sentinelone

Connects to SentinelOne's Purple console via authenticated HTTP for cybersecurity and endpoint protection tools. Runs as stdio subprocess. Requires PURPLEMCP_CONSOLE_TOKEN and PURPLEMCP_CONSOLE_BASE_URL.

security

Install

npx claudepluginhub wyre-technology/msp-claude-plugins --plugin sentinelone

Add to Your Project

Add to your .mcp.json:

{
  "mcpServers": {
    "sentinelone": {
      "command": "uvx",
      "args": [
        "--from",
        "git+https://github.com/Sentinel-One/purple-mcp.git",
        "purple-mcp",
        "--mode",
        "stdio"
      ],
      "url": "https://github.com/Sentinel-One/purple-mcp.git",
      "env": {
        "PURPLEMCP_CONSOLE_TOKEN": "${SENTINELONE_TOKEN}",
        "PURPLEMCP_CONSOLE_BASE_URL": "${SENTINELONE_BASE_URL}"
      }
    }
  }
}

Replace placeholder values for: PURPLEMCP_CONSOLE_TOKEN

Security Considerations

Requires secrets

This MCP server needs API keys or credentials. Configure them in your environment before use.

External connections

This server connects to external services. Review the URLs it accesses before enabling.

Details

Commanduvx

URLhttps://github.com/Sentinel-One/purple-mcp.git

Access Levelwrite

Arguments

--fromgit+https://github.com/Sentinel-One/purple-mcp.gitpurple-mcp--modestdio

Environment Variables

PURPLEMCP_CONSOLE_TOKEN=${SENTINELONE_TOKEN}

PURPLEMCP_CONSOLE_BASE_URL=${SENTINELONE_BASE_URL}

Required Secrets

PURPLEMCP_CONSOLE_TOKEN

Actions

Plugins (1)

sentinelone12