Get the FREE Ultimate OpenClaw Setup Guide →

orkl_mcp_server

MCP server for ORKL Threat Intelligence Library

Installation
Run this command in your terminal to add the MCP server to Claude Code.
Run in terminal:
View docs
Command
claude mcp add --transport stdio heiths-orkl_mcp_server uv --directory /path/to/orkl_mcp_server run python run_server.py \
  --env ORKL_CACHE_TTL="300" \
  --env ORKL_USE_CACHE="1" \
  --env ORKL_API_BASE_URL="https://orkl.eu/api/v1" \
  --env ORKL_REQUEST_TIMEOUT="30" \
  --env ORKL_RATE_LIMIT_PERIOD="30" \
  --env ORKL_RATE_LIMIT_REQUESTS="90"

How to use

ORKL MCP Server exposes a set of standardized MCP Tools that fetch, search, and retrieve threat intelligence data from the ORKL Threat Intelligence Library. You can use tools to fetch the latest threat reports, obtain detailed information about specific reports or actors, search for reports by criteria, and retrieve library or source metadata. The server also supports direct MCP Resources for quick access to specific threat reports, threat actors, and sources. If you’re integrating with Claude Desktop, you can register the server so Claude can invoke these tools directly through natural language prompts, using the configured environment and API base URL. Typical workflows include querying for recent threat activity, drilling into a specific report by hash, or listing available sources and actors for attribution and reconnaissance.

How to install

Prerequisites:

  • Python 3.10 or later
  • uv package manager (recommended)

Installation steps:

  1. Clone the repository: git clone https://github.com/heiths/orkl_mcp_server.git cd orkl_mcp_server

  2. Install uv and Python dependencies (recommended): uv venv uv pip install -r requirements.txt

  3. Run the MCP server (via uv integration, see Configuration): uv --directory /path/to/orkl_mcp_server run python run_server.py

  4. (Optional) Configure Claude Desktop integration by adding the following to claude_desktop_config.json and adjusting the path: { "ORKL Threat Intelligence": { "command": "uv", "args": [ "--directory", "/path/to/orkl_mcp_server", "run", "python", "run_server.py" ], "env": { "ORKL_API_BASE_URL": "https://orkl.eu/api/v1", "ORKL_REQUEST_TIMEOUT": "30", "ORKL_CACHE_TTL": "300", "ORKL_USE_CACHE": "1", "ORKL_RATE_LIMIT_REQUESTS": "90", "ORKL_RATE_LIMIT_PERIOD": "30" } } }

Additional notes

Tips and notes:

  • The server caches ORKL API responses to reduce external calls; adjust ORKL_CACHE_TTL to balance freshness and performance.
  • Ensure ORKL_API_BASE_URL is reachable from your environment and that API rate limits are respected (configurable via ORKL_RATE_LIMIT_* variables).
  • If running behind a proxy or in restricted environments, set appropriate network settings or environment variables.
  • The MCP Tools list (fetch_latest_threat_reports, fetch_threat_report_details, etc.) can be invoked programmatically or via Claude Desktop prompts once the server is registered.
  • For direct access, MCP Resources provide URL-like schemes like threat_reports://{report_id} for quick retrieval.
  • If you upgrade dependencies or Python versions, re-install requirements and re-run the server to ensure compatibility.

Related MCP Servers

mcp-vegalite

96

MCP server from isaacwasserman/mcp-vegalite-server

github-chat

84

A Model Context Protocol (MCP) for analyzing and querying GitHub repositories using the GitHub Chat API.

nautex

67

MCP server for guiding Coding Agents via end-to-end requirements to implementation plan pipeline

pagerduty

52

PagerDuty's official local MCP (Model Context Protocol) server which provides tools to interact with your PagerDuty account directly from your MCP-enabled client.

futu-stock

45

mcp server for futuniuniu stock

mcp -boilerplate

18

Boilerplate using one of the 'better' ways to build MCP Servers. Written using FastMCP

Sponsor this space

Reach thousands of developers