huntress-mcp
Huntress MCP Server
A Model Context Protocol (MCP) server that provides AI assistants with structured access to Huntress cybersecurity platform data and operations.
Note: This project is maintained by Wyre Technology.
Quick Start
Claude Desktop — download, open, done:
Download
huntress-mcp.mcpbfrom the latest releaseOpen the file (double-click or drag into Claude Desktop)
Enter your Huntress credentials when prompted (API Key, API Secret)
No terminal, no JSON editing, no Node.js install required.
Claude Code (CLI):
claude mcp add huntress-mcp \
-e HUNTRESS_API_KEY=your-api-key \
-e HUNTRESS_API_SECRET=your-api-secret \
-- npx -y github:wyre-technology/huntress-mcpSee Installation for Docker and from-source methods.
Features
🔌 MCP Protocol Compliance: Full support for MCP resources and tools
🛡️ Comprehensive Security Coverage: Tools spanning agents, organizations, incidents, escalations, billing, signals, and users
🔍 Decision-Tree Navigation: Start with
huntress_navigateto explore domains, then dynamically load domain-specific tools📝 CRUD Operations: Create, read, update, delete operations for organizations, memberships, incidents, and more
🔒 Secure Authentication: HTTP Basic Auth with Huntress API credentials
🌐 Dual Transport: Supports both stdio (local) and HTTP Streamable (remote/Docker) transports
📦 MCPB Packaging: One-click installation via MCP Bundle for desktop clients
🐳 Docker Ready: Containerized deployment with HTTP transport and health checks
⚡ Rate Limiting: Built-in rate limiter respects Huntress API limits (60 req/min)
📊 Structured Logging: Comprehensive logging with configurable levels
Table of Contents
Installation
Option 1: MCPB Bundle (Claude Desktop)
The simplest method — no terminal, no JSON editing, no Node.js install required.
Download
huntress-mcp.mcpbfrom the latest releaseOpen the file (double-click or drag into Claude Desktop)
Enter your Huntress credentials when prompted (API Key, API Secret)
For Claude Code (CLI), one command:
claude mcp add huntress-mcp \
-e HUNTRESS_API_KEY=your-api-key \
-e HUNTRESS_API_SECRET=your-api-secret \
-- npx -y github:wyre-technology/huntress-mcpOption 2: Docker
docker compose upOr pull the pre-built image:
docker run -d \
-e HUNTRESS_API_KEY=your-key \
-e HUNTRESS_API_SECRET=your-secret \
-p 8080:8080 \
ghcr.io/wyre-technology/huntress-mcp:latestOption 3: From Source
git clone https://github.com/wyre-technology/huntress-mcp.git
cd huntress-mcp
npm ci
npm run buildConfiguration
Variable | Description | Default |
| API public key | — |
| API secret key | — |
| Transport mode ( |
|
| HTTP server port |
|
| Auth mode ( |
|
| Log level ( |
|
Domains
The server uses decision-tree navigation. Start with huntress_navigate to pick a domain:
Domain | Tools |
accounts | Get account info, get current actor |
agents | List agents, get agent by ID |
organizations | List, get, create, update, delete organizations |
incidents | Incident reports (list/get/resolve), remediations (list/get/approve/reject), escalations (list/get/resolve) |
billing | Billing reports, summary reports |
signals | List/get security signals |
users | Membership CRUD (list/get/create/update/delete) |
Docker Deployment
See docker-compose.yml for full configuration. Copy .env.example to .env and fill in your credentials:
cp .env.example .env
# Edit .env with your Huntress API credentials
docker compose up -dDevelopment
npm ci
npm run build # Build the project
npm run dev # Watch mode
npm run test # Run tests
npm run lint # Type-check
npm run clean # Remove dist/Testing
npm test # Run test suite
npm run test:watch # Watch modeContributing
See CONTRIBUTING.md for guidelines.
License
Apache 2.0 — Copyright WYRE Technology
This server cannot be installed
Maintenance
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/wyre-technology/huntress-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server