Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Huntress

FreeNot checked

An MCP server for Huntress managed security platform, enabling management of agents, incidents, reports, and threat detections through Huntress's API.

GitHubEmbed

About

An MCP server for Huntress managed security platform, enabling management of agents, incidents, reports, and threat detections through Huntress's API.

README

Build Status License Node.js

A Model Context Protocol (MCP) server that provides AI assistants with structured access to Huntress cybersecurity platform data and operations.

Note: This project is maintained by Wyre Technology.

Quick Start

Claude Desktop — download, open, done:

  1. Download huntress-mcp.mcpb from the latest release
  2. Open the file (double-click or drag into Claude Desktop)
  3. Enter your Huntress credentials when prompted (API Key, API Secret)

No terminal, no JSON editing, no Node.js install required.

Claude Code (CLI):

claude mcp add huntress-mcp \
  -e HUNTRESS_API_KEY=your-api-key \
  -e HUNTRESS_API_SECRET=your-api-secret \
  -- npx -y github:wyre-technology/huntress-mcp

See Installation for Docker and from-source methods.

Features

  • 🔌 MCP Protocol Compliance: Full support for MCP resources and tools
  • 🛡️ Comprehensive Security Coverage: Tools spanning agents, organizations, incidents, escalations, billing, signals, and users
  • 🔍 Decision-Tree Navigation: Start with huntress_navigate to explore domains, then dynamically load domain-specific tools
  • 📝 CRUD Operations: Create, read, update, delete operations for organizations, memberships, incidents, and more
  • 🔒 Secure Authentication: HTTP Basic Auth with Huntress API credentials
  • 🌐 Dual Transport: Supports both stdio (local) and HTTP Streamable (remote/Docker) transports
  • 📦 MCPB Packaging: One-click installation via MCP Bundle for desktop clients
  • 🐳 Docker Ready: Containerized deployment with HTTP transport and health checks
  • ⚡ Rate Limiting: Built-in rate limiter respects Huntress API limits (60 req/min)
  • 📊 Structured Logging: Comprehensive logging with configurable levels

Table of Contents

Installation

Option 1: MCPB Bundle (Claude Desktop)

The simplest method — no terminal, no JSON editing, no Node.js install required.

  1. Download huntress-mcp.mcpb from the latest release
  2. Open the file (double-click or drag into Claude Desktop)
  3. Enter your Huntress credentials when prompted (API Key, API Secret)

For Claude Code (CLI), one command:

claude mcp add huntress-mcp \
  -e HUNTRESS_API_KEY=your-api-key \
  -e HUNTRESS_API_SECRET=your-api-secret \
  -- npx -y github:wyre-technology/huntress-mcp

Option 2: Docker

docker compose up

Or pull the pre-built image:

docker run -d \
  -e HUNTRESS_API_KEY=your-key \
  -e HUNTRESS_API_SECRET=your-secret \
  -p 8080:8080 \
  ghcr.io/wyre-technology/huntress-mcp:latest

Option 3: From Source

git clone https://github.com/wyre-technology/huntress-mcp.git
cd huntress-mcp
npm ci
npm run build

Configuration

Variable Description Default
HUNTRESS_API_KEY API public key
HUNTRESS_API_SECRET API secret key
MCP_TRANSPORT Transport mode (stdio or http) stdio
MCP_HTTP_PORT HTTP server port 8080
AUTH_MODE Auth mode (env or gateway) env
LOG_LEVEL Log level (debug, info, warn, error) info

Domains

The server uses decision-tree navigation. Start with huntress_navigate to pick a domain:

Domain Tools
accounts Get account info, get current actor
agents List agents, get agent by ID
organizations List, get, create, update, delete organizations
incidents Incident reports (list/get/resolve), remediations (list/get/approve/reject), escalations (list/get/resolve)
billing Billing reports, summary reports
signals List/get security signals
users Membership CRUD (list/get/create/update/delete)

Docker Deployment

See docker-compose.yml for full configuration. Copy .env.example to .env and fill in your credentials:

cp .env.example .env
# Edit .env with your Huntress API credentials
docker compose up -d

Development

npm ci
npm run build       # Build the project
npm run dev         # Watch mode
npm run test        # Run tests
npm run lint        # Type-check
npm run clean       # Remove dist/

Testing

npm test            # Run test suite
npm run test:watch  # Watch mode

Contributing

See CONTRIBUTING.md for guidelines.

License

Apache 2.0 — Copyright WYRE Technology

from github.com/wyre-technology/huntress-mcp

Install Huntress in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install huntress-mcp

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add huntress-mcp -- npx -y github:wyre-technology/huntress-mcp

FAQ

Is Huntress MCP free?

Yes, Huntress MCP is free — one-click install via Unyly at no cost.

Does Huntress need an API key?

No, Huntress runs without API keys or environment variables.

Is Huntress hosted or self-hosted?

Self-hosted: the server runs locally on your machine via the install command above.

How do I install Huntress in Claude Desktop, Claude Code or Cursor?

Open Huntress on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Huntress with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All development MCPs