CrowdStrike Falcon MCP Server
Connects AI agents with CrowdStrike Falcon for security analysis and automation.
Verdict not yet evaluated for this tool. The hybrid eval runs adversarial cases first; coverage rolls out as the corpus expands. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: hybrid eval, four-state verdict, honest limits.
{
"mcpServers": {
"falcon-mcp": {
"command": "uvx",
"args": [
"falcon-mcp"
],
"env": {
"FALCON_CLIENT_ID": "<your-falcon_client_id>",
"FALCON_CLIENT_SECRET": "<your-falcon_client_secret>",
"FALCON_BASE_URL": "https://api.crowdstrike.com",
"FALCON_MEMBER_CID": "<falcon_member_cid>",
"FALCON_MCP_MODULES": "<falcon_mcp_modules>",
"FALCON_MCP_TRANSPORT": "stdio",
"FALCON_MCP_DEBUG": "false",
"FALCON_MCP_HOST": "127.0.0.1",
"FALCON_MCP_PORT": "8000",
"FALCON_MCP_USER_AGENT_COMMENT": "<falcon_mcp_user_agent_comment>",
"FALCON_MCP_STATELESS_HTTP": "false",
"FALCON_MCP_API_KEY": "<your-falcon_mcp_api_key>"
}
}
}
}FALCON_CLIENT_IDCrowdStrike API client ID
FALCON_CLIENT_SECRETCrowdStrike API client secret
FALCON_BASE_URLCrowdStrike API region URL
FALCON_MEMBER_CIDChild CID for Flight Control (MSSP) support
FALCON_MCP_MODULESComma-separated list of modules to enable
FALCON_MCP_TRANSPORTTransport protocol to use
FALCON_MCP_DEBUGEnable debug logging
FALCON_MCP_HOSTHost to bind to for HTTP transports
FALCON_MCP_PORTPort to listen on for HTTP transports
FALCON_MCP_USER_AGENT_COMMENTAdditional information to include in the User-Agent comment section
FALCON_MCP_STATELESS_HTTPEnable stateless HTTP mode for scalable deployments
FALCON_MCP_API_KEYAPI key for HTTP transport authentication (x-api-key header)
Security tools for AI agents: scan MCP servers, validate HDP delegation chains, audit releases.
Provide AI-powered real-time analysis and intelligence on NPM packages, including security, depend…
Zenable cleans up sloppy AI code and prevents vulnerabilities with deterministic guardrails