MCP Connector

Connect your AI systems to Threatcl Cloud's MCP Server to investigate your threat model information.

What is the MCP Connector?

The Model Context Protocol (MCP) Connector allows AI-powered tools — such as Claude Desktop, Claude Code, Cursor, and other MCP-compatible clients — to interact directly with your Threatcl Cloud data. List threat models, inspect details, search across your libraries, and more, all from within your AI workflow.

Connecting

Follow these steps to connect your AI client to Threatcl Cloud via MCP:

1. Open your Connector settings

In your AI client, navigate to the settings page for adding integrations. This is commonly called "Connectors" or "MCP Servers" depending on the client.

2. Add a new HTTP Streamable endpoint

Add a new MCP server with the following URL:

https://api.threatcl.com/mcp

3. Name the connection

If your client asks for a name, you can call it Threatcl Cloud.

4. Authenticate

Connect or authenticate when prompted. If you're already authenticated to Threatcl Cloud, you will need to nominate an organization to link this session against.

Tip: Once connected, your AI client will have access to tools like listing threat models, viewing details, searching libraries, and updating statuses — all scoped to the organization you selected.

Usage Examples

Once connected, you can interact with your threat model data using natural language prompts. Here are some examples of what you can do:

List Threat Models

Prompt:

List threat models

Response: Calling List threat models

Here are your threat models in Threatcl Cloud:

| Name      | Status    | Version | Threats | Controls | Description   |
|-----------|-----------|---------|---------|----------|---------------|
| **app**   | In Review | 1.0.0   | 2       | 1        | A special app |
| **Empty** | Draft     | —       | 0       | 0        | Tm            |

You have 2 threat models total. Would you like to dive into
the details of either one, or do something else like update
a status or review the threat/control libraries?

Get Threat Model Details

Prompt:

Get the details of the 'app' threat model

Response: Calling Get threat model

Here are the details for the **app** threat model:

**Overview**

- **Status:** In Review
- **Version:** 1.0.0
- **Author:** you
- **Description:** A special app

---

**Threats (2)**

1. **SQL Injection** (`T-SQLI`)
   - Reference: `T-SQLI`
   - Description: SQL Injection
   - Controls: *None*

2. **DDoS**
   - Description: Distributed Denial of Service
   - Controls:
     - **cdn** (`C-CDN`)

---

So you've got two threats identified — SQL Injection and
DDoS — with the DDoS threat mitigated by a CDN control.
The SQL Injection threat doesn't have any controls mapped
to it yet.

Would you like to do anything with this model — update the
status, look into the library items, or something else?

Available Tools

The MCP Connector exposes the following tools to your AI client:

list_threat_models  

List all threat models in your organization

get_threat_model  

Get a threat model with its HCL content

search  

Search across threat models, threat library, and control library

list_library_items  

List threat or control library items

get_library_item  

Get a library item with version details

get_usage_analytics  

Get library usage statistics

update_threat_model_status  

Change a threat model's status

Next Steps

Working with Libraries

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us