Your agent installs packages it chose, follows links it found, and trusts hosts it's never seen — with zero threat context. Security Intel MCP puts the check in the loop.
Tools your agent calls mid-task, before it trusts something it shouldn't.
cve_lookupCVSS score, severity, and CISA known-exploited status — the "do I care today?" answer for any CVE.
package_vulnerabilitiesKnown vulns and fix versions for any package across npm, PyPI, Go, Maven, crates.io and more.
url_checkIs this URL a known malware or phishing distribution site? Threat type, malware tags, takedown state.
ip_reputationAbuse confidence score, report history, Tor status, and ISP for any IP in your agent's logs.
Hosted endpoint, nothing to install.
claude mcp add --transport http security-intel https://security-intel-mcp.greenfield1775.workers.dev/mcp
{
"mcpServers": {
"security-intel": {
"command": "npx",
"args": ["mcp-remote", "https://security-intel-mcp.greenfield1775.workers.dev/mcp"]
}
}
}
"Before adding this npm package, check it for known vulnerabilities."
"Is CVE-2024-3094 actively exploited?"
"Vet the IPs in this auth log."
Free while in launch beta. Paid tiers activate later — early users keep generous limits.