threat-intel-mcp
Verified Safeby marc-shade
Overview
Aggregates threat intelligence from multiple sources to provide reputation checks and threat detection for an Agentic System.
Installation
${AGENTIC_SYSTEM_PATH:-/opt/agentic}/.venv/bin/python3 -m threat_intel_mcp.serverEnvironment Variables
- VIRUSTOTAL_API_KEY
- ABUSEIPDB_API_KEY
- SHODAN_API_KEY
- OTX_API_KEY
- AGENTIC_SYSTEM_PATH
Security Notes
The server makes external HTTP/HTTPS calls to various threat intelligence providers (e.g., VirusTotal, AbuseIPDB, Shodan, CISA KEV, ThreatFox) as its core function. These are handled asynchronously with proper error handling. API keys are loaded from environment variables. No 'eval' or obvious malicious patterns found. The dashboard component is a Flask web server, introducing standard web security considerations, but primarily fetches cached data.
Similar Servers
nist-csf-2-mcp-server
A professional cybersecurity assessment backend API for NIST CSF 2.0, providing real-time dashboards and executive reporting capabilities.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.
MalwareBazaar_MCP
An AI-driven MCP server interfacing with Malware Bazaar for real-time threat intelligence and sample metadata, supporting cybersecurity research workflows.
mcp-cyberbro
A Model Context Protocol (MCP) server for Cyberbro that extracts and analyzes Indicators of Compromise (IoCs) from unstructured input, checking their reputation using multiple threat intelligence services.