A Model Context Protocol (MCP) server that provides AI assistants with structured access to Huntress cybersecurity platform data and operations.
Note: This project is maintained by Wyre Technology.
Claude Desktop β download, open, done:
- Download
huntress-mcp.mcpbfrom the latest release - Open the file (double-click or drag into Claude Desktop)
- Enter your Huntress credentials when prompted (API Key, API Secret)
No terminal, no JSON editing, no Node.js install required.
Claude Code (CLI):
claude mcp add huntress-mcp \ -e HUNTRESS_API_KEY=your-api-key \ -e HUNTRESS_API_SECRET=your-api-secret \ -- npx -y github:wyre-technology/huntress-mcp
See Installation for Docker and from-source methods.
- π MCP Protocol Compliance: Full support for MCP resources and tools
- π‘οΈ Comprehensive Security Coverage: Tools spanning agents, organizations, incidents, escalations, billing, signals, and users
- π Decision-Tree Navigation: Start with
huntress_navigateto explore domains, then dynamically load domain-specific tools - π CRUD Operations: Create, read, update, delete operations for organizations, memberships, incidents, and more
- π Secure Authentication: HTTP Basic Auth with Huntress API credentials
- π Dual Transport: Supports both stdio (local) and HTTP Streamable (remote/Docker) transports
- π¦ MCPB Packaging: One-click installation via MCP Bundle for desktop clients
- π³ Docker Ready: Containerized deployment with HTTP transport and health checks
- β‘ Rate Limiting: Built-in rate limiter respects Huntress API limits (60 req/min)
- π Structured Logging: Comprehensive logging with configurable levels
The simplest method β no terminal, no JSON editing, no Node.js install required.
- Download
huntress-mcp.mcpbfrom the latest release - Open the file (double-click or drag into Claude Desktop)
- Enter your Huntress credentials when prompted (API Key, API Secret)
For Claude Code (CLI), one command:
claude mcp add huntress-mcp \ -e HUNTRESS_API_KEY=your-api-key \ -e HUNTRESS_API_SECRET=your-api-secret \ -- npx -y github:wyre-technology/huntress-mcp
docker compose up
Or pull the pre-built image:
docker run -d \ -e HUNTRESS_API_KEY=your-key \ -e HUNTRESS_API_SECRET=your-secret \ -p 8080:8080 \ ghcr.io/wyre-technology/huntress-mcp:latest
git clone https://github.com/wyre-technology/huntress-mcp.git
cd huntress-mcp
npm ci
npm run build| Variable | Description | Default |
|---|---|---|
HUNTRESS_API_KEY |
API public key | β |
HUNTRESS_API_SECRET |
API secret key | β |
MCP_TRANSPORT |
Transport mode (stdio or http) |
stdio |
MCP_HTTP_PORT |
HTTP server port | 8080 |
AUTH_MODE |
Auth mode (env or gateway) |
env |
LOG_LEVEL |
Log level (debug, info, warn, error) |
info |
The server uses decision-tree navigation. Start with huntress_navigate to pick a domain:
| Domain | Tools |
|---|---|
| accounts | Get account info, get current actor |
| agents | List agents, get agent by ID |
| organizations | List, get, create, update, delete organizations |
| incidents | Incident reports (list/get/resolve), remediations (list/get/approve/reject), escalations (list/get/resolve) |
| billing | Billing reports, summary reports |
| signals | List/get security signals |
| users | Membership CRUD (list/get/create/update/delete) |
See docker-compose.yml for full configuration. Copy .env.example to .env and fill in your credentials:
cp .env.example .env
# Edit .env with your Huntress API credentials
docker compose up -dnpm ci npm run build # Build the project npm run dev # Watch mode npm run test # Run tests npm run lint # Type-check npm run clean # Remove dist/
npm test # Run test suite npm run test:watch # Watch mode
See CONTRIBUTING.md for guidelines.
Apache 2.0 β Copyright WYRE Technology