Threat Intelligence

v1.0.0Securitystable

100+ tool MCP server for real-time global intelligence — markets, FX, bonds, earnings, SEC filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. Live Leaflet dashboard with 20 map layers, SSE streaming, and AI situat

ai-toolsai-watchanthropicclaudecybersecurity
Share:
26
Stars
0
Downloads
0
Weekly
0/5

What is Threat Intelligence?

Threat Intelligence is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to 100+ tool mcp server for real-time global intelligence — markets, fx, bonds, earnings, sec filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. live leaflet dashboar...

100+ tool MCP server for real-time global intelligence — markets, FX, bonds, earnings, SEC filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. Live Leaflet dashboard with 20 map layers, SSE streaming, and AI situat

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • 100+ tool MCP server for real-time global intelligence — mar

Use Cases

Real-time market and FX data
Cyber and geopolitical intelligence
SEC filings and earnings data
marc-shade

Maintainer

LicenseMIT License
Languagepython
Versionv1.0.0
UpdatedApr 30, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx threat-intelligence-mcp-server

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Threat Intelligence

The Threat Intelligence MCP Server (world-intel-mcp) is a comprehensive Python-based server exposing 113 tools that pull real-time global intelligence across 30+ domains — stock markets, FX, bonds, earnings, SEC filings, armed conflict events, military aircraft tracking, cyber threats, climate hazards, and company enrichment. It connects to free public APIs including FRED, ACLED, OpenSky, and satellite data feeds, requiring no paid subscriptions for core functionality. Security analysts, geopolitical researchers, and financial professionals can use it to get live situational awareness directly inside Claude without leaving their workflow.

Prerequisites

  • Python 3.10+ installed on your system
  • Git to clone the repository
  • An MCP-compatible client such as Claude Desktop or Claude Code
  • Optional API keys for enhanced data: ACLED_ACCESS_TOKEN, NASA_FIRMS_API_KEY, EIA_API_KEY, FRED_API_KEY (all free tiers available)
  • pip package manager to install dependencies
1

Clone the repository

Clone the world-intel-mcp repository from GitHub to your local machine.

git clone https://github.com/marc-shade/world-intel-mcp.git
cd world-intel-mcp
2

Install the package

Install the core package. Optionally add the dashboard extra for the live Leaflet ops-center, the vector extra for semantic search via Qdrant, or the pdf extra for report generation.

pip install -e .
# Optional extras:
# pip install -e ".[dashboard]"
# pip install -e ".[vector]"
3

Configure optional API keys

Most data sources use free public APIs with no key required. For higher-rate or restricted datasets, set environment variables for your chosen providers.

export ACLED_ACCESS_TOKEN=your_acled_token
export NASA_FIRMS_API_KEY=your_nasa_key
export EIA_API_KEY=your_eia_key
export FRED_API_KEY=your_fred_key
export CLOUDFLARE_API_TOKEN=your_cf_token
4

Add the server to your MCP client configuration

Edit your Claude Desktop config file (~/Library/Application Support/Claude/claude_desktop_config.json on macOS) to register the server so Claude can access all 113 tools.

{
  "mcpServers": {
    "world-intel": {
      "command": "python",
      "args": ["-m", "world_intel_mcp"],
      "env": {
        "FRED_API_KEY": "your_fred_key",
        "ACLED_ACCESS_TOKEN": "your_acled_token"
      }
    }
  }
}
5

Verify the installation

Run a quick CLI health check to confirm the server is operational and can reach the upstream data feeds.

intel status
6

Optionally launch the live dashboard

Start the Leaflet-based ops-center dashboard to visualize intelligence data on interactive map layers in your browser (requires the dashboard extra).

intel-dashboard
# Access at http://localhost:8501

Threat Intelligence Examples

Client configuration

Register the world-intel-mcp server in Claude Desktop with optional API keys for enhanced datasets.

{
  "mcpServers": {
    "world-intel": {
      "command": "python",
      "args": ["-m", "world_intel_mcp"],
      "env": {
        "FRED_API_KEY": "your_fred_api_key",
        "ACLED_ACCESS_TOKEN": "your_acled_token",
        "NASA_FIRMS_API_KEY": "your_nasa_key"
      }
    }
  }
}

Prompts to try

Sample queries that exercise different intelligence domains across the 113 available tools.

- "What are the current stock index levels for S&P 500, NASDAQ, and major Asian markets?"
- "Show me armed conflict events in Eastern Europe from the last 7 days."
- "What is the current earthquake activity globally with magnitude above 5.0?"
- "Fetch the latest FRED macroeconomic indicators for US GDP growth and unemployment."
- "Are there any active internet outages or submarine cable disruptions affecting Asia-Pacific?"
- "Give me a geopolitical instability score for the Middle East region right now."

Troubleshooting Threat Intelligence

Server starts but some tools return empty or error responses

Most enhanced datasets require free API keys (FRED, ACLED, NASA FIRMS). Register for the relevant free-tier accounts, set the environment variables, and restart the MCP server.

Dashboard fails to start or shows import errors

The dashboard requires the optional extra: run `pip install -e ".[dashboard]"` to install Streamlit and Leaflet dependencies before launching `intel-dashboard`.

Module not found error when running the server

Make sure you ran `pip install -e .` from inside the cloned `world-intel-mcp` directory and that your virtual environment (if any) is activated before starting the MCP client.

Frequently Asked Questions about Threat Intelligence

What is Threat Intelligence?

Threat Intelligence is a Model Context Protocol (MCP) server that 100+ tool mcp server for real-time global intelligence — markets, fx, bonds, earnings, sec filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. live leaflet dashboard with 20 map layers, sse streaming, and ai situat It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Threat Intelligence?

Follow the installation instructions on the Threat Intelligence GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Threat Intelligence?

Threat Intelligence works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Threat Intelligence free to use?

Yes, Threat Intelligence is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.

Threat Intelligence Alternatives — Similar Security Servers

Looking for alternatives to Threat Intelligence? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "threat-intelligence-mcp-server": { "command": "npx", "args": ["-y", "threat-intelligence-mcp-server"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Threat Intelligence?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides