Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Crowdsec

FreeNot checked

A read-only MCP server that exposes CrowdSec decisions and alerts via the LAPI. Provides tools such as list_decisions, decisions_stream, list_alerts, and get_al

GitHubEmbed

About

A read-only MCP server that exposes CrowdSec decisions and alerts via the LAPI. Provides tools such as list_decisions, decisions_stream, list_alerts, and get_alert.

README

A read-only MCP server for CrowdSec, exposing decisions and alerts.

Tools

name endpoint required secret
list_decisions GET /v1/decisions bouncer key
decisions_stream GET /v1/decisions/stream bouncer key
list_alerts GET /v1/alerts machine login
get_alert GET /v1/alerts/{id} machine login

Credentials

We need two credential types:

  • Decisions need only a bouncer API key (cscli bouncers add <name>), which is inherently read-only. This alone is enough for list_decisions / decisions_stream.
  • Alerts are only reachable with machine credentials (cscli machines add), exchanged for a short-lived JWT. That credential is technically read-write on LAPI, so this server only ever issues GET requests (plus the login POST). The alert tools stay disabled unless machine credentials are configured.

Configuration (environment variables)

name default use
CROWDSEC_LAPI_URL http://localhost:8080 LAPI base URL
CROWDSEC_BOUNCER_KEY bouncer API key (enables decision tools)
CROWDSEC_MACHINE_ID machine id (enables alert tools)
CROWDSEC_MACHINE_PASSWORD machine password
CROWDSEC_VERIFY_TLS true set false to skip TLS verification

from github.com/Swarsel/crowdsec-mcp

Install Crowdsec in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install crowdsec-mcp

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add crowdsec-mcp -- uvx --from git+https://github.com/Swarsel/crowdsec-mcp crowdsec-mcp

FAQ

Is Crowdsec MCP free?

Yes, Crowdsec MCP is free — one-click install via Unyly at no cost.

Does Crowdsec need an API key?

No, Crowdsec runs without API keys or environment variables.

Is Crowdsec hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Crowdsec in Claude Desktop, Claude Code or Cursor?

Open Crowdsec on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Crowdsec with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All development MCPs