Back to Browse
Free
Server data from the Official MCP Registry
Action1 MCP server — endpoint inventory, patch visibility, and policy automation via REST API.
About
Action1 MCP server — endpoint inventory, patch visibility, and policy automation via REST API.
Security Report
4.8
Use Caution4.8High RiskThis is a well-structured MCP server for Action1 endpoint management with solid authentication and authorization practices. Credentials are properly isolated per-request via AsyncLocalStorage in HTTP mode and sourced from environment variables in stdio mode. The codebase is clean with no malicious patterns, dangerous operations, or hardcoded secrets. Minor code quality issues (broad error handling, untyped API responses) do not impact the security posture. Permissions are appropriate for its purpose: HTTP network access for API calls, environment variable reading for credentials, and minimal filesystem access. Supply chain analysis found 5 known vulnerabilities in dependencies (1 critical, 3 high severity).
7 files analyzed · 9 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
What You'll Need
Set these up before or after installing:
Action1 OAuth client ID
Environment variable: ACTION1_CLIENT_ID
Action1 OAuth client secretRequired
Environment variable: ACTION1_CLIENT_SECRET
Action1 tenant identifier (subdomain). Provide this or ACTION1_BASE_URL.
Environment variable: ACTION1_TENANT
Action1 base URL (e.g. https://your-instance.action1.com). Provide this or ACTION1_TENANT.
Environment variable: ACTION1_BASE_URL
Transport mode for the server. Set to 'stdio' for local CLI use; the image defaults to 'http' for gateway hosting.
Environment variable: MCP_TRANSPORT
Credential source: 'env' reads vars locally, 'gateway' expects header injection from the WYRE MCP Gateway.
Environment variable: AUTH_MODE
Log verbosity: debug, info, warn, error
Environment variable: LOG_LEVEL
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-wyre-technology-action1-mcp": {
"env": {
"AUTH_MODE": "your-auth-mode-here",
"LOG_LEVEL": "your-log-level-here",
"MCP_TRANSPORT": "your-mcp-transport-here",
"ACTION1_TENANT": "your-action1-tenant-here",
"ACTION1_BASE_URL": "your-action1-base-url-here",
"ACTION1_CLIENT_ID": "your-action1-client-id-here",
"ACTION1_CLIENT_SECRET": "your-action1-client-secret-here"
},
"args": [
"-y",
"@wyre-technology/action1-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Action1 MCP Server
MCP server for Action1 — endpoint inventory, patch visibility, and policy automation via the Model Context Protocol.
Read-only in v1. Deploy / automation surface is intentionally separated to a later release for blast-radius reasons (a bad policy push can brick endpoint fleets).
Tools
| Tool | Description |
|---|---|
action1_navigate | Discover available tools by domain (organizations / endpoints / policies / updates) |
action1_list_organizations | List Action1 tenants accessible to the configured credentials |
action1_list_endpoints | List managed devices in an organization |
action1_get_endpoint | Get a single endpoint by id |
action1_list_missing_updates | List missing OS/application patches across endpoints — Action1's headline value-prop |
action1_list_policies | List automation / policy / remediation rules |
API surface maps to PSAction1 (Action1's MIT-licensed PowerShell module). When the v1 surface earns its keep, write tools (deploy, requery, package upload) come in v2 behind separate review.
Usage
Claude Desktop (MCPB)
Install via the MCPB bundle from the latest release.
Required credentials (created in Action1 → Settings → API Credentials, non-recoverable on creation — copy immediately):
- API Key (Client ID)
- Secret
- Region (
NorthAmericadefault; alsoEurope,AsiaPacific,Australia) - Optional default organization id (for single-tenant use)
Stdio (direct)
ACTION1_API_KEY=... \
ACTION1_SECRET=... \
ACTION1_REGION=NorthAmerica \
ACTION1_DEFAULT_ORG_ID=org-... \
npx -y github:wyre-technology/action1-mcp
HTTP (gateway mode)
MCP_TRANSPORT=http PORT=8080 AUTH_MODE=gateway \
docker run -p 8080:8080 ghcr.io/wyre-technology/action1-mcp:latest
Per-request credentials via headers:
X-Action1-API-KeyX-Action1-SecretX-Action1-RegionX-Action1-Default-Org-Id
Architecture
src/
├── index.ts # stdio + HTTP transports, tool dispatch
├── sdk/
│ └── action1-client.ts # embedded REST + OAuth client (factor-out candidate
│ # if surface crosses ~20 tools / 2+ domains)
├── utils/
│ ├── client.ts # credential resolution (env vs gateway headers)
│ └── types.ts # DomainHandler interface
├── domains/ # one file per resource type
│ ├── organizations.ts
│ ├── endpoints.ts
│ ├── policies.ts
│ └── updates.ts
└── __tests__/domains/ # one test per domain
Per-request credential isolation via AsyncLocalStorage — concurrent requests in HTTP mode never share credentials through process.env.
Development
npm install
npm run build
npm test
npm run dev # tsc --watch
npm run lint # eslint
npm run typecheck
License
Apache-2.0. See LICENSE.
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
4
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
448
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
59
Installs
10.0
Security
5.0
Local