Security Orchestra
50+ specialized AI agents & 8 compound chains for data center critical power infrastructure.
     
---
Installation
Claude Desktop (hosted)
Add to your claude_desktop_config.json:
{
"mcpServers": {
"security-orchestra": {
"url": "https://security-orchestra-orchestrator.onrender.com",
"transport": "sse"
}
}
}Claude Code (CLI)
claude mcp add security-orchestra https://security-orchestra-orchestrator.onrender.com --transport ssenpx (Smithery)
npx -y @smithery/cli@latest mcp add robotfleet-hq/security-orchestraInstall via Smithery.
Restart your MCP client. All tools are immediately available.
---
What It Does
Security Orchestra provides deterministic, standards-based calculations for every phase of data center infrastructure — from site selection to commissioning. Every agent returns structured JSON with citations to applicable codes (NEC, NFPA, IEEE, ASHRAE, Uptime Institute).
Tool Categories
| Category | Agents | Standards | |---|---|---| | Generator Sizing | generator_sizing, fuel_storage, demand_response | NEC, NFPA 110, NFPA 30 | | NFPA 110 Compliance | nfpa_110_checker | NFPA 110 Level 1 & Level 2 | | UPS / ATS Sizing | ups_sizing, ats_sizing, battery_storage | IEEE 485, IEEE 1184, NEC 700/701/702 | | PUE & Efficiency | pue_calculator, economizer_analysis | ASHRAE TC 9.9 | | Cooling Load | cooling_load, chiller_sizing, crac_vs_crah, airflow_modeling, humidification | ASHRAE | | ROI / TCO | roi_calculator, tco_analyzer, construction_cost, incentive_finder | — | | Tier Certification | tier_certification, redundancy_validator, compliance_checker | Uptime Institute Tier I-IV | | Utility Interconnect | utility_interconnect, nc_utility_interconnect, energy_procurement | Utility-specific | | Network Design | network_topology, bandwidth_sizing, bgp_peering, dns_architecture, ip_addressing, fiber_connectivity, latency_calculator | — | | Physical Security | physical_security, biometric_design, surveillance_coverage, cybersecurity_controls | NIST CSF, SOC 2, ISO 27001 | | Site & Construction | site_scoring, construction_timeline, permit_timeline, environmental_impact, water_availability, noise_compliance | NEPA, local codes | | Sustainability | carbon_footprint, solar_feasibility, energy_procurement | GHG Protocol, IRA | | Operations | sla_calculator, capacity_planning, maintenance_schedule, change_management, commissioning_plan | NFPA, OEM specs |
Compound Chains (8)
Chains run multiple agents sequentially and return a combined result:
| Chain | Pipeline | |---|---| | chain_full_power_analysis | Generator > NFPA 110 > UPS > ROI | | chain_emergency_power_package | UPS > ATS > Generator > Fuel Storage > NFPA 110 | | chain_site_readiness | Site Scoring > Tier Cert > Utility Interconnect > Compliance | | chain_full_site_analysis | Site Scoring > Tier Cert > Utility > Permits > Cost > Timeline | | chain_tco_deep_dive | PUE > Cooling Load > TCO Analyzer | | chain_cooling_optimization | Cooling > Chiller > CRAC vs CRAH > Airflow > Economizer | | chain_nc_power_package | NC Utility Interconnect > Generator > NFPA 110 > UPS | | chain_sustainability_package | Carbon > Solar > Battery > Energy Procurement > Environmental |
---
Supported Protocols
Security Orchestra exposes every tool across six agent-communication protocols:
| Protocol | Status | Endpoint | Use Case | |---|---|---|---| | MCP (Model Context Protocol) | Live | SSE: /sse, stdio via npx | Claude Desktop, Claude Code, Cursor, any MCP client | | A2A (Agent2Agent) | Live | /.well-known/agent.json, /a2a | Google agent-to-agent discovery and task delegation | | OpenAI Agents SDK | Live | POST /openai/run | OpenAI-compatible tool-call format | | AG-UI | Live | POST /agui | CopilotKit streaming agent UI | | ACP (Agent Communication Protocol) | Live | POST /acp/runs | IBM BeeAI agent communication | | AGNTCY / OASF | Live | Per-agent ACP endpoints + OASF manifests | Cisco AGNTCY interoperability |
---
Live Endpoints
| | URL | |---|---| | MCP (SSE) | https://security-orchestra-orchestrator.onrender.com | | Agent Card (A2A) | https://security-orchestra-orchestrator.onrender.com/.well-known/agent.json | | A2A Tasks | https://security-orchestra-orchestrator.onrender.com/a2a | | Health | https://security-orchestra-orchestrator.onrender.com/health | | Landing Page | security-orchestra-landing | | Smithery | smithery.ai/@RobotFleet-HQ/security-orchestra |
---
Response Contract
Every tool call returns a CanonicalResponse — same shape regardless of protocol:
{
"agent_id": "generator_sizing",
"agent_version": "1.0",
"protocol_version": "1.0",
"execution_context": "deterministic_calc",
"status": "success",
"result": { /* structured data */ },
"data_freshness": {
"validated_at": "2026-03-28",
"standards_ref": ["NFPA 110:2022"],
"stale_risk": "medium"
},
"a2a": {
"task_id": "uuid-v4",
"input_tokens_used": 0,
"credits_consumed": 5,
"callable_by": ["google-a2a", "openai-agents", "ag-ui", "acp", "agntcy"]
}
}Latency
All 50+ individual agents are deterministic TypeScript calculations — no LLM calls, no external I/O.
| Context | Description | Latency | |---|---|---| | deterministic_calc | All 50+ individual agents | < 100 ms | | multi_agent_chain | All 8 compound chains | 0.5-5 s | | cached | Cached result | < 10 ms |
---
All 50+ Agents
Power & Electrical
| Agent | What it does | |---|---| | generator_sizing | Size generators for data center loads with NEC/NFPA compliance | | ups_sizing | Size UPS systems per IEEE 485/1184 — VRLA or Li-ion, N/N+1/2N configs | | ats_sizing | Size automatic transfer switches per NEC 700/701/702 | | fuel_storage | Design diesel fuel storage per NFPA 30 — tanks, containment, SPCC | | nfpa_110_checker | Validate emergency generator compliance per NFPA 110 | | harmonic_analysis | Analyze THD in power distribution per IEEE 519 | | voltage_drop | Calculate voltage drop per NEC 210.19 | | power_density | Analyze rack power density and PDU sizing per NEC 645 | | battery_storage | Design BESS for backup, peak shaving, demand response | | demand_response | Model utility demand response program participation |
Cooling & Mechanical
| Agent | What it does | |---|---| | cooling_load | Calculate cooling load per ASHRAE TC 9.9 | | pue_calculator | Calculate PUE with optimization recommendations | | chiller_sizing | Size water-cooled and air-cooled chillers | | crac_vs_crah | Compare CRAC vs CRAH — cost, efficiency, constraints | | airflow_modeling | Model hot/cold aisle containment and CFM requirements | | economizer_analysis | Analyze free-cooling potential by climate zone | | humidification | Design humidification systems per ASHRAE A1 envelope |
Network & Connectivity
| Agent | What it does | |---|---| | network_topology | Design spine-leaf network topology | | bandwidth_sizing | Size north-south and east-west bandwidth | | dns_architecture | Design DNS — authoritative, recursive, anycast, DNSSEC | | ip_addressing | Plan IP addressing and VLAN architecture | | bgp_peering | Design BGP peering and route reflector architecture | | fiber_connectivity | Analyze fiber routes and carrier diversity | | latency_calculator | Calculate propagation latency by medium and hop count |
Site & Construction
| Agent | What it does | |---|---| | site_scoring | Score candidate sites across power, connectivity, risk, cost | | construction_cost | Estimate $/MW construction costs with regional factors | | construction_timeline | Phase-by-phase schedule with regulatory modifiers | | permit_timeline | Model permitting timelines across jurisdictions | | environmental_impact | Assess NOx/PM2.5/CO2 emissions per EPA AP-42 | | water_availability | Assess water supply, stress risk, and recycled water options | | noise_compliance | Analyze generator noise vs local ordinances | | incentive_finder | Find federal/state incentives, IRA credits, utility rebates |
Utility & Interconnect
| Agent | What it does | |---|---| | utility_interconnect | Analyze utility interconnect for 9 major US utilities | | nc_utility_interconnect | North Carolina-specific utility interconnect analysis | | energy_procurement | Evaluate PPA, direct access, and retail energy strategies | | solar_feasibility | Analyze on-site solar PV — capacity, IRA credits, payback | | carbon_footprint | Calculate Scope 1/2/3 emissions per GHG Protocol |
Compliance & Certification
| Agent | What it does | |---|---| | redundancy_validator | Validate against Uptime Institute Tier I-IV standards | | tier_certification | Assess tier certification readiness with gap analysis | | compliance_checker | Check SOC 2, ISO 27001, NIST CSF, PCI DSS, FedRAMP |
Physical Security
| Agent | What it does | |---|---| | physical_security | Design layered physical security per Uptime tier standards | | biometric_design | Design biometric access control — FAR/FRR, throughput | | surveillance_coverage | Calculate CCTV coverage, storage, and retention | | cybersecurity_controls | Map controls to NIST CSF and CIS benchmarks |
Financial & Operations
| Agent | What it does | |---|---| | roi_calculator | Calculate NPV, IRR, payback using DCF analysis | | tco_analyzer | Analyze total cost of ownership over facility life | | sla_calculator | Model SLA availability against tier benchmarks | | capacity_planning | Forecast capacity runway and expansion triggers | | maintenance_schedule | Build annual PM schedules per NFPA and OEM specs | | change_management | Design change management process per tier class | | commissioning_plan | Generate commissioning plans per ASHRAE Guideline 1.2 | | fire_suppression | Design clean agent fire suppression per NFPA 2001/75 |
---
Architecture
+------------------------------------------------------+
| MCP Client (Claude Desktop / Claude Code / Cursor) |
+-------------------------+----------------------------+
| SSE (MCP protocol)
v
+------------------------------------------------------+
| orchestrator/ (Node.js on Render) |
| |
| Auth > Rate Limit > Validation > Credit Gate > Run |
| |
| 50+ agents & 8 chains |
| Protocols: MCP, A2A, OpenAI, AG-UI, ACP, AGNTCY |
+----------+----------------------------+--------------+
| HTTP (credit check/deduct) | write
v v
+--------------------+ +--------------------+
| billing-api/ | | audit.db |
| (Express HTTP) | | (SQLite) |
| Stripe webhooks | +--------------------+
+--------------------+---
Pricing
| Tier | Monthly | Credits | Rate Limit | |---|---|---|---| | Free | $0 | 100 | 10/min | | Starter | $29 | 500 | 60/min | | Pro | $99 | 2,000 | 300/min | | Enterprise | $499 | 10,000 | 1,000/min |
Get a free API key: Sign up
---
Self-Hosting
Prerequisites
- Node.js 18+
- npm 9+
Install & Run
git clone https://github.com/RobotFleet-HQ/security-orchestra
cd security-orchestra
# Build
cd orchestrator && npm install && npm run build && cd ..
cd billing-api && npm install && npm run build && cd ..
# Configure
cd orchestrator && cp .env.example .env
npm run generate-key myuser free # generates sk_live_... key
# Run
cd orchestrator && npm start # Terminal 1
cd billing-api && npm start # Terminal 2Connect Claude Desktop (self-hosted)
{
"mcpServers": {
"security-orchestra": {
"command": "node",
"args": ["/path/to/security-orchestra/orchestrator/dist/index.js"],
"env": {
"ORCHESTRATOR_API_KEY": "sk_live_your_key",
"BILLING_API_URL": "http://localhost:3001"
}
}
}
}---
Repository Structure
security-orchestra/
├── orchestrator/ # MCP server — 50+ agents & 8 chains
│ └── src/
│ ├── index.ts # Entry point, tool registry
│ ├── auth.ts # API key auth
│ ├── rateLimit.ts # Sliding-window rate limiter
│ ├── validation.ts # Input sanitization
│ ├── billing.ts # Credit check/deduct
│ ├── canonical.ts # CanonicalResponse shape
│ └── audit.ts # Audit log
├── billing-api/ # HTTP API — users, credits, Stripe
├── [agent]-agent/ # 50+ individual agent modules
├── smithery.yaml # Smithery registry config
├── mcp.json # MCP registry manifest
└── LICENSE # MIT---
Security
- API key authentication on all tool calls
- Input validation and sanitization on every request
- Sliding-window rate limiting per key and tier
- Audit logging of all tool invocations
- No LLM calls in individual agents — deterministic calculations only
- Credit-gated access prevents abuse
---
License
MIT — RobotFleet HQ
