Give your AI agents
security instincts

Your agent installs packages it chose, follows links it found, and trusts hosts it's never seen — with zero threat context. Security Intel MCP puts the check in the loop.

Listed in the Official MCP Registry · Open source (MIT) · No install required

Four checks, one endpoint

Tools your agent calls mid-task, before it trusts something it shouldn't.

cve_lookup

CVSS score, severity, and CISA known-exploited status — the "do I care today?" answer for any CVE.

Source: NVD + CISA KEV

package_vulnerabilities

Known vulns and fix versions for any package across npm, PyPI, Go, Maven, crates.io and more.

Source: OSV.dev

url_check

Is this URL a known malware or phishing distribution site? Threat type, malware tags, takedown state.

Source: URLhaus (abuse.ch)

ip_reputation

Abuse confidence score, report history, Tor status, and ISP for any IP in your agent's logs.

Source: AbuseIPDB

Quick start

Hosted endpoint, nothing to install.

Claude Code

claude mcp add --transport http security-intel https://security-intel-mcp.greenfield1775.workers.dev/mcp

Claude Desktop / other MCP clients

{
  "mcpServers": {
    "security-intel": {
      "command": "npx",
      "args": ["mcp-remote", "https://security-intel-mcp.greenfield1775.workers.dev/mcp"]
    }
  }
}

Then try

"Before adding this npm package, check it for known vulnerabilities."
"Is CVE-2024-3094 actively exploited?"
"Vet the IPs in this auth log."

Pricing

Free while in launch beta. Paid tiers activate later — early users keep generous limits.

Builder

$19/mo — coming soon
  • 5,000 tool calls/mo
  • Priority endpoint
  • Email support

Team

$49/mo — coming soon
  • 25,000 tool calls/mo
  • Usage dashboard
  • SLA
Self-hosting? The whole server is one dependency-free file on Cloudflare's free tier. MIT licensed. Grab it on GitHub.