Secfeed
БесплатноНе проверенAggregates security intelligence feeds (vulnerabilities, news, threat intel) into a local SQLite database and provides MCP tools for AI agents to query and anal
Описание
Aggregates security intelligence feeds (vulnerabilities, news, threat intel) into a local SQLite database and provides MCP tools for AI agents to query and analyze them.
README
Security Intelligence MCP server — aggregates authoritative vulnerability, news, and threat-intel feeds into a local SQLite database and serves them to AI agents via MCP tools.
Every ingested item is auto-classified against the agent-security-manual threat taxonomy (TH-01..TH-10), so agents can pull an AI-agent-security focused feed and trace each threat to its mitigating controls (CT), requirements (REQ), and manual chapters.
Data sources
| Category | Sources |
|---|---|
| Vulnerabilities | CISA KEV, NVD CVE API 2.0, EPSS, GitHub Security Advisories, GitHub PoC search |
| Threat intel | Abuse.ch ThreatFox, CISA Cybersecurity Advisories, arXiv cs.CR |
| News | The Hacker News, BleepingComputer, Krebs on Security, The Record, SANS ISC |
| Agent security | Simon Willison's blog, Embrace The Red |
MCP tools
| Tool | Purpose |
|---|---|
get_latest_cves |
Recent CVEs sorted by EPSS exploit probability |
get_cisa_kev |
Known Exploited Vulnerabilities (confirmed in-the-wild) |
get_security_news |
Aggregated security news |
search_security |
FTS5 full-text search across all data |
get_cve_detail |
On-demand NVD + EPSS lookup for one CVE |
get_threat_summary |
24h threat landscape briefing + feed health |
get_agent_threat_feed |
Items tagged with agent threat classes TH-01..TH-10 |
lookup_taxonomy |
Resolve TH/CT ids to controls, REQs, and manual chapters |
get_agent_security_digest |
Per-threat-class activity digest for posture review |
Agent threat taxonomy
Classification is a deterministic two-tier keyword classifier (taxonomy.py):
strong agent-specific patterns always tag; generic security terms tag only when
AI/agent context is present in the same text. No LLM calls — results are
reproducible and auditable.
| ID | Threat class |
|---|---|
| TH-01 | Prompt injection (direct / indirect) |
| TH-02 | Tool abuse / privilege escalation |
| TH-03 | RAG / knowledge-base poisoning |
| TH-04 | Memory / context contamination |
| TH-05 | Agent identity / authority abuse |
| TH-06 | Delegation / multi-agent abuse |
| TH-07 | Supply-chain / MCP / plugin compromise |
| TH-08 | Data exfiltration / secret exposure |
| TH-09 | Audit / evaluation evasion |
| TH-10 | Model / service abuse |
Deployment
docker compose up -d --build
docker logs --tail 80 secfeed
- Streamable HTTP:
http://<host>:8888/mcp(put a reverse proxy with auth in front for public exposure) - stdio mode:
python3 server.py --stdio - Data volume:
secfeed-datamounted at/data(SQLite + FTS5)
Environment variables
| Variable | Purpose |
|---|---|
NVD_API_KEY |
Optional — higher NVD API rate limits |
GITHUB_TOKEN |
Optional — higher GitHub API rate limits |
SECFEED_DB_PATH |
DB path override (default /data/secfeed.db) |
Secrets are injected via the compose environment block from the host
environment — never commit them.
Development
python3 -m venv venv && venv/bin/pip install -r requirements.txt
SECFEED_DB_PATH=/tmp/secfeed-dev.db venv/bin/python3 server.py --stdio
License
MIT
Установка Secfeed
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/AOI-Future/secfeedFAQ
Secfeed MCP бесплатный?
Да, Secfeed MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Secfeed?
Нет, Secfeed работает без API-ключей и переменных окружения.
Secfeed — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Secfeed в Claude Desktop, Claude Code или Cursor?
Открой Secfeed на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
wenb1n-dev/SmartDB_MCP
A universal database MCP server supporting simultaneous connections to multiple databases. It provides tools for database operations, health analysis, SQL optim
автор: wenb1n-devPostgres Server
This server enables interaction with PostgreSQL databases through the Model Context Protocol, optimized for the AWS Bedrock AgentCore Runtime. It provides tools
автор: madhurprashPostgres
Query your database in natural language
автор: AnthropicPostgreSQL
Read-only database access with schema inspection.
автор: modelcontextprotocolCompare Secfeed with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории data
