Huntress
FreeNot checkedAn MCP server for Huntress managed security platform, enabling management of agents, incidents, reports, and threat detections through Huntress's API.
About
An MCP server for Huntress managed security platform, enabling management of agents, incidents, reports, and threat detections through Huntress's API.
README
A Model Context Protocol (MCP) server that provides AI assistants with structured access to Huntress cybersecurity platform data and operations.
Note: This project is maintained by Wyre Technology.
Quick Start
Claude Desktop — download, open, done:
- Download
huntress-mcp.mcpbfrom the latest release - Open the file (double-click or drag into Claude Desktop)
- Enter your Huntress credentials when prompted (API Key, API Secret)
No terminal, no JSON editing, no Node.js install required.
Claude Code (CLI):
claude mcp add huntress-mcp \
-e HUNTRESS_API_KEY=your-api-key \
-e HUNTRESS_API_SECRET=your-api-secret \
-- npx -y github:wyre-technology/huntress-mcp
See Installation for Docker and from-source methods.
Features
- 🔌 MCP Protocol Compliance: Full support for MCP resources and tools
- 🛡️ Comprehensive Security Coverage: Tools spanning agents, organizations, incidents, escalations, billing, signals, and users
- 🔍 Decision-Tree Navigation: Start with
huntress_navigateto explore domains, then dynamically load domain-specific tools - 📝 CRUD Operations: Create, read, update, delete operations for organizations, memberships, incidents, and more
- 🔒 Secure Authentication: HTTP Basic Auth with Huntress API credentials
- 🌐 Dual Transport: Supports both stdio (local) and HTTP Streamable (remote/Docker) transports
- 📦 MCPB Packaging: One-click installation via MCP Bundle for desktop clients
- 🐳 Docker Ready: Containerized deployment with HTTP transport and health checks
- ⚡ Rate Limiting: Built-in rate limiter respects Huntress API limits (60 req/min)
- 📊 Structured Logging: Comprehensive logging with configurable levels
Table of Contents
Installation
Option 1: MCPB Bundle (Claude Desktop)
The simplest method — no terminal, no JSON editing, no Node.js install required.
- Download
huntress-mcp.mcpbfrom the latest release - Open the file (double-click or drag into Claude Desktop)
- Enter your Huntress credentials when prompted (API Key, API Secret)
For Claude Code (CLI), one command:
claude mcp add huntress-mcp \
-e HUNTRESS_API_KEY=your-api-key \
-e HUNTRESS_API_SECRET=your-api-secret \
-- npx -y github:wyre-technology/huntress-mcp
Option 2: Docker
docker compose up
Or pull the pre-built image:
docker run -d \
-e HUNTRESS_API_KEY=your-key \
-e HUNTRESS_API_SECRET=your-secret \
-p 8080:8080 \
ghcr.io/wyre-technology/huntress-mcp:latest
Option 3: From Source
git clone https://github.com/wyre-technology/huntress-mcp.git
cd huntress-mcp
npm ci
npm run build
Configuration
| Variable | Description | Default |
|---|---|---|
HUNTRESS_API_KEY |
API public key | — |
HUNTRESS_API_SECRET |
API secret key | — |
MCP_TRANSPORT |
Transport mode (stdio or http) |
stdio |
MCP_HTTP_PORT |
HTTP server port | 8080 |
AUTH_MODE |
Auth mode (env or gateway) |
env |
LOG_LEVEL |
Log level (debug, info, warn, error) |
info |
Domains
The server uses decision-tree navigation. Start with huntress_navigate to pick a domain:
| Domain | Tools |
|---|---|
| accounts | Get account info, get current actor |
| agents | List agents, get agent by ID |
| organizations | List, get, create, update, delete organizations |
| incidents | Incident reports (list/get/resolve), remediations (list/get/approve/reject), escalations (list/get/resolve) |
| billing | Billing reports, summary reports |
| signals | List/get security signals |
| users | Membership CRUD (list/get/create/update/delete) |
Docker Deployment
See docker-compose.yml for full configuration. Copy .env.example to .env and fill in your credentials:
cp .env.example .env
# Edit .env with your Huntress API credentials
docker compose up -d
Development
npm ci
npm run build # Build the project
npm run dev # Watch mode
npm run test # Run tests
npm run lint # Type-check
npm run clean # Remove dist/
Testing
npm test # Run test suite
npm run test:watch # Watch mode
Contributing
See CONTRIBUTING.md for guidelines.
License
Apache 2.0 — Copyright WYRE Technology
Install Huntress in Claude Desktop, Claude Code & Cursor
unyly install huntress-mcpInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add huntress-mcp -- npx -y github:wyre-technology/huntress-mcpFAQ
Is Huntress MCP free?
Yes, Huntress MCP is free — one-click install via Unyly at no cost.
Does Huntress need an API key?
No, Huntress runs without API keys or environment variables.
Is Huntress hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Huntress in Claude Desktop, Claude Code or Cursor?
Open Huntress on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Huntress with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
