Is SecurityCopilotMCPServer safe to use?

SecurityCopilotMCPServer has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install SecurityCopilotMCPServer?

SecurityCopilotMCPServer can be installed by cloning its GitHub repository and following the setup instructions in the README.

What can SecurityCopilotMCPServer do?

SecurityCopilotMCPServer provides 12 tools: run_sentinel_query, get_skillsets, upload_plugin, run_prompt, Overview and 7 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with SecurityCopilotMCPServer?

SecurityCopilotMCPServer is compatible with claude-desktop, cursor, claude-code. It uses sse transport.

Is SecurityCopilotMCPServer actively maintained?

SecurityCopilotMCPServer is less actively maintained — last commit was 233 days ago. It has 23 GitHub stars.

SecurityCopilotMCPServer

Name: SecurityCopilotMCPServer
Author: jguimera

by jguimera

MCP Server that integrates with Security Copilot, Sentinel and other tools (in the future). It enhance the process of developing , testing and uploading Security Copilot artifacts.

23 12 tools GitHub

No known CVEs

MIT license

Stale

Last commit 233d ago

Works with most clients

Transport: sse

12 tools · ~345 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopsse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "securitycopilotmcpserver": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/securitycopilotmcpserver)](https://mcppedia.org/s/securitycopilotmcpserver)

Read me

What SecurityCopilotMCPServer does

A Python-based MCP server using FastMCP library that provides integration with Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

62/100across 5 weighted dimensions

How we score →

0255075100

−38

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (12)

Click any tool to inspect its schema.

~345 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is SecurityCopilotMCPServer safe to use?: SecurityCopilotMCPServer has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install SecurityCopilotMCPServer?: SecurityCopilotMCPServer can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can SecurityCopilotMCPServer do?: SecurityCopilotMCPServer provides 12 tools: run_sentinel_query, get_skillsets, upload_plugin, run_prompt, Overview and 7 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with SecurityCopilotMCPServer?: SecurityCopilotMCPServer is compatible with claude-desktop, cursor, claude-code. It uses sse transport.
Is SecurityCopilotMCPServer actively maintained?: SecurityCopilotMCPServer is less actively maintained — last commit was 233 days ago. It has 23 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for SecurityCopilotMCPServer and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopsse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "securitycopilotmcpserver": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/securitycopilotmcpserver)](https://mcppedia.org/s/securitycopilotmcpserver)

Read me

What SecurityCopilotMCPServer does

A Python-based MCP server using FastMCP library that provides integration with Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

Security Copilot and Sentinel MCP Server

A Python-based MCP server using FastMCP library that provides integration with Microsoft Security Copilot and Microsoft Sentinel using Azure Identity Authentication.

Overview

This project implements an MCP server that enables:

Running KQL queries against Microsoft Sentinel
Uploading/Updating Microsoft Security Copilot skillsets/plugins
Running prompts and skills in Microsoft Security Copilot

The server acts as a bridge between development environments and Microsoft Security Copilot, allowing for testing, deployment, and execution of skills and plugins. It uses SSE as transport layer for the MCP server. There are many use cases for the current integration. One of the most interesting ones is to support the development, test and deployment of Security Copilot KQL Skills.

Features

Sentinel Integration: Execute KQL queries against your Sentinel workspace
Security Copilot Management:
- List existing skillsets/plugins
- Upload new or update existing skillsets/plugins
- Run prompts or skills within Security Copilot
Authentication Support: Multiple authentication methods including interactive browser, client secret, and managed identity

Roadmap

The next features will include:

Promptbook test and Update
Run Advance Hunting queries in Defender XDR

Prerequisites

Python 3.8+
Microsoft Sentinel workspace
Microsoft Security Copilot access
Appropriate Azure permissions for Sentinel and Security Copilot

Installation

Clone the repository:

git clone https://github.com/jguimera/SecurityCopilotMCPServer.git
cd SecurityCopilotMCPServer

Install dependencies:
```
pip install -r requirements.txt
```

Create a .env file with the following configuration:

#Add App Reg to use ClientID and Secret authentication
#AZURE_TENANT_ID=your_tenant_id
#AZURE_CLIENT_ID=your_client_id
#AZURE_CLIENT_SECRET=your_client_secret
SENTINEL_SUBSCRIPTION_ID=your_subscription_id
SENTINEL_RESOURCE_GROUP=your_resource_group
SENTINEL_WORKSPACE_NAME=your_workspace_name
SENTINEL_WORKSPACE_ID=your_workspace_id
#Authentication Options: interactive, client_secret
AUTHENTICATION_TYPE=interactive

Usage

Starting the Server

Run the MCP server:

python server.py

To run tests before starting the server:

python server.py --run-tests

Available Tools

The MCP server provides the following tools:

run_sentinel_query: Execute KQL queries in Sentinel
get_skillsets: List skillsets in Security Copilot
upload_plugin: Upload or update a skillset/plugin
run_prompt: Run a prompt or skill in Security Copilot

MCP Client Config for Cursor

You can use this MCP server from the Client of your choice. In this repo you can find intructions and config files for Cursor.

Add the .cursor folder inside your client project to enable the MCP tools. This folder contains two files:

Cursor Project Rules (securitycopilotdev.mdc): This file include some Custom Cursor Rules to help the agents in the process definition and understanding user prompts.
MCP Client Configuration (mcp.json): File that connects Cursor to the MCP server.

You can invoke the tool directly using /tool_name parameter1="Value of the tool parameter" For example: /run_prompt content="List the most recent risky users"

More info: https://docs.cursor.com/context/model-context-protocol#configuring-mcp-servers

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Fork the repository
Create your feature branch (git checkout -b feature/amazing-feature)
Commit your changes (git commit -m 'Add some amazing feature')
Push to the branch (git push origin feature/amazing-feature)
Open a Pull Request

License

This project is licensed under the MIT Li

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

62/100across 5 weighted dimensions

How we score →

0255075100

−38

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (12)

Click any tool to inspect its schema.

~345 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is SecurityCopilotMCPServer safe to use?: SecurityCopilotMCPServer has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install SecurityCopilotMCPServer?: SecurityCopilotMCPServer can be installed by cloning its GitHub repository and following the setup instructions in the README.
What can SecurityCopilotMCPServer do?: SecurityCopilotMCPServer provides 12 tools: run_sentinel_query, get_skillsets, upload_plugin, run_prompt, Overview and 7 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with SecurityCopilotMCPServer?: SecurityCopilotMCPServer is compatible with claude-desktop, cursor, claude-code. It uses sse transport.
Is SecurityCopilotMCPServer actively maintained?: SecurityCopilotMCPServer is less actively maintained — last commit was 233 days ago. It has 23 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for SecurityCopilotMCPServer and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?