Skip to main content

MCP server exposing PatrowlIntel vulnerability intelligence (CVEs, EPSS, CISA KEV, public exploits, trending attacks).

Project description

patrowl-intel-mcp

An MCP server that exposes PatrowlIntel vulnerability intelligence (CVEs, EPSS, CISA KEV, public exploits, trending attacks) to any MCP client. It is a thin, read-only stdio wrapper over the public PatrowlIntel API.

v0 — three tools: search_cves, get_cve, list_trending_attacks.

Tools

Tool Purpose
search_cves Filter/rank the CVE feed (risk score, EPSS, KEV, exploited, technology, dates).
get_cve Full record for one CVE (CVSS, EPSS, KEV, SSVC, exploits, references).
list_trending_attacks Recent trending threats, filterable by severity and date.

Configuration (environment)

Variable Default Purpose
PATROWL_INTEL_API_BASE https://intel.patrowl.io Backend API base URL.
PATROWL_INTEL_WEB_BASE = API base Public site base used for CVE citation links.
PATROWL_INTEL_API_KEY (unset) Reserved for the future authenticated tier.
PATROWL_INTEL_TIMEOUT 15 Per-request timeout (seconds).
PATROWL_INTEL_MCP_TRANSPORT stdio stdio (local clients) or streamable-http (networked service).
PATROWL_INTEL_MCP_HOST 127.0.0.1 Bind host for streamable-http.
PATROWL_INTEL_MCP_PORT 8790 Bind port for streamable-http.

Run

# stdio (default) — for local MCP clients that launch the process
uv run patrowl-intel-mcp          # or: pip install -e . && patrowl-intel-mcp

# streamable-http — as a networked service (e.g. Docker); serves at /mcp
PATROWL_INTEL_MCP_TRANSPORT=streamable-http PATROWL_INTEL_MCP_HOST=0.0.0.0 \
  uv run patrowl-intel-mcp

Client config

{
  "mcpServers": {
    "patrowl-intel": {
      "command": "uvx",
      "args": ["patrowl-intel-mcp"],
      "env": { "PATROWL_INTEL_API_BASE": "https://<your-intel-host>" }
    }
  }
}

During local development, point command at your checkout instead:

{ "command": "uv", "args": ["--directory", "/path/to/PatrowlIntelMCP", "run", "patrowl-intel-mcp"] }

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

patrowl_intel_mcp-0.1.0.tar.gz (61.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

patrowl_intel_mcp-0.1.0-py3-none-any.whl (7.7 kB view details)

Uploaded Python 3

File details

Details for the file patrowl_intel_mcp-0.1.0.tar.gz.

File metadata

  • Download URL: patrowl_intel_mcp-0.1.0.tar.gz
  • Upload date:
  • Size: 61.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.8.17

File hashes

Hashes for patrowl_intel_mcp-0.1.0.tar.gz
Algorithm Hash digest
SHA256 1b65104a93e8ef9a621d7edbcdb4848be4586ccbe0380ae8bcbbf6e3e9f33ff2
MD5 dda1176d4eec8d1ac0dcfda87a977192
BLAKE2b-256 43197107ea61ae6acb19767ca664bf52b88ee1390b127cfa6641df10ddded604

See more details on using hashes here.

File details

Details for the file patrowl_intel_mcp-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for patrowl_intel_mcp-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 14d6557b76b57f9852388b167721502f6ebfb3092e8be9cb4c9e0204f1f1523f
MD5 c7c398199f2ff9ae97e36242c5ccfcb0
BLAKE2b-256 74b289b433e65ba16b02a31dd98e7e962494926bb9f97cca594cbb9127129bb8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page