1
Add it to Claude Code
claude mcp add keyboardcrumbs -- uvx --from git+https://github.com/keyboardcrumbs/mcp keyboardcrumbs-mcpAvailable Tools (8)
Once configured, KeyboardCrumbs gives your AI agent access to:
check_ipProvides threat intel for any IP including risk score, geo, ASN, C2 associations, and staging clusters.check_cvePerforms CVE lookup including CVSS, EPSS, KEV status, exploit availability, and patch urgency.check_domainProvides domain intel including DNS records, WHOIS, malware associations, and subdomains.check_hashPerforms malware hash lookup via VirusTotal and CIRCL.active_threatsProvides a live snapshot of KEV counts, active C2s, ransomware victims, and data freshness.predict_kevPredicts top CVEs likely to be added to the CISA KEV list.check_stagingDetects pre-attack infrastructure staging for an IP or domain.check_ransomwareProvides ransomware group lookup and victim tracking.Try It Out
After setup, try these prompts with your AI agent:
→Is 45.141.26.73 malicious?
→Should I patch CVE-2024-3400 immediately?
→What CVEs are about to be added to CISA KEV?
→Is this domain staging for an attack?
→What's the current threat landscape?
Prerequisites & system requirements
- An MCP-compatible client (Claude Code, Cursor, Windsurf, Claude Desktop, or Codex)
- Python 3.8+ with pip installed
Alternative installation methods
Local Clone
git clone https://github.com/keyboardcrumbs/mcp && cd mcp && uv venv && source .venv/bin/activate && uv add "mcp[cli]" httpxKeep this setup from going cold
Save the docs, env vars, and workflow around KeyboardCrumbs in Conare so Claude Code, Codex, and Cursor remember it next time.