ThreatLocker MCP

Name: ThreatLocker MCP
Author: servosity

servosity/msp-skills

Give your coding agent full ThreatLocker Portal API coverage including write paths missing from read-only tooling.

Overview

ThreatLocker MCP is a MCP server for the Ship phase that connects agents to the ThreatLocker Portal API including write operations.

What is this MCP server?

Covers ThreatLocker Portal API features including write operations beyond read-only tools
THREATLOCKER_API_KEY required for stdio MCPB server v0.1.0
Servosity-packaged threatlocker-mcp.mcpb for Claude Code–class hosts
Suited to policy queries, approvals, and controlled changes via natural language
Security-focused MCP rather than generic endpoint scripting
Version 0.1.0 with stdio MCPB distribution
One required secret environment variable: THREATLOCKER_API_KEY
Released as threatlocker-mcp.mcpb with published fileSha256

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 1 GitHub stars.

What problem does it solve?

Read-only ThreatLocker helpers leave you in the portal for policy changes, which is slow and hard to script from your dev environment.

Who is it for?

Operators on ThreatLocker who need agent-assisted policy review and controlled write automation.

Skip if: Indie app developers with no ThreatLocker tenant or anyone seeking passive vulnerability scanning only.

What do I get? / Deliverables

After setup, your agent can invoke full Portal API reads and writes with credentials isolated in MCP env secrets.

MCP tool surface for ThreatLocker Portal API reads and writes
Stdio MCP server package v0.1.0 installable via mcpb
Agent-ready security operations without custom Portal scripts

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Application allowlisting and policy updates are pre-ship and ongoing hardening tasks. Security subphase captures policy enforcement; infra secondary covers live ring management.

How it compares

ThreatLocker Portal MCP with writes, not a generic malware scanner or passive code-review skill.

Common Questions / FAQ

Who is ThreatLocker MCP for?

It is for admins and small MSPs using ThreatLocker who want MCP-driven Portal API access including changes agents cannot do with read-only tools.

When should I use ThreatLocker MCP?

Use it during security hardening and Ship prep when you must query rings and apply Portal writes from Claude Code or Cursor with audit discipline.

How do I add ThreatLocker MCP to my agent?

Install the ThreatLocker mcpb release, enable stdio, and configure THREATLOCKER_API_KEY as a secret in your MCP host.

ThreatLocker MCP

servosity/msp-skills

Give your coding agent full ThreatLocker Portal API coverage including write paths missing from read-only tooling.

Overview

ThreatLocker MCP is a MCP server for the Ship phase that connects agents to the ThreatLocker Portal API including write operations.

What is this MCP server?

Covers ThreatLocker Portal API features including write operations beyond read-only tools
THREATLOCKER_API_KEY required for stdio MCPB server v0.1.0
Servosity-packaged threatlocker-mcp.mcpb for Claude Code–class hosts
Suited to policy queries, approvals, and controlled changes via natural language
Security-focused MCP rather than generic endpoint scripting
Version 0.1.0 with stdio MCPB distribution
One required secret environment variable: THREATLOCKER_API_KEY
Released as threatlocker-mcp.mcpb with published fileSha256

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 1 GitHub stars.

What problem does it solve?

Read-only ThreatLocker helpers leave you in the portal for policy changes, which is slow and hard to script from your dev environment.

Who is it for?

Operators on ThreatLocker who need agent-assisted policy review and controlled write automation.

Skip if: Indie app developers with no ThreatLocker tenant or anyone seeking passive vulnerability scanning only.

What do I get? / Deliverables

After setup, your agent can invoke full Portal API reads and writes with credentials isolated in MCP env secrets.

MCP tool surface for ThreatLocker Portal API reads and writes
Stdio MCP server package v0.1.0 installable via mcpb
Agent-ready security operations without custom Portal scripts

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Application allowlisting and policy updates are pre-ship and ongoing hardening tasks. Security subphase captures policy enforcement; infra secondary covers live ring management.

How it compares

ThreatLocker Portal MCP with writes, not a generic malware scanner or passive code-review skill.

Common Questions / FAQ

Who is ThreatLocker MCP for?

It is for admins and small MSPs using ThreatLocker who want MCP-driven Portal API access including changes agents cannot do with read-only tools.

When should I use ThreatLocker MCP?

Use it during security hardening and Ship prep when you must query rings and apply Portal writes from Claude Code or Cursor with audit discipline.

How do I add ThreatLocker MCP to my agent?

Install the ThreatLocker mcpb release, enable stdio, and configure THREATLOCKER_API_KEY as a secret in your MCP host.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is ThreatLocker MCP for?

When should I use ThreatLocker MCP?

How do I add ThreatLocker MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is ThreatLocker MCP for?

When should I use ThreatLocker MCP?

How do I add ThreatLocker MCP to my agent?