Optix
@AdamWaldie
About Optix
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"OPTIX-MCP": {
"command": "python",
"args": [
"main.py"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Optix?
Optix is a standalone Python/FastAPI server that implements the Model Context Protocol (MCP) for the OPTIX threat intelligence platform. It exposes 26 analyst-friendly tools that AI assistants and programmatic consumers can use to query threat feeds, search documents and indicators, manage watchlists, triage IOCs, generate detection rules, trigger AI research, and produce intelligence reports without needing to understand OPTIX's internal REST API.
How to use Optix?
Deploy the server locally: requires Python 3.11+, an active OPTIX installation, and an OPTIX API key. Set environment variables (e.g., OPTIX_API_URL, MCP_PORT) in a .env file or shell, install dependencies with pip install -r requirements.txt, then run python main.py. Connect AI clients like Claude Desktop or Cursor using the provided configuration snippets (Smithery for hosted mode, or self-hosted via HTTP SSE or stdio). All tool requests authenticate via the X-API-Key header.
Key features of Optix
- 26 tools across Read, Write, and AI categories.
- Credit system with pre-flight balance checks.
- Supports threat feed queries, IOC search, document retrieval.
- AI-powered entity research and report generation.
- Watchlist management with notifications.
- Integration with Claude Desktop and Cursor via MCP.
Use cases of Optix
- A SOC analyst asks "What are the latest critical threats?" and retrieves a curated threat feed.
- An AI assistant searches for a specific IOC such as an IP or hash across OPTIX intelligence.
- An incident responder submits a structured incident report and receives a tactical intelligence report.
- A detection engineer generates Sigma or YARA rules for a specific malware family.
- A threat hunter queries the ATT&CK coverage matrix to identify detection gaps.
FAQ from Optix
What are the dependencies and runtime requirements?
Python 3.11+, an active OPTIX installation, and an OPTIX API key are required. The server uses FastAPI and requires packages listed in requirements.txt.
How is authentication handled?
Every request to the MCP endpoint must include the OPTIX API key in the X-API-Key header. Unauthenticated requests receive a structured 401 response.
Where does the data live?
All data resides in the OPTIX backend. The MCP server acts as a proxy; it does not store any intelligence data locally.
What transport protocols are supported?
The server supports HTTP SSE (Server-Sent Events) on the /mcp endpoint and stdio mode for local execution (see Claude Desktop config). A health check is available at GET /health.
Are there any usage limits or costs?
Several tools consume OPTIX credits (e.g., report_incident costs 40 credits, research_entity costs 15 credits). The server performs a pre-flight credit check before any credit-consuming call, and free tools such as get_threat_feed and search_indicator have no credit cost.
More Other MCP servers
Nginx UI
0xJackyYet another WebUI for Nginx
MCP Registry
modelcontextprotocolA community driven registry service for Model Context Protocol (MCP) servers.

Sequential Thinking
modelcontextprotocolModel Context Protocol Servers
Awesome-MCP-ZH
yzflyMCP 资源精选, MCP指南,Claude MCP,MCP Servers, MCP Clients
Inbox Zero AI MCP
elie222The world's best AI personal assistant for email. Open source app to help you reach inbox zero fast.
Comments