Mallory

Delivers real-time cyber threat intelligence via an MCP server for agents to access vulnerabilities, threat actors, malware, techniques, and other cyber-relevant content.
  • python

6

GitHub Stars

python

Language

6 months ago

First Indexed

2 months ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "malloryai-mallory-mcp-server": {
      "command": "python",
      "args": [
        "-m",
        "malloryai.mcp.app"
      ],
      "env": {
        "MALLORY_API_KEY": "your_api_key_here"
      }
    }
  }
}

Mallory MCP Server enables your agents to query real-time cyber threat intelligence and rich content about vulnerabilities, threat actors, malware, techniques, and other cyber-relevant entities. It provides a practical, programmable endpoint for integrating threat intel into your workflows and security tooling.

How to use

You run the Mallory MCP Server locally or remotely and connect your MCP client to it. Start the server using one of the supported runtime commands, then configure your MCP client with the server’s endpoint or local process so you can request threat intel as you work on investigations, detections, and incident responses.

How to install

Prerequisites you need before installing:

  • Python 3.13 or higher
  • uv for dependency management (recommended)

Step-by-step installation flow:

  • Clone the project from its source repository
  • Create and activate a virtual environment
  • Install the package in editable mode using either uv or pip
  • Optionally install development dependencies for linting and tooling

Concrete commands you will run (one per line):

# Using uv (recommended)
uv venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate
uv pip install -e .

# Or using pip
python -m venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate
pip install -e .

# Install development dependencies (optional)
uv pip install -e ".[lint,tools]"  # Using uv
pip install -e ".[lint,tools]"        # Using pip"}]} ,{

Additional configuration and running notes

Create a local environment configuration file to supply runtime settings. The server expects environment variables for operation, including an API key you obtain from the provider.

APP_ENV=local
MALLORY_API_KEY=your_api_key_here

Optional development tooling can be installed to enforce code quality and tests during development.

# Install pre-commit hooks
pre-commit install
./scripts/install-commit-hook.sh

Running the server

You can run the server directly with Python or via the UV runner. Choose the method you prefer.

# Direct execution
python -m malloryai.mcp.app

# Or using UV
uv run malloryai/mcp/app.py

Configuring an MCP client to connect

When your client is ready, point it to the running server and start issuing requests for threat intel. Ensure you supply any required API keys through the environment or client configuration as shown above.

Claude Desktop configuration (example)

If you use Claude Desktop to manage MCP connections, you can configure a Mallory MCP entry with the following snippet.

{
  "mcpServers": {
    "MalloryAI": {
      "command": "/path/to/uv",
      "args": [
        "run",
        "--python",
        "/path/to/mcp-server/.venv/bin/python",
        "/path/to/mcp-server/malloryai/mcp/app.py"
      ],
      "env": {
        "MALLORY_API_KEY": "your_api_key_here"
      }
    }
  }
}
Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
Mallory MCP Server - malloryai/mallory-mcp-server | VeilStrat