secfeed
OfficialClick on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@secfeedshow me the latest CVEs"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
secfeed
Security Intelligence MCP server — aggregates authoritative vulnerability, news, and threat-intel feeds into a local SQLite database and serves them to AI agents via MCP tools.
Every ingested item is auto-classified against the agent-security-manual threat taxonomy (TH-01..TH-10), so agents can pull an AI-agent-security focused feed and trace each threat to its mitigating controls (CT), requirements (REQ), and manual chapters.
Data sources
Category | Sources |
Vulnerabilities | CISA KEV, NVD CVE API 2.0, EPSS, GitHub Security Advisories, GitHub PoC search |
Threat intel | Abuse.ch ThreatFox, CISA Cybersecurity Advisories, arXiv cs.CR |
News | The Hacker News, BleepingComputer, Krebs on Security, The Record, SANS ISC |
Agent security | Simon Willison's blog, Embrace The Red |
Related MCP server: wrg-mcp-server
MCP tools
Tool | Purpose |
| Recent CVEs sorted by EPSS exploit probability |
| Known Exploited Vulnerabilities (confirmed in-the-wild) |
| Aggregated security news |
| FTS5 full-text search across all data |
| On-demand NVD + EPSS lookup for one CVE |
| 24h threat landscape briefing + feed health |
| Items tagged with agent threat classes TH-01..TH-10 |
| Resolve TH/CT ids to controls, REQs, and manual chapters |
| Per-threat-class activity digest for posture review |
Agent threat taxonomy
Classification is a deterministic two-tier keyword classifier (taxonomy.py):
strong agent-specific patterns always tag; generic security terms tag only when
AI/agent context is present in the same text. No LLM calls — results are
reproducible and auditable.
ID | Threat class |
TH-01 | Prompt injection (direct / indirect) |
TH-02 | Tool abuse / privilege escalation |
TH-03 | RAG / knowledge-base poisoning |
TH-04 | Memory / context contamination |
TH-05 | Agent identity / authority abuse |
TH-06 | Delegation / multi-agent abuse |
TH-07 | Supply-chain / MCP / plugin compromise |
TH-08 | Data exfiltration / secret exposure |
TH-09 | Audit / evaluation evasion |
TH-10 | Model / service abuse |
Deployment
docker compose up -d --build
docker logs --tail 80 secfeedStreamable HTTP:
http://<host>:8888/mcp(put a reverse proxy with auth in front for public exposure)stdio mode:
python3 server.py --stdioData volume:
secfeed-datamounted at/data(SQLite + FTS5)
Environment variables
Variable | Purpose |
| Optional — higher NVD API rate limits |
| Optional — higher GitHub API rate limits |
| DB path override (default |
Secrets are injected via the compose environment block from the host
environment — never commit them.
Development
python3 -m venv venv && venv/bin/pip install -r requirements.txt
SECFEED_DB_PATH=/tmp/secfeed-dev.db venv/bin/python3 server.py --stdioLicense
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/AOI-Future/secfeed'
If you have feedback or need assistance with the MCP directory API, please join our Discord server