How to Use the CrowdSec MCP in Claude

Q: How do I install the CrowdSec MCP Server in Claude Desktop?

Open your claudedesktopconfig.json file from the developer settings. Add the server details under the mcpServers array and restart the app. You can also paste the remote URL into Claude Web's integrations tab.

Give Claude Desktop direct access to CrowdSec threat intelligence to investigate IPs and active bans right in your chat window.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect CrowdSec MCP to Claude Desktop

Create your Vinkius account to connect CrowdSec to Claude Desktop and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup CrowdSec with Claude Desktop

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Investigate Suspicious IPs via Claude Desktop

The `get_cti_smoke` tool lets Claude Desktop pull the global reputation for any IP address instantly. When your logs show weird traffic spikes, you do not have to leave the chat to figure out if the source is a known bad actor. You just paste the IP into your prompt. The agent hits the CrowdSec CTI database, reads the smoke score, and tells you exactly what kind of attacks that address is famous for.

Read Active LAPI Decisions

Using the `get_decisions` tool, your AI client queries your Local API to see exactly who is blocked right now. This means you can ask Claude to summarize the current firewall state without touching a command line. The server pulls down the active list of bans and captchas applied to your infrastructure. You get a plain English breakdown of which subnets are locked out and why the security engine flagged them.

Monitor Threat Streams with this MCP Server

The `get_decisions_stream` tool turns this MCP Server into a live monitor for new and deleted security rules. Claude can poll the local engine to see what changed in the last five minutes. Instead of digging through raw logs, you ask the agent what IPs just got banned. It fetches the latest delta from the stream and formats the blocklist updates for your incident report.

Setup guide

Set up CrowdSec MCP in Claude Web or Desktop

1

Open Claude Settings

Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
2

Add Custom Connector

Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL: https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp Replace [YOUR_TOKEN_HERE] with your token from cloud.vinkius.com. For OAuth-protected servers, expand Advanced settings to add credentials.
3

Start a conversation

Open a new chat. The CrowdSec MCP tools are available immediately — no restart needed.

Endpoint URL

https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

No configuration file needed — paste the URL directly in the Claude web interface.

Available on Free (1 connector), Pro, Max, Team, and Enterprise plans.

Prerequisites

Claude Desktop installed (macOS or Windows)
Active Vinkius subscription with a valid endpoint token

1

Open Claude Desktop Settings

Click the menu icon at the top-left corner, go to Settings → Developer → Edit Config. This opens claude_desktop_config.json in your default text editor.
2

Paste the CrowdSec MCP configuration

Copy the JSON snippet on the right into the mcpServers object. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Restart Claude Desktop

Close and reopen the application. Claude needs a full restart to load new MCPs — refreshing a conversation is not enough.
4

Verify the connection

Open a new conversation. Click the 🔌 icon at the bottom of the message input. You should see tools listed under crowdsec-mcp.

json

{
  "mcpServers": {
    "crowdsec-mcp": {
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by CrowdSec. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect CrowdSec now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about CrowdSec MCP in Claude Desktop

Open your claude_desktop_config.json file from the developer settings. Add the server details under the mcpServers array and restart the app. You can also paste the remote URL into Claude Web's integrations tab.

No. This integration is read-only. The tools query the CTI database and your local API for decisions, but they do not write new rules or delete existing bans.

It puts global threat intelligence right where you are writing your post-mortem. You paste an IP into the chat, and the agent pulls its entire attack history and current ban status.

The local API holds your specific infrastructure's active decisions. Connecting this MCP Server to it allows the agent to see exactly which addresses your firewalls are currently blocking.

The only data moving through this connection are IP addresses and ban decisions. The server never reads your application payloads, user data, or full network packets.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript