Building agents with LangChain, OpenAI's Assistants API, Anthropic's Claude API, or your own stack? ArgosBrain ships as an MCP server with 15 default tools your agent calls directly โ preflight (existence + blast radius + risk), callers, check_reachability, verify_no_fake_done, find_sinks, plus the Card 1 / Card 2 primitives. ARGOSBRAIN_EXPOSE=full opens all ~59.
Your agent reads users.py three times in one session. It greps for send_email, then re-greps for sendEmail, then re-reads the file to confirm the case. Every re-read is a billable round-trip; every re-grep is a tool call your agent's reasoning loop has to integrate.
The structural questions โ *does this symbol exist?*, *who calls it?*, *is it reachable from untrusted input?* โ are deterministic. A graph-deterministic memory answers each in sub-millisecond at $0 retrieval cost. ArgosBrain is that memory, exposed as MCP tools your agent invokes directly.
# Before any code reference: mcp__argos__preflight({target: "X"}) โ existence + blast radius + risk mcp__argos__callers({symbol: "X"}) โ caller graph + by_kind breakdown mcp__argos__check_reachability({target: "X"}) โ reachability from sources mcp__argos__symbol_exists({name: "X"}) โ fast yes/no mcp__argos__resolve_member({receiver: "X", method: "Y"}) โ method-on-type check # Before declaring done: mcp__argos__verify_no_fake_done({}) โ scan 50+ language stub patterns
Wire these into your agent's tool catalog. The MCP instructions field auto-applies (ArgosBrain's server emits it on initialize) โ every modern LLM (Opus 4.7, Sonnet 4.6, GPT-4.1, GPT-5) follows ~90-95% of the time. For deterministic enforcement on the Claude Code runtime, the install ships PreToolUse + PostToolUse hooks that fire regardless of LLM compliance.
/argos-security orchestrator.# Sink discovery + triage: mcp__argos__find_sinks({kind: "xss"|"sqli"|"ssrf"|"rce"|...}) โ candidate hits mcp__argos__find_sinks_delta({since_commit: "main"}) โ PR-scoped mcp__argos__triage_sinks({kind: "..."}) โ ranked summary mcp__argos__triage_sinks_details({kind, ids: [...]}) โ drill-down # Attack-surface enumeration: mcp__argos__find_dead_symbols({}) โ Forgotten Attack Surface mcp__argos__api_diff({a: "main", b: "current"}) โ Surface Drift Watch mcp__argos__find_module_boundaries({seed: ...}) โ Privilege Boundary Leaks
Your agent composes these into the kill-chain narratives your CISO reads. Or just invoke /argos-security and let our orchestrator do the composition. Nine perspectives detail โ
ArgosBrain's MCP server is stdio + JSON-RPC. Standard transport. Zero-panic Rust core. Works wherever MCP works:
argosbrain initNo lock-in. If you turn ArgosBrain off, your agent's tool catalog shrinks but everything else keeps working. The lean default (15 tools) is what loads in the system prompt; ARGOSBRAIN_EXPOSE=full in your MCP host's env opens all ~59 for power use.
symbol_exists("foo") returns the same result on every call. The graph either has the symbol or doesn't. No stochastic vector-distance threshold; no "the embedding got close enough this time" surprise.~/.argosbrain/brain.bin. Your agent's read path never leaves the machine. For regulated industries that's compliance evidence; for everyone else it's sub-millisecond P99 because no network is in the loop.curl -fsSL https://argosbrain.com/install.sh | sh argosbrain init --key <your-free-key> cd ~/my-project argosbrain ingest .
Then add to your MCP client config (or LangChain MCP loader):
{
"mcpServers": {
"argos": {
"command": "argosbrain-mcp",
"args": ["--project", "/Users/you/my-project"],
"env": {
"ARGOSBRAIN_EXPOSE": "default"
}
}
}
}
Set ARGOSBRAIN_EXPOSE to full if you want all ~59 tools in your agent's catalog (power-user / orchestrator builders). Default (15 tools) is recommended for production agents โ less decision overhead means fewer wasted turns.
Get your free key โ ยท The two services in detail ยท Default + full skill packs ยท For MCP server developers ยท Architecture paper ยท Talk to engineering