MCP.so
登录

ORKL MCP Server

@heiths

关于 ORKL MCP Server

MCP server for ORKL Threat Intelligence Library

基本信息

分类

其他

许可证

MIT

运行时

python

传输方式

stdio

发布者

heiths

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "orkl_mcp_server": {
      "command": "uv",
      "args": [
        "venv"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is ORKL MCP Server?

The ORKL MCP Server is an MCP (Model Control Protocol) server that provides access to the ORKL Threat Intelligence Library via the ORKL API. It is designed for developers and security analysts who want to query threat intelligence data from within LLM applications like Claude Desktop.

How to use ORKL MCP Server?

Install prerequisites (Python 3.10+ and the uv package manager), clone the repository, install dependencies with uv, and configure via environment variables (e.g., ORKL_API_BASE_URL) or a config.json file. Then register the server with Claude Desktop by adding a configuration entry to claude_desktop_config.json that points to the cloned directory and runs run_server.py using uv.

Key features of ORKL MCP Server

  • Access to ORKL Threat Intelligence Library via the official API
  • Efficient caching to minimize API calls
  • Rate limiting to respect ORKL API restrictions
  • Standardized MCP Tools and Resources for LLM interaction
  • Built-in support for Claude Desktop integration

Use cases of ORKL MCP Server

  • Malware investigation: Check a file’s SHA1 hash against known threats in the ORKL database
  • Threat landscape overview: Search for recent reports relevant to a specific sector (e.g., financial institutions) and identify emerging trends
  • Fetch and explore recent threat reports, threat actors, or sources
  • Retrieve detailed information about a specific report, actor, or source via direct resource URIs
  • Clear local cache to ensure fresh data on subsequent queries

FAQ from ORKL MCP Server

What is the ORKL Threat Intelligence Library?

ORKL is a threat intelligence library that provides structured data on malware, threat actors, and sources. The ORKL MCP Server accesses this data through the public ORKL API.

What are the prerequisites to run ORKL MCP Server?

You need Python 3.10 or later and the uv package manager (recommended). The server also requires a working internet connection to reach the ORKL API.

How do I configure the base URL or other settings?

Configuration can be provided via environment variables (e.g., ORKL_API_BASE_URL, ORKL_CACHE_TTL, ORKL_RATE_LIMIT_REQUESTS) or a JSON configuration file (config.json in the current directory). Default values are documented in the README.

Is caching enabled by default?

Yes, caching is enabled by default (ORKL_USE_CACHE is set to 1). The cache time-to-live is 300 seconds by default, but can be adjusted via the ORKL_CACHE_TTL environment variable.

How can I clear the cache?

The server provides an MCP tool clear_cache that can be invoked to clear the local cache and force fresh data on subsequent API requests.

评论

其他 分类下的更多 MCP 服务器