Access Huntress APIs and a local SQLite mirror for fleet-wide security insights.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "Huntress MCP" yet — see the docs or source repo.
Summarize fleet-wide security incidents from the last 30 days in Huntress, grouped by severity, affected devices, and resolution status, and highlight key trends.
A report summarizing incidents by severity, scope, and resolution progress, with trend highlights.
Using the local SQLite mirror, identify endpoints that are missing agents or have been offline for a long time, grouped by site or customer to show coverage gaps.
A coverage gap report with grouped counts and a prioritized list of endpoints needing attention.
Combine Huntress API data and the local mirror to generate this week's security operations report, including new incidents, resolved incidents, coverage changes, and outstanding risks.
A weekly security operations report suitable for team review, with metric summaries and action items.
Query and update ThreatLocker Portal data to automate security operations.
Sync your Datto BCDR fleet into SQLite for per-appliance analysis.
Access SuperOps PSA+RMM data in terminal and query it via local SQLite.
Access IT Glue resources with offline mirroring and fleet-wide cross-resource search.
Query and analyze KnowBe4 training reports across clients with local SQLite storage.
Manage N-central assets with offline org trees, cross-tenant search, and JWT protection.
Access Huntress accounts, agents, incidents, and reports for security operations.
Search network assets on Hunter and run batch queries and exports.
Recon username footprints across 480+ platforms with reports and scores.
Investigate threats and respond to incidents across security data with natural language.
Aggregate security intelligence and vulnerability updates for fast security research and tracking.
Automate penetration testing, vulnerability validation, and exploitation analysis with AI tools.