MCP servers, explained.
Skills are the methodology — they teach your agent how a professional investigator works. MCP servers are the tools — they let the agent actually do it. This page walks through what MCP is, why it matters for investigative work, and how to install the catalog.
What is the Model Context Protocol?
The Model Context Protocol (MCP) is an open standard, originally published by Anthropic in 2024 and now adopted across the industry, for letting a large language model call external tools. An MCP server is a small program that exposes one or more tools — a function the LLM can call, with structured arguments, and receive structured results back.
"Tool" here is broad. An MCP server can wrap an HTTP API (Etherscan, Shodan, HIBP), a command-line program (Maigret, Volatility, tshark), a database, a filesystem, a CI system, or anything else the host machine can run. The protocol defines the handshake — how the agent discovers what tools exist, what arguments they take, and how to invoke them — and stays out of the way of the actual tool's logic.
On the client side, any agent that speaks MCP can use any MCP server. Claude Code, Claude Desktop, Cursor, Windsurf, and a growing list of others all support it. You write the integration once; it works everywhere.
Open standard
One protocol; any client + any server can interoperate. No vendor lock-in.
Local-first
Servers run on your machine (or your network). Tool calls don't go through a third-party broker.
Capability-scoped
Each server declares exactly what tools and inputs it accepts. The client UI shows what's available before any call.
Why this matters for investigators.
Investigations are pivot-driven. You start with a seed (an email, a username, a domain, an image), follow it through a chain of lookups, and synthesize the result. Each lookup is a tool call — WHOIS, crt.sh, Wayback, Maigret, Etherscan, HIBP, EDGAR. Without MCP, the agent advises and you execute; the loop breaks every few minutes while you context-switch into a terminal and back. With MCP, the agent is the one executing — and it can chain ten lookups in one turn, reason over the joined result, and produce a defensible case file.
The agent narrates. You drive.
'Run maigret jdoe1985 from your terminal. Paste the JSON back. Then run crt.sh on the email it found. Then check Wayback for the company page in 2022.' Three context switches. Output that doesn't compose. A timeline that lives in your scrollback.
The agent drives. You audit.
'I swept the username across 2,500 sites (Maigret), pivoted into crt.sh on the GitHub email it found, pulled 14 Wayback versions of the company page, and identified the snapshot where the office address was removed. Here's the diff.' One turn. Full provenance. Every step documented.
How an MCP server actually works.
The mechanics are simple. The host (Claude Code, Cursor, etc.) launches the MCP server as a child process at startup, then communicates with it over stdio using JSON-RPC. The handshake has three phases:
- 1
Discovery
The host asks the server
tools/list. The server returns each tool's name, a one-line description, and a JSON schema for its arguments. The LLM now knows what calls are available and what fields they need. - 2
Invocation
When the LLM decides to use a tool, the host sends
tools/callwith the tool name and arguments. The server executes (queries an API, runs a CLI, reads a file), then returns either a text result, a structured object, or both. - 3
Reasoning loop
The result is appended to the conversation context. The LLM reads it, decides whether to call another tool (often: yes), and the loop continues. Multiple servers can be active simultaneously — Maigret + crt.sh + Wayback + Etherscan all callable from the same chat.
MCP is not a runtime — it doesn't run the LLM. It doesn't store data. It doesn't replace your skills (the methodology files). It's just the standardized way that an agent and a tool talk to each other. Pair it with a skill library and you get methodology + tools; pair it with neither and you have a chat window.
Install the catalog.
Each MCP can be installed individually (browse the 36-server catalog, copy the config block from any detail page). Or use one of the two pre-built stacks below — paste the JSON into your agent's MCP config and you're running.
~15 min · ~$3.50/mo
Covers ~50% of high-frequency investigative pivots — username, breach, WHOIS/DNS/SSL, Wayback, geocoding.
- › maigret
- › hibp
- › domain-mcp
- › wayback-mearman
- › openstreetmap-nerv
~60–90 min · ~$50–100/mo
Starter plus Shodan, EDGAR, CourtListener, Etherscan, Blockscout, GitHub, VirusTotal, threat-intel, Volatility, Wireshark, and 5 more.
Full config available at /mcps.
- Claude Code:
~/.claude/mcp_servers.json - Claude Desktop:
claude_desktop_config.json(Settings → Developer → Edit Config) - Cursor:
~/.cursor/mcp.json - Windsurf: Settings → Cascade → MCP servers
- Restart your agent host.
- Confirm the server loaded — most hosts surface MCP server status in a sidebar or palette.
- In a new chat, ask the agent to list its tools. You should see the new ones.
- Try a real query: "Run maigret on the username jdoe1985".
Or skip the README files.
Each of the 36 MCPs has its own install path, its own config quirks, its own rate-limit gotchas. Setting up the Pro Stack by hand takes 60–90 minutes if everything goes right and longer if it doesn't.
The Investigator's MCP Toolkit ($149 one-time) ships a single installer that lays down the entire stack for whatever agent you're using; refreshes land through the Update Subscription as the ecosystem moves. You bring API keys for the freemium servers (most have free tiers).