# How to integrate 21risk MCP with Google ADK ```json { "title": "How to integrate 21risk MCP with Google ADK", "toolkit": "21risk", "toolkit_slug": "_21risk", "framework": "Google ADK", "framework_slug": "google-adk", "url": "https://composio.dev/toolkits/_21risk/framework/google-adk", "markdown_url": "https://composio.dev/toolkits/_21risk/framework/google-adk.md", "updated_at": "2026-05-12T09:59:46.287Z" } ``` ## Introduction This guide walks you through connecting 21risk to Google ADK using the Composio tool router. By the end, you'll have a working 21risk agent that can download audit reports for last quarter, list all sites with open compliance issues, fetch monthly risk data for top properties through natural language commands. This guide will help you understand how to give your Google ADK agent real control over a 21risk account through Composio's 21risk MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved. ## Also integrate 21risk with - [OpenAI Agents SDK](https://composio.dev/toolkits/_21risk/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/_21risk/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/_21risk/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/_21risk/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/_21risk/framework/codex) - [OpenClaw](https://composio.dev/toolkits/_21risk/framework/openclaw) - [Hermes](https://composio.dev/toolkits/_21risk/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/_21risk/framework/cli) - [LangChain](https://composio.dev/toolkits/_21risk/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/_21risk/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/_21risk/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/_21risk/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/_21risk/framework/crew-ai) ## TL;DR Here's what you'll learn: - Get a 21risk account set up and connected to Composio - Install the Google ADK and Composio packages - Create a Composio Tool Router session for 21risk - Build an agent that connects to 21risk through MCP - Interact with 21risk using natural language ## What is Google ADK? Google ADK (Agents Development Kit) is Google's framework for building AI agents powered by Gemini models. It provides tools for creating agents that can use external services through the Model Context Protocol. Key features include: - Gemini Integration: Native support for Google's Gemini models - MCP Toolset: Built-in support for Model Context Protocol tools - Streamable HTTP: Connect to external services through streamable HTTP - CLI and Web UI: Run agents via command line or web interface ## What is the 21risk MCP server, and what's possible with it? The 21risk MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your 21risk account. It provides structured and secure access to your checklists, audits, compliance data, and risk models, so your agent can retrieve reports, analyze compliance status, and streamline audit management on your behalf. - Automated compliance insights and analytics: Instantly fetch compliance data for sites, categories, or specific questions to support analytics and reporting needs. - Audit report management: Retrieve draft, published, or scheduled audit reports, enabling your agent to monitor progress or summarize findings. - Risk model and category exploration: Let your agent list and filter available risk models and categories to assist with compliance checks and risk assessments. - Monthly item tracking and analysis: Query detailed fact tables of items per month for granular, time-based risk or compliance monitoring. - Site, organization, and property retrieval: Automatically list sites, organizations, and property details, helping you organize and cross-reference risk and compliance data efficiently. ## Supported Tools | Tool slug | Name | Description | |---|---|---| | `_21RISK_GET_COMPLIANCE` | Get Compliance | Tool to retrieve compliance data for sites, categories, or questions. Use when you need OData-based compliance data for analytics or reporting. | | `_21RISK_GET_ITEMS` | Get Items (BETA) | Tool to retrieve items (BETA) from the 21RISK OData API. Use when you need a filtered and paged list of items for analytics and reporting. Example: GET_ITEMS($filter="Item Cost gt 100", $top=50). | | `_21RISK_GET_ITEMS_PER_MONTH` | Get Items Per Month | Tool to retrieve fact table data for ItemsPerMonth, one row per question per site per month. Use when querying monthly item data with OData parameters ($filter, $top, $skip, $select, maxPageSizeInMb). | | `_21RISK_GET_ORGANIZATIONS` | Get Organizations | Tool to retrieve organizations from the 21RISK OData API. Use when you need to list, filter, or paginate organizations via OData parameters after authentication is confirmed. | | `_21RISK_GET_PROPERTIES` | Get Properties | Tool to fetch a list of properties related to sites, including COPE information and other relevant data. Use when you need property insurance details via OData API after authentication. | | `_21RISK_GET_REPORTS` | Get Reports | Tool to retrieve audit reports, including draft, published, and scheduled reports. Use when you need a paginated list of reports with optional OData filtering. | | `_21RISK_GET_RISKMODEL_CATEGORIES` | Get RiskModel Categories | Tool to retrieve risk model categories for grouping questions and compliance checks. Use when you need to filter, select, or paginate risk model categories via OData parameters ($filter, $select, $orderby, $top, $skip, $count). | | `_21RISK_GET_RISK_MODELS` | Get Risk Models | Tool to retrieve risk models used for audits and compliance. Use when you need to list available risk models with optional OData queries. | ## Supported Triggers None listed. ## Creating MCP Server - Stand-alone vs Composio SDK The 21risk MCP server is an implementation of the Model Context Protocol that connects your AI agent to 21risk. It provides structured and secure access so your agent can perform 21risk operations on your behalf through a secure, permission-based interface. With Composio's managed implementation, you don't have to create your own developer app. For production, if you're building an end product, we recommend using your own credentials. The managed server helps you prototype fast and go from 0-1 faster. ## Step-by-step Guide ### 1. Prerequisites Before starting, make sure you have: - A Google API key for Gemini models - A Composio account and API key - Python 3.9 or later installed - Basic familiarity with Python ### 1. Getting API Keys for Google and Composio Google API Key - Go to [Google AI Studio](https://aistudio.google.com/app/apikey) and create an API key. - Copy the key and keep it safe. You will put this in GOOGLE_API_KEY. Composio API Key and User ID - Log in to the [Composio dashboard](https://dashboard.composio.dev?utm_source=toolkits&utm_medium=framework_docs). - Go to Settings → API Keys and copy your Composio API key. Use this for COMPOSIO_API_KEY. - Decide on a stable user identifier to scope sessions, often your email or a user ID. Use this for COMPOSIO_USER_ID. ### 2. Install dependencies Inside your virtual environment, install the required packages. What's happening: - google-adk is Google's Agents Development Kit - composio connects your agent to 21risk via MCP - python-dotenv loads environment variables ```bash pip install google-adk composio python-dotenv ``` ### 3. Set up ADK project Set up a new Google ADK project. What's happening: - This creates an agent folder with a root agent file and .env file ```bash adk create my_agent ``` ### 4. Set environment variables Save all your credentials in the .env file. What's happening: - GOOGLE_API_KEY authenticates with Google's Gemini models - COMPOSIO_API_KEY authenticates with Composio - COMPOSIO_USER_ID identifies the user for session management ```bash GOOGLE_API_KEY=your-google-api-key COMPOSIO_API_KEY=your-composio-api-key COMPOSIO_USER_ID=your-user-id-or-email ``` ### 5. Import modules and validate environment What's happening: - os reads environment variables - Composio is the main Composio SDK client - GoogleProvider declares that you are using Google ADK as the agent runtime - Agent is the Google ADK LLM agent class - McpToolset lets the ADK agent call MCP tools over HTTP ```python import os import warnings from composio import Composio from dotenv import load_dotenv from google.adk.agents.llm_agent import Agent from google.adk.tools.mcp_tool.mcp_session_manager import StreamableHTTPConnectionParams from google.adk.tools.mcp_tool.mcp_toolset import McpToolset load_dotenv() warnings.filterwarnings("ignore", message=".*BaseAuthenticatedTool.*") GOOGLE_API_KEY = os.getenv("GOOGLE_API_KEY") COMPOSIO_API_KEY = os.getenv("COMPOSIO_API_KEY") COMPOSIO_USER_ID = os.getenv("COMPOSIO_USER_ID") if not GOOGLE_API_KEY: raise ValueError("GOOGLE_API_KEY is not set in the environment.") if not COMPOSIO_API_KEY: raise ValueError("COMPOSIO_API_KEY is not set in the environment.") if not COMPOSIO_USER_ID: raise ValueError("COMPOSIO_USER_ID is not set in the environment.") ``` ### 6. Create Composio client and Tool Router session What's happening: - Authenticates to Composio with your API key - Declares Google ADK as the provider - Spins up a short-lived MCP endpoint for your user and selected toolkit - Stores the MCP HTTP URL for the ADK MCP integration ```python composio_client = Composio(api_key=COMPOSIO_API_KEY) composio_session = composio_client.create( user_id=COMPOSIO_USER_ID, toolkits=["_21risk"], ) COMPOSIO_MCP_URL = composio_session.mcp.url, print(f"Composio MCP URL: {COMPOSIO_MCP_URL}") ``` ### 7. Set up the McpToolset and create the Agent What's happening: - Connects the ADK agent to the Composio MCP endpoint through McpToolset - Uses Gemini as the model powering the agent - Lists exact tool names in instruction to reduce misnamed tool calls ```python composio_toolset = McpToolset( connection_params=StreamableHTTPConnectionParams( url=COMPOSIO_MCP_URL, headers={"x-api-key": COMPOSIO_API_KEY} ) ) root_agent = Agent( model="gemini-2.5-flash", name="composio_agent", description="An agent that uses Composio tools to perform actions.", instruction=( "You are a helpful assistant connected to Composio. " "You have the following tools available: " "COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, " "COMPOSIO_MANAGE_CONNECTIONS, COMPOSIO_REMOTE_BASH_TOOL, COMPOSIO_REMOTE_WORKBENCH. " "Use these tools to help users with 21risk operations." ), tools=[composio_toolset], ) print("\nAgent setup complete. You can now run this agent directly ;)") ``` ### 8. Run the agent Execute the agent from the project root. The web command opens a web portal where you can chat with the agent. What's happening: - adk run runs the agent in CLI mode - adk web . opens a web UI for interactive testing ```bash # Run in CLI mode adk run my_agent # Or run in web UI mode adk web ``` ## Complete Code ```python import os import warnings from composio import Composio from composio_google import GoogleProvider from dotenv import load_dotenv from google.adk.agents.llm_agent import Agent from google.adk.tools.mcp_tool.mcp_session_manager import StreamableHTTPConnectionParams from google.adk.tools.mcp_tool.mcp_toolset import McpToolset load_dotenv() warnings.filterwarnings("ignore", message=".*BaseAuthenticatedTool.*") GOOGLE_API_KEY = os.getenv("GOOGLE_API_KEY") COMPOSIO_API_KEY = os.getenv("COMPOSIO_API_KEY") COMPOSIO_USER_ID = os.getenv("COMPOSIO_USER_ID") if not GOOGLE_API_KEY: raise ValueError("GOOGLE_API_KEY is not set in the environment.") if not COMPOSIO_API_KEY: raise ValueError("COMPOSIO_API_KEY is not set in the environment.") if not COMPOSIO_USER_ID: raise ValueError("COMPOSIO_USER_ID is not set in the environment.") composio_client = Composio(api_key=COMPOSIO_API_KEY, provider=GoogleProvider()) composio_session = composio_client.create( user_id=COMPOSIO_USER_ID, toolkits=["_21risk"], ) COMPOSIO_MCP_URL = composio_session.mcp.url composio_toolset = McpToolset( connection_params=StreamableHTTPConnectionParams( url=COMPOSIO_MCP_URL, headers={"x-api-key": COMPOSIO_API_KEY} ) ) root_agent = Agent( model="gemini-2.5-flash", name="composio_agent", description="An agent that uses Composio tools to perform actions.", instruction=( "You are a helpful assistant connected to Composio. " "You have the following tools available: " "COMPOSIO_SEARCH_TOOLS, COMPOSIO_MULTI_EXECUTE_TOOL, " "COMPOSIO_MANAGE_CONNECTIONS, COMPOSIO_REMOTE_BASH_TOOL, COMPOSIO_REMOTE_WORKBENCH. " "Use these tools to help users with 21risk operations." ), tools=[composio_toolset], ) print("\nAgent setup complete. You can now run this agent directly ;)") ``` ## Conclusion You've successfully integrated 21risk with the Google ADK through Composio's MCP Tool Router. Your agent can now interact with 21risk using natural language commands. Key takeaways: - The Tool Router approach dynamically routes requests to the appropriate 21risk tools - Environment variables keep your credentials secure and separate from code - Clear agent instructions reduce tool calling errors - The ADK web UI provides an interactive interface for testing and development You can extend this setup by adding more toolkits to the toolkits array in your session configuration. ## How to build 21risk MCP Agent with another framework - [OpenAI Agents SDK](https://composio.dev/toolkits/_21risk/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/_21risk/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/_21risk/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/_21risk/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/_21risk/framework/codex) - [OpenClaw](https://composio.dev/toolkits/_21risk/framework/openclaw) - [Hermes](https://composio.dev/toolkits/_21risk/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/_21risk/framework/cli) - [LangChain](https://composio.dev/toolkits/_21risk/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/_21risk/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/_21risk/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/_21risk/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/_21risk/framework/crew-ai) ## Related Toolkits - [Excel](https://composio.dev/toolkits/excel) - Microsoft Excel is a robust spreadsheet application for organizing, analyzing, and visualizing data. It's the go-to tool for calculations, reporting, and flexible data management. - [Abstract](https://composio.dev/toolkits/abstract) - Abstract provides a suite of APIs for automating data validation and enrichment tasks. It helps developers streamline workflows and ensure data quality with minimal effort. - [Addressfinder](https://composio.dev/toolkits/addressfinder) - Addressfinder is a data quality platform for verifying addresses, emails, and phone numbers. It helps you ensure accurate customer and contact data every time. - [Agentql](https://composio.dev/toolkits/agentql) - Agentql is a toolkit that connects AI agents to the web using a specialized query language. It enables structured web interaction and data extraction for smarter automations. - [Agenty](https://composio.dev/toolkits/agenty) - Agenty is a web scraping and automation platform for extracting data and automating browser tasks—no coding needed. It streamlines data collection, monitoring, and repetitive online actions. - [Ambee](https://composio.dev/toolkits/ambee) - Ambee is an environmental data platform providing real-time, hyperlocal APIs for air quality, weather, and pollen. Get precise environmental insights to power smarter decisions in your apps and workflows. - [Ambient weather](https://composio.dev/toolkits/ambient_weather) - Ambient Weather is a platform for personal weather stations with a robust API for accessing local, real-time, and historical weather data. Get detailed environmental insights directly from your own sensors for smarter apps and automations. - [Anonyflow](https://composio.dev/toolkits/anonyflow) - Anonyflow is a service for encryption-based data anonymization and secure data sharing. It helps organizations meet GDPR, CCPA, and HIPAA data privacy compliance requirements. - [Api ninjas](https://composio.dev/toolkits/api_ninjas) - Api ninjas offers 120+ public APIs spanning categories like weather, finance, sports, and more. Developers use it to supercharge apps with real-time data and actionable endpoints. - [Api sports](https://composio.dev/toolkits/api_sports) - Api sports is a comprehensive sports data platform covering 2,000+ competitions with live scores and 15+ years of stats. Instantly access up-to-date sports information for analysis, apps, or chatbots. - [Apify](https://composio.dev/toolkits/apify) - Apify is a cloud platform for building, deploying, and managing web scraping and automation tools called Actors. It lets you automate data extraction and workflow tasks at scale—no infrastructure headaches. - [Autom](https://composio.dev/toolkits/autom) - Autom is a lightning-fast search engine results data platform for Google, Bing, and Brave. Developers use it to access fresh, low-latency SERP data on demand. - [Beaconchain](https://composio.dev/toolkits/beaconchain) - Beaconchain is a real-time analytics platform for Ethereum 2.0's Beacon Chain. It provides detailed insights into validators, blocks, and overall network performance. - [Big data cloud](https://composio.dev/toolkits/big_data_cloud) - BigDataCloud provides APIs for geolocation, reverse geocoding, and address validation. Instantly access reliable location intelligence to enhance your applications and workflows. - [Bigpicture io](https://composio.dev/toolkits/bigpicture_io) - BigPicture.io offers APIs for accessing detailed company and profile data. Instantly enrich your applications with up-to-date insights on 20M+ businesses. - [Bitquery](https://composio.dev/toolkits/bitquery) - Bitquery is a blockchain data platform offering indexed, real-time, and historical data from 40+ blockchains via GraphQL APIs. Get unified, reliable access to complex on-chain data for analytics, trading, and research. - [Brightdata](https://composio.dev/toolkits/brightdata) - Brightdata is a leading web data platform offering advanced scraping, SERP APIs, and anti-bot tools. It lets you collect public web data at scale, bypassing blocks and friction. - [Builtwith](https://composio.dev/toolkits/builtwith) - BuiltWith is a web technology profiler that uncovers the technologies powering any website. Gain actionable insights into analytics, hosting, and content management stacks for smarter research and lead generation. - [Byteforms](https://composio.dev/toolkits/byteforms) - Byteforms is an all-in-one platform for creating forms, managing submissions, and integrating data. It streamlines workflows by centralizing form data collection and automation. - [Cabinpanda](https://composio.dev/toolkits/cabinpanda) - Cabinpanda is a data collection platform for building and managing online forms. It helps streamline how you gather, organize, and analyze responses. ## Frequently Asked Questions ### What are the differences in Tool Router MCP and 21risk MCP? With a standalone 21risk MCP server, the agents and LLMs can only access a fixed set of 21risk tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from 21risk and many other apps based on the task at hand, all through a single MCP endpoint. ### Can I use Tool Router MCP with Google ADK? Yes, you can. Google ADK fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right 21risk tools. ### Can I manage the permissions and scopes for 21risk while using Tool Router? Yes, absolutely. You can configure which 21risk scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do. ### How safe is my data with Composio Tool Router? All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your 21risk data and credentials are handled as safely as possible. --- [See all toolkits](https://composio.dev/toolkits) · [Composio docs](https://docs.composio.dev/llms.txt)