mcp-threatintel: Install & Tools

Install

Connection

Transport: STDIO
Command: npx -y mcp-threatintel-server
Environment: { "OTX_API_KEY": "YOUR_SECRET_VALUE", "ABUSEIPDB_API_KEY": "YOUR_SECRET_VALUE", "GREYNOISE_API_KEY": "YOUR_SECRET_VALUE", "ABUSECH_AUTH_KEY": "YOUR_SECRET_VALUE" }

Claude Desktop

Add this server entry to the mcpServers object in your Claude Desktop config, then restart the app.

{
  "mcpServers": {
    "io-github-aplaceforallmystuff-mcp-threatintel": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-threatintel-server"
      ],
      "env": {
        "OTX_API_KEY": "YOUR_SECRET_VALUE",
        "ABUSEIPDB_API_KEY": "YOUR_SECRET_VALUE",
        "GREYNOISE_API_KEY": "YOUR_SECRET_VALUE",
        "ABUSECH_AUTH_KEY": "YOUR_SECRET_VALUE"
      }
    }
  }
}

Config location

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

Auth

Package transport

No remote HTTP endpoint is advertised. Use the package or stdio setup shown in Install.

Tools & Resources

Tools

Resources

Prompts

No public tools, resources, or prompts captured yet. Use Auth when this server requires credentials.

Tools

No tools captured yet.

Resources

No resources captured yet.

Prompts

No prompts captured yet.

Questions

What is mcp-threatintel?+

mcp-threatintel is an MCP server for Unified threat intel - OTX, AbuseIPDB, GreyNoise, abuse.ch, Feodo Tracker. It supports STDIO transport.

How do I install mcp-threatintel?+

Use the generated config in Install. This server runs with npx -y mcp-threatintel-server; add any required environment variables before starting your client.

How do I add mcp-threatintel to Claude Desktop?+

Choose the Claude Desktop tab in Install and copy the config for npx -y mcp-threatintel-server. Add required environment variables before starting Claude Desktop.

How do I add mcp-threatintel to Claude Code?+

Choose the Claude Code tab in Install and copy the config for npx -y mcp-threatintel-server. Add required environment variables before starting Claude Code.

How do I use mcp-threatintel with Codex?+

Choose the Codex tab in Install and copy the config for npx -y mcp-threatintel-server. Add required environment variables before starting Codex.

How do I add mcp-threatintel to Cursor or VS Code?+

Choose the Cursor or VS Code tab in Install and copy the config for npx -y mcp-threatintel-server. Add required environment variables before starting Cursor or VS Code.

What endpoint and transport does mcp-threatintel use?+

mcp-threatintel uses STDIO transport. Use the package or command config in Install.

What tools and resources does mcp-threatintel expose?+

mcp-threatintel inventory is listed when the MCP endpoint exposes tools, resources, or prompts. Some servers require auth first.

Does mcp-threatintel require authentication?+

mcp-threatintel does not advertise a verified auth requirement. If discovery fails, it may still need provider login, an API key, a bearer token, or a session header.

Profile notes

Package: Npm mcp-threatintel-server v1.0.1
Environment variable: OTX_API_KEY (secret)
Environment variable: ABUSEIPDB_API_KEY (secret)
Environment variable: GREYNOISE_API_KEY (secret)
Environment variable: ABUSECH_AUTH_KEY (secret)

Packages

Package	Registry	Version	Inputs
`mcp-threatintel-server` stdio	npm	1.0.1	Env: OTX_API_KEY secret Env: ABUSEIPDB_API_KEY secret Env: GREYNOISE_API_KEY secret Env: ABUSECH_AUTH_KEY secret

Details

Version: 1.0.1
Repository: https://github.com/aplaceforallmystuff/mcp-threatintel
Updated: Nov 28, 2025

mcp-threatintel

Install and compare this MCP server

Install

Connection

Claude Desktop

Config location

Auth

Tools & Resources

Tools

Resources

Prompts

Questions

Related MCPs

Profile notes

Packages

Details