Threat Intelligence
100+ tool MCP server for real-time global intelligence — markets, FX, bonds, earnings, SEC filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. Live Leaflet dashboard with 20 map layers, SSE streaming, and AI situat
What is Threat Intelligence?
Threat Intelligence is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to 100+ tool mcp server for real-time global intelligence — markets, fx, bonds, earnings, sec filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. live leaflet dashboar...
100+ tool MCP server for real-time global intelligence — markets, FX, bonds, earnings, SEC filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. Live Leaflet dashboard with 20 map layers, SSE streaming, and AI situat
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- 100+ tool MCP server for real-time global intelligence — mar
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx threat-intelligence-mcp-serverConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Threat Intelligence
The Threat Intelligence MCP Server (world-intel-mcp) is a comprehensive Python-based server exposing 113 tools that pull real-time global intelligence across 30+ domains — stock markets, FX, bonds, earnings, SEC filings, armed conflict events, military aircraft tracking, cyber threats, climate hazards, and company enrichment. It connects to free public APIs including FRED, ACLED, OpenSky, and satellite data feeds, requiring no paid subscriptions for core functionality. Security analysts, geopolitical researchers, and financial professionals can use it to get live situational awareness directly inside Claude without leaving their workflow.
Prerequisites
- Python 3.10+ installed on your system
- Git to clone the repository
- An MCP-compatible client such as Claude Desktop or Claude Code
- Optional API keys for enhanced data: ACLED_ACCESS_TOKEN, NASA_FIRMS_API_KEY, EIA_API_KEY, FRED_API_KEY (all free tiers available)
- pip package manager to install dependencies
Clone the repository
Clone the world-intel-mcp repository from GitHub to your local machine.
git clone https://github.com/marc-shade/world-intel-mcp.git
cd world-intel-mcpInstall the package
Install the core package. Optionally add the dashboard extra for the live Leaflet ops-center, the vector extra for semantic search via Qdrant, or the pdf extra for report generation.
pip install -e .
# Optional extras:
# pip install -e ".[dashboard]"
# pip install -e ".[vector]"Configure optional API keys
Most data sources use free public APIs with no key required. For higher-rate or restricted datasets, set environment variables for your chosen providers.
export ACLED_ACCESS_TOKEN=your_acled_token
export NASA_FIRMS_API_KEY=your_nasa_key
export EIA_API_KEY=your_eia_key
export FRED_API_KEY=your_fred_key
export CLOUDFLARE_API_TOKEN=your_cf_tokenAdd the server to your MCP client configuration
Edit your Claude Desktop config file (~/Library/Application Support/Claude/claude_desktop_config.json on macOS) to register the server so Claude can access all 113 tools.
{
"mcpServers": {
"world-intel": {
"command": "python",
"args": ["-m", "world_intel_mcp"],
"env": {
"FRED_API_KEY": "your_fred_key",
"ACLED_ACCESS_TOKEN": "your_acled_token"
}
}
}
}Verify the installation
Run a quick CLI health check to confirm the server is operational and can reach the upstream data feeds.
intel statusOptionally launch the live dashboard
Start the Leaflet-based ops-center dashboard to visualize intelligence data on interactive map layers in your browser (requires the dashboard extra).
intel-dashboard
# Access at http://localhost:8501Threat Intelligence Examples
Client configuration
Register the world-intel-mcp server in Claude Desktop with optional API keys for enhanced datasets.
{
"mcpServers": {
"world-intel": {
"command": "python",
"args": ["-m", "world_intel_mcp"],
"env": {
"FRED_API_KEY": "your_fred_api_key",
"ACLED_ACCESS_TOKEN": "your_acled_token",
"NASA_FIRMS_API_KEY": "your_nasa_key"
}
}
}
}Prompts to try
Sample queries that exercise different intelligence domains across the 113 available tools.
- "What are the current stock index levels for S&P 500, NASDAQ, and major Asian markets?"
- "Show me armed conflict events in Eastern Europe from the last 7 days."
- "What is the current earthquake activity globally with magnitude above 5.0?"
- "Fetch the latest FRED macroeconomic indicators for US GDP growth and unemployment."
- "Are there any active internet outages or submarine cable disruptions affecting Asia-Pacific?"
- "Give me a geopolitical instability score for the Middle East region right now."Troubleshooting Threat Intelligence
Server starts but some tools return empty or error responses
Most enhanced datasets require free API keys (FRED, ACLED, NASA FIRMS). Register for the relevant free-tier accounts, set the environment variables, and restart the MCP server.
Dashboard fails to start or shows import errors
The dashboard requires the optional extra: run `pip install -e ".[dashboard]"` to install Streamlit and Leaflet dependencies before launching `intel-dashboard`.
Module not found error when running the server
Make sure you ran `pip install -e .` from inside the cloned `world-intel-mcp` directory and that your virtual environment (if any) is activated before starting the MCP client.
Frequently Asked Questions about Threat Intelligence
What is Threat Intelligence?
Threat Intelligence is a Model Context Protocol (MCP) server that 100+ tool mcp server for real-time global intelligence — markets, fx, bonds, earnings, sec filings, conflict, military, cyber, climate, news, company enrichment, and 30+ domains. live leaflet dashboard with 20 map layers, sse streaming, and ai situat It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Threat Intelligence?
Follow the installation instructions on the Threat Intelligence GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Threat Intelligence?
Threat Intelligence works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Threat Intelligence free to use?
Yes, Threat Intelligence is open source and available under the MIT License license. You can use it freely in both personal and commercial projects.
Threat Intelligence Alternatives — Similar Security Servers
Looking for alternatives to Threat Intelligence? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Threat Intelligence in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Threat Intelligence?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.