JUHE API Marketplace
malloryai avatar
MCP Server

Mallory MCP Server

A robust Model Control Protocol server that enables AI agents to access real-time cyber threat intelligence and detailed information about vulnerabilities, threat actors, malware, and other cyber-security entities.

7
GitHub Stars
3/3/2026
Last Updated
MCP Server Configuration
1{
2 "name": "Mallory",
3 "command": "uvx",
4 "args": [
5 "mallorymcp"
6 ]
7}
JSON7 lines
  1. Home
  3. MCP Servers
  5. mallory-mcp-server

README Documentation

Mallory MCP Server

Mallory provides a robust source of cyber and threat intelligence. This MCP server exposes the Mallory API to AI agents via the malloryapi Python client, with tools for vulnerabilities, threat actors, malware, exploits, organizations, attack patterns, breaches, products, advisories, stories, mentions, search, and sources.

Once connected, your AI assistant (Cursor, Claude Desktop, or another MCP client) can look up CVEs, threat actors, malware, and more directly from Mallory — no copy-pasting from the dashboard.

Prerequisites

  • Python 3.11 or higher
  • A Mallory API key (mallory.ai)

Quick Start

1. Set your API key

Get an API key at mallory.ai and add it to your shell profile (~/.zshrc, ~/.bashrc, etc.):

export MALLORY_API_KEY=your_api_key_here

Reload your shell (or run source ~/.zshrc) so the variable is available.

2. Add to your AI client

Add the server to your MCP client config. Pick one of the options below.

Cursor — add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "Mallory": {
      "command": "uvx",
      "args": ["mallorymcp"]
    }
  }
}

Claude Desktop — add to claude_desktop_config.json:

{
  "mcpServers": {
    "Mallory": {
      "command": "uvx",
      "args": ["mallorymcp"]
    }
  }
}

Claude Code — run this command:

claude mcp add --transport stdio Mallory -- uvx mallorymcp

This stores the config in ~/.claude.json (local scope, current project). To share it with your team, use project scope instead:

claude mcp add --transport stdio --scope project Mallory -- uvx mallorymcp

This writes to .mcp.json in the project root, which can be committed to git.

uvx downloads and runs the package automatically — no install step needed. If you prefer to install it yourself, see Alternative: pip install below.

3. Restart your AI client and start using it

Ask your assistant to query Mallory:

  • "Look up CVE-2024-1234 and summarize the risk."
  • "List threat actors trending in the last 7 days."
  • "Find vulnerabilities that are known to be exploited."
  • "Search for intelligence on APT28."
  • "What malware is associated with technique T1566?"

The assistant calls the MCP tools automatically — you don't need to invoke tool names yourself.

Note: mallorymcp is an MCP server that communicates via JSON-RPC over stdio. It's designed to be launched by your AI client, not run interactively from a terminal.

Alternative: pip install

If you prefer installing the package rather than using uvx:

pip install mallorymcp

Then reference the command directly in your config:

{
  "mcpServers": {
    "Mallory": {
      "command": "mallorymcp"
    }
  }
}

Configuration

Environment VariableRequiredDescriptionDefault
MALLORY_API_KEYYesYour Mallory API key—
MALLORY_BASE_URLNoOverride the API base URLhttps://api.mallory.ai/v1

Tools

The server exposes the following tools, backed by the Mallory API.

Vulnerabilities (7)

ToolDescription
get_vulnerabilityGet a vulnerability by CVE ID or UUID
list_vulnerabilitiesList/search vulnerabilities with filters and pagination
list_trending_vulnerabilitiesList vulnerabilities trending over 1d/7d/30d
list_exploited_vulnerabilitiesList vulnerabilities known to be exploited in the wild
get_vulnerability_detection_signaturesDetection signatures for a CVE
get_vulnerability_exploitationsExploitation records for a CVE
get_vulnerability_configurationsAffected configurations (CPE) for a CVE

Threat Actors (5)

ToolDescription
get_threat_actorGet a threat actor by UUID or name
list_threat_actorsList/search threat actors
list_trending_threat_actorsList trending threat actors
list_mentioned_threat_actorsRecent threat actor mentions from intel sources
get_threat_actor_attack_patternsMITRE ATT&CK patterns for an actor

Malware (5)

ToolDescription
get_malwareGet a malware entity by UUID or name
list_malwareList/search malware
list_trending_malwareList trending malware
get_malware_vulnerabilitiesVulnerabilities linked to a malware
get_malware_attack_patternsMITRE ATT&CK patterns for a malware

Exploits (2)

ToolDescription
get_exploitGet an exploit by UUID or identifier
list_exploitsList/search exploits

Organizations (4)

ToolDescription
get_organizationGet an organization by UUID or name
list_organizationsList/search organizations
list_trending_organizationsList trending organizations
get_organization_breachesBreaches associated with an organization

Attack Patterns (4)

ToolDescription
get_attack_patternGet an attack pattern (MITRE ATT&CK technique) by UUID or ID
list_attack_patternsList/search attack patterns
get_attack_pattern_threat_actorsThreat actors associated with a technique
get_attack_pattern_malwareMalware associated with a technique

Breaches (3)

ToolDescription
get_breachGet a breach by UUID or identifier
list_breachesList breaches
get_breach_organizationsOrganizations associated with a breach

Products (3)

ToolDescription
get_productGet a technology product by UUID or name
list_productsList/search technology products
get_product_advisoriesSecurity advisories for a product

Advisories (3)

ToolDescription
get_advisoryGet a technology product advisory by UUID or identifier
list_advisoriesList technology product advisories
get_advisory_vulnerabilitiesVulnerabilities associated with an advisory

Stories (3)

ToolDescription
get_storyGet an intelligence story by UUID or identifier
list_storiesList/search intelligence stories
list_story_topicsList available story topics

Mentions (3)

ToolDescription
list_mentionsList recent mentions across entity types
list_mentions_actorsRecent threat actor mentions
list_mentions_vulnerabilitiesRecent vulnerability mentions

Search and Sources (2)

ToolDescription
searchSearch across all entity types by query string
list_sourcesList intelligence sources in the platform

Development

Install from source

git clone https://github.com/malloryai/mallorymcp.git
cd mallorymcp
uv sync
uv run mallorymcp

Lint

uv sync --extra lint
uv run ruff check src/ tests/
uv run ruff format src/ tests/

Project Structure

src/mallorymcp/
├── __init__.py
├── _version.py          # Auto-generated by hatch-vcs from git tags
├── app.py               # Entry point (main, stdio transport)
├── config/              # Env-based config (MALLORY_API_KEY, MALLORY_BASE_URL)
├── decorator/           # API error handling for tools
├── server/              # FastMCP server and tool loader
├── tools/               # Tool modules (one per resource area)
└── utils/               # Serialization, debug

Releasing

  1. Tag a release: git tag v0.4.0 && git push --tags
  2. Create a GitHub release from the tag
  3. GitHub Actions builds and publishes to PyPI via trusted publisher

License

Apache 2.0.

Quick Install

Quick Actions

View on GitHubView All Servers

Key Features

Model Context Protocol
Secure Communication
Real-time Updates
Open Source

Boost your projects with Wisdom Gate LLM API

Supporting GPT-5, Claude-4, DeepSeek v3, Gemini and more.

Enjoy a free trial and save 20%+ compared to official pricing.

Learn More
JUHE API Marketplace

Accelerate development, innovate faster, and transform your business with our comprehensive API ecosystem.

JUHE API VS

  • vs. RapidAPI
  • vs. API Layer
  • API Platforms 2025
  • API Marketplaces 2025
  • Best Alternatives to RapidAPI

For Developers

  • Console
  • Collections
  • Documentation
  • MCP Servers
  • Free APIs
  • Temp Mail Demo

Product

  • Browse APIs
  • Suggest an API
  • Wisdom Gate LLM
  • Global SMS Messaging
  • Temp Mail API

Company

  • What's New
  • Welcome
  • About Us
  • Contact Support
  • Terms of Service
  • Privacy Policy
Featured on Startup FameFeatured on Twelve ToolsFazier badgeJuheAPI Marketplace - Connect smarter, beyond APIs | Product Huntai tools code.marketDang.aiFeatured on ShowMeBestAI
Copyright © 2026 JUHEDATA HK LIMITED - All rights reserved