Google Threat Intelligence MCP Server

Overview Schema Related Servers Score Discussions

search_threat_actors

Search for threat actors in Google Threat Intelligence to identify and investigate malicious campaigns, malware families, and their relationships.

Instructions

Search threat actors in the Google Threat Intelligence platform.

Threat actors are modeled as collections. Once you get collections from this tool, you can use get_collection_report to fetch the full reports and their relationships.

You can use order_by to sort the results by: "relevance", "creation_date". You can use the sign "+" to make it order ascending, or "-" to make it descending. By default is "relevance-"

Args: query (required): Search query to find threats. limit: Limit the number of threats to retrieve. 10 by default. order_by: Order results by the given order key. "relevance-" by default.

Returns: List of collections, aka threats.

Input Schema

TableJSON Schema

Name	Required	Default
`query`	Yes
`limit`	No
`order_by`	No	relevance-
`api_key`	No

Install Server

Other Tools

Latest Blog Posts

How to make a release?
By punkpeye on March 15, 2026.
tutorial
Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/googleSandy/gti-mcp-standalone'

If you have feedback or need assistance with the MCP directory API, please join our Discord server