MCP Server
reel runs as a Model Context Protocol server, exposing its container-extraction tools to Claude Code, Cursor, Continue, and other MCP-aware AI clients. Local-only, stdio transport.
Install
Install the CLI, then add reel to your MCP client's config.
Claude Desktop / Claude Code
Add reel to ~/.claude/mcp_servers.json (Claude Desktop) or your project's .mcp.json (Claude Code):
{
"mcpServers": {
"reel": {
"command": "reel",
"args": ["start", "mcp"]
}
}
}Cursor / Continue
Same JSON shape — both read the standard MCP server config. Restart the client after editing.
Seven tools
All artifact tools accept destination ∈ { inline | local | s3 }. inline is capped at 1 MB so an oversize SBOM won't blow the AI's context. Discovery tools accept summary=true to return counts only.
| Tool | Group | What it does |
|---|---|---|
| whoami | Identity | Mode, version, available tools, runtime. |
| health | Identity | Liveness probe for the running server. |
| list_workloads | Discovery | Local runtime containers. Supports summary=true. |
| list_images | Discovery | Local images. Supports summary=true. |
| sbom | Extraction | CycloneDX SBOM. Scanners: vuln, secret, license, config, vex. |
| cbom | Extraction | Crypto Bill of Materials — algorithms, certs, keys. |
| malware | Extraction | ClamAV scan of the container or image rootfs. |
Vendor VEX in the AI loop
Pass scanners: ["vuln", "vex"] on the sbom tool and the AI gets Trivy's findings already annotated with vendor verdicts (not_affected / fixed / affected) — pulled live from vex.getreel.dev. The model reasons about what's actually exploitable instead of the raw CVE list.
Coming next
Agent-mode MCP — an in-process listener on reel start server exposing the full agent surface (CRIU checkpoints, layer/frame/memory capture, file inventory) to AI clients over HTTP/SSE. Same tool registry, wired to the in-cluster extraction path.