentityRiskyUser.Read.All` Graph permission. |
| `entra_get_signin_logs` | Retrieves recent sign-in log entries from Entra ID, ordered by most recent. Requires `AuditLog.Read.All` Graph permission. |
| `entra_get_user` | Retrieves a single Entra ID user by object ID or UPN and returns a normalized user object. |
| `entra_list_groups` | Lists all groups in the Microsoft Entra ID tenant. |
| `entra_list_service_principals` | Lists service principals (app registrations and enterprise applications) registered in Entra ID. |
| `entra_list_users` | Lists users in Microsoft Entra ID and returns normalized user objects. |
---
## Microsoft Intune
**Shard:** `assets` | **Status:** 🔴 Red (Planned)
| Tool | Description |
|---|---|
| `intune_get_autopilot_devices` | Lists all Windows Autopilot device registrations in Intune. |
| `intune_get_managed_device` | Retrieves full details for a single Intune managed device by its device ID or device name. |
| `intune_get_noncompliant_devices` | Returns all Intune-managed devices currently in a non-compliant state. |
| `intune_list_apps` | Lists managed applications deployed through Intune mobile app management. |
| `intune_list_compliance_policies` | Lists the device compliance policies configured in Intune. |
| `intune_list_configuration_profiles` | Lists the device configuration profiles configured in Intune. |
| `intune_list_managed_devices` | Lists all devices enrolled in Microsoft Intune with key health and compliance attributes. |
---
## Lansweeper
**Shard:** `assets` | **Status:** 🔴 Red (Planned)
| Tool | Description |
|---|---|
| `lansweeper_get_asset` | Retrieves full inventory details for a single Lansweeper asset by its asset ID. |
| `lansweeper_get_software` | Lists all installed software (name, version, publisher) on a given Lansweeper asset. |
| `lansweeper_list_assets` | Lists assets from Lansweeper with optional filtering by asset type (e.g. Windows, Linux, Network Device). |
| `lansweeper_search_assets` | Searches Lansweeper assets by name, IP address, or serial number fragment and returns matching records. |
---
## Workday
**Shard:** `workday` | **Status:** 🟡 Yellow (NEXUS-009)
| Tool | Description |
|---|---|
| `workday_find_worker_by_email` | Finds a Workday worker record by their primary work email address. |
| `workday_get_compensation` | Retrieves compensation details (grade, salary band) for a worker by their Workday ID. |
| `workday_get_worker` | Retrieves full details for a single Workday worker by their Workday worker ID. |
| `workday_list_organizations` | Lists supervisory organisations in the Workday tenant. |
| `workday_list_positions` | Lists open and filled positions in Workday HCM. |
| `workday_list_workers` | Lists workers from Workday HCM with support for pagination via `limit` and `offset`. |
| `workday_run_raas_report` | Executes a Workday Report-as-a-Service (RaaS) custom report by path and returns the result rows. |
---
## Summary
| Service | Shard | Status | Tool count |
|---|---|---|---|
| Active Directory | `identity` | 🟢 Green | 7 |
| Audit (cross-system) | `audit` / `main.py` | 🟢 Green | 6 |
| BMC Helix (ITSM) | `itsm` | 🔴 Planned | 6 |
| FedEx | `logistics` | 🔴 Planned | 5 |
| Microsoft Entra ID | `identity` | 🟢 Green | 8 |
| Microsoft Intune | `assets` | 🔴 Planned | 7 |
| Lansweeper | `assets` | 🔴 Planned | 4 |
| Workday | `workday` | 🟡 In progress | 7 |
| **Total** | | | **50** |
---
*Generated: 2026-04-14 | Source: `nexus-mcp/src/shards/` + `nexus-mcp/src/main.py`*
Reference in New Issue View Git Blame Copy Permalink