Skip to content

wyre-technology/proofpoint-mcp

BranchesTags

Repository files navigation

Proofpoint MCP Server

License Node.js

A Model Context Protocol (MCP) server for Proofpoint TAP and Essentials APIs. Enables AI assistants to investigate threats, trace emails, manage quarantine, access threat intelligence, and perform URL defense operations.

This is a Model Context Protocol (MCP) server that connects Claude (or any MCP-compatible AI) to your Proofpoint environment.

Part of the MSP Claude Plugins ecosystem — a growing suite of AI integrations for the MSP stack. Built by MSPs, for MSPs.

Installation

npm install @wyre-technology/proofpoint-mcp

Configuration

Set the following environment variables:

Variable Required Description
PROOFPOINT_SERVICE_PRINCIPAL Yes Your Proofpoint TAP service principal
PROOFPOINT_SERVICE_SECRET Yes Your Proofpoint TAP service secret
PROOFPOINT_BASE_URL No Custom base URL (default: tap-api-v2.proofpoint.com)
MCP_TRANSPORT No Transport mode: stdio (default) or http

Usage

Running with Claude Desktop

Add to your Claude Desktop claude_desktop_config.json:

{
  "mcpServers": {
    "proofpoint-mcp": {
      "command": "npx",
      "args": ["@wyre-technology/proofpoint-mcp"],
      "env": {
        "PROOFPOINT_SERVICE_PRINCIPAL": "your-proofpoint-service-principal"
        "PROOFPOINT_SERVICE_SECRET": "your-proofpoint-service-secret"
      }
    }
  }
}

Running with Claude Code (CLI)

claude mcp add proofpoint-mcp \
  -e PROOFPOINT_SERVICE_PRINCIPAL=your-value \
  -e PROOFPOINT_SERVICE_SECRET=your-value \
  -- npx -y @wyre-technology/proofpoint-mcp

Docker

docker build -t proofpoint-mcp .
docker run \
  -e PROOFPOINT_SERVICE_PRINCIPAL=your-value \
  -e PROOFPOINT_SERVICE_SECRET=your-value \
  -p 8080:8080 proofpoint-mcp

Available Domains

Dlp

Data loss prevention policies

Events

Security event stream and SIEM export

Forensics

Forensic analysis of threats

People

Very Attacked People (VAP) reporting

Policy

Email policy management

Quarantine

Email quarantine management

Reports

Security reports and summaries

Smart Search

Advanced email search

Tap

Targeted Attack Protection events and campaigns

Threat Intel

Threat intelligence and indicators of compromise

Url Defense

URL rewriting and click defense

Development

# Clone the repository
git clone https://github.com/wyre-technology/proofpoint-mcp.git
cd proofpoint-mcp

# Install dependencies
npm install

# Build
npm run build

# Run tests
npm test

Contributing

Contributions are welcome! Please see CONTRIBUTING.md if present, or open an issue to discuss changes.

License

Licensed under the Apache License, Version 2.0. See LICENSE for details.

About

MCP server for Proofpoint TAP and Essentials APIs — threat intelligence, email tracing, and MSP org management

mcp.wyretechnology.com/mcp-servers/proofpoint/

Topics

typescript msp proofpoint email-security mcp-server wyre-technology msp-mcp

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 4

v1.0.3 Latest
May 22, 2026
+ 3 releases

Packages

 
 
 

Contributors

Languages