Security ๐งช Community โ Claude Code โ Claude Desktop โข Huntress
Huntress
Huntress - managed threat detection, incident response, endpoint agent management, escalations, and billing reports
Installation
Install this plugin individually:
/plugin marketplace add wyre-technology/msp-claude-plugins --plugin huntress Or install all MSP plugins at once:
/plugin marketplace add wyre-technology/msp-claude-plugins Features
- Agent Monitoring
- Billing
- Escalations
- Incident Management
- Organization Management
- Signals
Skills
This plugin provides 7 skills that teach Claude about Huntress:
| Skill | Description |
|---|---|
agents | Use this skill when managing Huntress endpoint agents โ listing agents, filtering by organization or platform, checking agent health and status, and investigating specific agent details. |
billing | Use this skill when generating Huntress billing and summary reports โ listing available reports, retrieving billing details, and creating client-facing summaries for MSP invoicing. |
escalations | Use this skill when working with Huntress escalations โ listing, reviewing, and resolving escalations from the Huntress SOC team. |
incidents | Use this skill when working with Huntress incidents - querying incidents by organization and status, reviewing SOC-recommended remediation details, approving or rejecting remediations individually or in bulk, checking remediation execution status, and resolving incidents after all remediations are processed. |
organizations | Use this skill when managing Huntress organizations โ creating, listing, updating, deleting organizations, and managing client org structure for MSP multi-tenancy. |
signals | Use this skill when working with Huntress security signals โ monitoring, listing, filtering, and investigating signals across managed endpoints. |
api-patterns | Use this skill when working with the Huntress MCP tools โ available tools, authentication via HTTP Basic Auth, API structure, pagination with page tokens, rate limiting (60 req/min), error handling, and best practices. |
Agents
This plugin provides 2 agents for autonomous task execution:
| Agent | Description |
|---|---|
client-onboarding-validator | Use this agent when validating a newly onboarded client in Huntress โ checking that agents are deployed and reporting, confirming SOC coverage is active, identifying any endpoints missing agents, and surfacing initial detections that fired during or after deployment. |
incident-responder | Use this agent when triaging Huntress incidents, reviewing SOC escalations, approving or rejecting endpoint remediations, investigating security signals, or managing the Huntress agent fleet across MSP client organizations. |
Commands
Available slash commands:
| Command | Description |
|---|---|
/agent-inventory | List and filter Huntress agents across organizations |
/billing-report | Generate a Huntress billing summary for a period |
/incident-triage | Triage open Huntress incidents by severity |
/investigate-incident | Deep dive investigation into a specific Huntress incident with remediations |
/org-health | Organization health check covering agents, incidents, and escalations |
/resolve-escalation | Review and resolve a Huntress escalation |
API Reference
| Base URL | |
| Authentication | |
| Rate Limit | |
| Documentation |
Example Usage
List and filter Huntress agents across organizations
/agent-inventoryGenerate a Huntress billing summary for a period
/billing-reportTriage open Huntress incidents by severity
/incident-triageDeep dive investigation into a specific Huntress incident with remediations
/investigate-incidentOrganization health check covering agents, incidents, and escalations
/org-healthReview and resolve a Huntress escalation
/resolve-escalationUsing Skills
/skill huntress:agents
Use this skill when managing Huntress endpoint agents โ listing agents, filtering by organization or platform, checking agent health and status, and investigating specific agent details.