Command Palette

Search for a command to run...

UnylyUnyly
Browse all

ORKL Server

FreeNot checked

Enables users to access and query the ORKL Threat Intelligence Library, including threat reports, threat actors, and sources, through MCP tools and resources.

GitHubEmbed

About

Enables users to access and query the ORKL Threat Intelligence Library, including threat reports, threat actors, and sources, through MCP tools and resources.

README

A MCP (Model Control Protocol) server for accessing the ORKL Threat Intelligence Library.

Table of Contents

Features

  • Access to ORKL Threat Intelligence Library data via the ORKL API
  • Efficient caching to minimize API calls
  • Rate limiting to respect ORKL API restrictions
  • Standardized MCP Tools and Resources for LLM interaction
  • Built-in support for Claude Desktop integration

Screenshot

Getting Started

Prerequisites

  • Python 3.10 or later
  • uv package manager (recommended)

Installation

  1. Clone the repository:

    git clone https://github.com/heiths/orkl_mcp_server.git
    cd orkl_mcp_server
    
  2. Install dependencies using uv (recommended):

    uv venv
    uv pip install -r requirements.txt
    
  3. Configure the server (see Configuration section below)

Register with Claude Desktop

Add the following config to your claude_desktop_config.json:

{
  "ORKL Threat Intelligence": {
    "command": "uv",
    "args": [
      "--directory",
      "/path/to/orkl_mcp_server",  <-- Replace with the path to the cloned repository
      "run",
      "python",
      "run_server.py"
    ],
    "env": {
      "ORKL_API_BASE_URL": "https://orkl.eu/api/v1",
      "ORKL_REQUEST_TIMEOUT": "30",
      "ORKL_CACHE_TTL": "300",
      "ORKL_USE_CACHE": "1",
      "ORKL_RATE_LIMIT_REQUESTS": "90",
      "ORKL_RATE_LIMIT_PERIOD": "30"
    }
  }
}

MCP Tools

The server provides the following MCP Tools:

  • fetch_latest_threat_reports: Get recent threat intelligence reports
  • fetch_threat_report_details: Get details about a specific report
  • fetch_threat_report_by_hash: Retrieve a report by SHA1 hash
  • search_threat_reports: Search for reports matching criteria
  • get_library_info: Get information about the ORKL library
  • get_library_version: Get version information
  • fetch_threat_actors: Get a list of all threat actors
  • fetch_threat_actor_details: Get detailed information about a threat actor
  • fetch_sources: Get a list of available sources
  • fetch_source_details: Get detailed information about a source
  • clear_cache: Clear the local cache for fresh data

MCP Resources

The server provides these MCP Resources:

  • threat_reports://{report_id}: Direct access to specific reports
  • threat_actors://{actor_id}: Direct access to threat actor information
  • sources://{source_id}: Direct access to source information

Example Prompts

Malware Investigation

I found a suspicious file with SHA1 hash '5f2b7f47b2c9da342583c3a7e3887b4babad0fa9'. Can you check if this hash is associated with any known threats in the ORKL database and provide details about its capabilities and attribution?

Threat Landscape Overview

Can you provide an overview of the current threat landscape for financial institutions? Use the ORKL API to search for relevant threat reports from the past month and identify emerging trends or notable threat actors.

Configuration

Configuration can be provided through:

  1. Environment variables
  2. A JSON configuration file (config.json in the current directory)

Environment Variables

Variable Description Default
ORKL_API_BASE_URL API base URL https://orkl.eu/api/v1
ORKL_REQUEST_TIMEOUT Request timeout in seconds 30
ORKL_CACHE_TTL Cache time-to-live in seconds 300
ORKL_USE_CACHE Enable caching (1/0) 1
ORKL_RATE_LIMIT_REQUESTS Maximum requests per period 90
ORKL_RATE_LIMIT_PERIOD Rate limit period in seconds 30
ORKL_CONFIG_FILE Path to configuration file config.json

License

This project is licensed under the MIT License - see the LICENSE file for details.

from github.com/heiths/orkl_mcp_server

Installing ORKL Server

This server has no published package — it is built from source. Open the repository and follow its README.

▸ github.com/heiths/orkl_mcp_server

FAQ

Is ORKL Server MCP free?

Yes, ORKL Server MCP is free — one-click install via Unyly at no cost.

Does ORKL Server need an API key?

No, ORKL Server runs without API keys or environment variables.

Is ORKL Server hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install ORKL Server in Claude Desktop, Claude Code or Cursor?

Open ORKL Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare ORKL Server with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All development MCPs