This is a repository to experiment with MCP for security
- • Basic MCP protocol features implemented (12/40)
- • Room for improvement in GitHub community
- • Optimal dependency management (20/20)
- • Room for improvement in deployment maturity
- • Documentation (8/8)
- • Archestra MCP Trust score badge is missing
{
"orkl": {
"command": "uv",
"args": [
"--directory",
"/MyMCP/mcptest/orkl",
"run",
"orkl"
],
"env": {}
}
}ORKL MCP Server
A full write-up can be found here: https://blog.securitybreak.io/building-a-threat-intelligence-genai-reporter-with-orkl-and-claude-a0ae2e969693
A Model Context Protocol (MCP) server for querying the ORKL API. This server provides tools for fetching and analyzing threat reports, threat actors, and sources. It integrates smoothly with MCP-compatible applications.
Quick Install
Edit or create the file /Users/user/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"orkl": {
"command": "uv",
"args": [
"--directory",
"/MyMCP/mcptest/orkl",
"run",
"orkl"
]
}
}
}
Tools
Report Tools
Fetch Latest Threat Reports
- Name:
fetch_latest_threat_reports - Description: Fetch recent threat reports with their titles and IDs.
- Parameters: None
Fetch Threat Report Details
- Name:
fetch_threat_report_details - Description: Retrieve detailed information for a specific threat report by ID.
- Parameters:
report_id(required): The ID of the threat report.
Threat Actor Tools
Fetch Threat Actors
- Name:
fetch_threat_actors - Description: Fetch a list of known threat actors with their IDs and names.
- Parameters: None
Fetch Threat Actor Details
- Name:
fetch_threat_actor_details - Description: Retrieve detailed information for a specific threat actor by ID.
- Parameters:
actor_id(required): The ID of the threat actor.
Source Tools
Fetch Sources
- Name:
fetch_sources - Description: Fetch a list of sources used in threat intelligence.
- Parameters: None
Fetch Source Details
- Name:
fetch_source_details - Description: Retrieve detailed metadata for a specific source by ID.
- Parameters:
source_id(required): The ID of the source.
[](https://archestra.ai/mcp-catalog/fr0gger__mcp_security)ORKL MCP Server
A full write-up can be found here: https://blog.securitybreak.io/building-a-threat-intelligence-genai-reporter-with-orkl-and-claude-a0ae2e969693
A Model Context Protocol (MCP) server for querying the ORKL API. This server provides tools for fetching and analyzing threat reports, threat actors, and sources. It integrates smoothly with MCP-compatible applications.
Quick Install
Edit or create the file /Users/user/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"orkl": {
"command": "uv",
"args": [
"--directory",
"/MyMCP/mcptest/orkl",
"run",
"orkl"
]
}
}
}
Tools
Report Tools
Fetch Latest Threat Reports
- Name:
fetch_latest_threat_reports - Description: Fetch recent threat reports with their titles and IDs.
- Parameters: None
Fetch Threat Report Details
- Name:
fetch_threat_report_details - Description: Retrieve detailed information for a specific threat report by ID.
- Parameters:
report_id(required): The ID of the threat report.
Threat Actor Tools
Fetch Threat Actors
- Name:
fetch_threat_actors - Description: Fetch a list of known threat actors with their IDs and names.
- Parameters: None
Fetch Threat Actor Details
- Name:
fetch_threat_actor_details - Description: Retrieve detailed information for a specific threat actor by ID.
- Parameters:
actor_id(required): The ID of the threat actor.
Source Tools
Fetch Sources
- Name:
fetch_sources - Description: Fetch a list of sources used in threat intelligence.
- Parameters: None
Fetch Source Details
- Name:
fetch_source_details - Description: Retrieve detailed metadata for a specific source by ID.
- Parameters:
source_id(required): The ID of the source.