agentic-misp-mcp

hdyrawan/agentic-misp-mcp
★ 0 stars Python AI/LLM Updated 9d ago
Workflow-first MCP server for MISP threat intelligence, with agentic IOC investigation, pivoting, reporting, and policy-gated write workflows.
View on GitHub → 🔍 Audit Wallet Slippage →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "agentic-misp-mcp": {
      "command": "uvx",
      "args": [
        "agentic-misp-mcp"
      ]
    }
  }
}

Or install with pip: pip install agentic-misp-mcp

README Excerpt

**MISP workflows for agents — investigate, pivot, report, and propose controlled writes without turning your MCP server into a raw API proxy.** `agentic-misp-mcp` is an early-stage MCP server for security analysts working with MISP threat intelligence. It gives AI agents a small set of analyst-oriented workflows: search an IOC, investigate context, pivot through related indicators, summarize events, generate reports, and prepare tightly controlled write proposals.

Tools (20)

AGENTIC_MISP_MCP_ALLOWED_ATTRIBUTE_CATEGORIESAGENTIC_MISP_MCP_ALLOWED_ATTRIBUTE_TYPESAGENTIC_MISP_MCP_ALLOWED_TAGSAGENTIC_MISP_MCP_ALLOW_INSECURE_HTTP_BINDAGENTIC_MISP_MCP_APPROVAL_MODEAGENTIC_MISP_MCP_APPROVAL_STORE_PATHAGENTIC_MISP_MCP_APPROVAL_TOKENAGENTIC_MISP_MCP_APPROVAL_TTL_SECONDSAGENTIC_MISP_MCP_AUDIT_LOG_PATHAGENTIC_MISP_MCP_ENABLE_PUBLISHAGENTIC_MISP_MCP_ENABLE_WRITEAGENTIC_MISP_MCP_LOG_LEVELAGENTIC_MISP_MCP_MAX_RESPONSE_BYTESAGENTIC_MISP_MCP_REQUIRE_APPROVALAGENTIC_MISP_MCP_ROLEINFOMISP_API_KEYMISP_DEFAULT_LIMITMISP_EVENT_ATTRIBUTE_LIMITMISP_MAX_LIMIT

Topics

cybersecurityfastmcpincident-responsemcpmisposintpythonsocthreat-intelligence