Servosity
OrganizationFree MCP servers + Claude Code Skills for MSP tools - PSA, RMM, backup, M365. Local-first: your data never leaves your network.
Categories
Indexed Skills (52)
msp-skills-concierge
Use when the user has msp-skills installed and wants help choosing or installing connectors - it reads the live catalog, learns their PSA/RMM/backup/security/billing stack, recommends the connectors that fit, and installs only the ones they approve. Trigger phrases: `recommend which connectors I should install`, `which msp-skills connector for my stack`, `set up the right connectors for me`, `concierge`, `msp-skills concierge`, `what connectors should I install`, `pick connectors for my MSP`, `using everything you know about me, recommend connectors`.
abnormal
The full Abnormal Security REST API as an agent-ready CLI - with a local threat store, ranked SOC triage, and one-shot reporting no SOAR pack offers. Trigger phrases: `triage abnormal threats`, `remediate a phishing campaign in abnormal`, `abnormal email threat report`, `check account takeover risk for an employee`, `vendor email compromise check`, `use abnormal security`, `run abnormal-cli`.
acronis
The first real CLI for the Acronis Cyber Protect Cloud platform - every tenant, agent, and usage metric mirrored locally, with cross-tenant rollups no single API call returns. Trigger phrases: `acronis backup health across tenants`, `find offline acronis agents`, `acronis usage and billing report`, `which acronis customers aren't protected`, `acronis agent version compliance`, `use acronis cyber protect`, `run acronis-cli`.
action1
Every Action1 endpoint, plus the fleet-wide patch and vulnerability views the org-siloed API cannot give you. Trigger phrases: `action1 patch posture`, `which endpoints are missing patches`, `triage action1 vulnerabilities`, `find stale action1 agents`, `action1 fleet view across organizations`, `use action1`, `run action1-cli`.
afi
The first CLI for Afi SaaS backup - full public-API coverage plus the fleet-wide coverage, staleness, and offboarding answers the rate-limited API can't serve live. Trigger phrases: `check afi backup coverage`, `which mailboxes aren't backed up in afi`, `afi fleet health`, `offboard a user from afi backup`, `afi backup stale check`, `use afi`, `run afi-cli`.
appdirect
Every documented AppDirect marketplace operation in one binary, plus offline sync and billing-reconciliation joins. Trigger phrases: `reconcile appdirect billing`, `which appdirect payments failed this week`, `what changed in appdirect subscriptions`, `show my appdirect pipeline`, `appdirect company 360`, `use appdirect`, `run appdirect-cli`.
atera
Every Atera RMM + PSA endpoint, plus a local SQLite mirror that answers fleet-health, SLA, and book-of-business questions no single API call can. Trigger phrases: `which atera agents are offline`, `atera tickets about to breach sla`, `atera book of business`, `what changed in atera since yesterday`, `sync atera to my machine`, `use atera`, `run atera-cli`, `which customers are under-contracted`, `patch compliance across the fleet`, `what contracts are expiring`.
autotask
Every Autotask entity at the command line, plus a local SQLite mirror that answers ticket-aging, workload, unbilled-time, and account-360 questions no other Autotask tool can. Trigger phrases: `list autotask tickets`, `autotask company 360`, `who is overloaded in autotask`, `unbilled time in autotask`, `autotask ticket aging`, `use autotask`, `run autotask-cli`.
axcient
Every x360Recover endpoint, plus the fleet-wide backup-health answers the API alone can't give - offline, joined, and agent-ready. Trigger phrases: `check axcient backups`, `which backups failed last night`, `x360recover fleet health`, `backup compliance report for client`, `axcient usage reconciliation`, `use axcient`, `run axcient-cli`.
betterstack
Every Better Stack Uptime feature, plus an offline SQLite mirror and cross-resource fleet analytics - what's down and who's paged, coverage gaps, MTTA/MTTR, flapping, on-call gaps, and status-page drift - that the API alone can't answer. Trigger phrases: `which monitors are down`, `find unprotected monitors`, `incident MTTR report`, `who is on call`, `noisy monitors`, `use betterstack`, `run betterstack-cli`.
blumira
Every Blumira finding, detection, and agent across your direct org and every MSP sub-account - in one offline-searchable store with cross-account triage and over-time trends no single API call can answer. Trigger phrases: `blumira findings`, `triage blumira across accounts`, `what changed in blumira since yesterday`, `blumira detection coverage`, `blumira domain controller exposure`, `blumira MTTR report`, `use blumira`, `run blumira`.
cipp
First single-binary CLI for CIPP - offline SQLite store, fleet posture analytics, and cross-tenant fan-out no other CIPP tool has. Trigger phrases: `check MFA across all my tenants`, `find unused M365 licenses`, `offboard users from a CSV in CIPP`, `which tenants drifted off baseline`, `list CIPP tenants`, `use cipp`, `run cipp-cli`.
connectwise-automate
Use when the user asks to check ConnectWise Automate fleet health, find stale or offline agents, report patch compliance by client, triage open alerts across clients, inventory end-of-life OSes, or see what changed overnight across an RMM fleet. Syncs your whole Automate server into a local SQLite mirror so it answers cross-client questions the per-server console can't. Trigger phrases: `connectwise automate fleet health`, `stale automate agents`, `automate patch compliance by client`, `triage automate alerts`, `use connectwise automate`, `run connectwise-automate-cli`.
connectwise-manage
Every ConnectWise PSA workflow from the terminal - with a typed conditions query builder, offline SQLite sync, and cross-entity views (unbilled work, account 360, board triage) the PSA web UI can't give you. Trigger phrases: `list connectwise tickets`, `triage the help desk board`, `find unbilled time in connectwise`, `connectwise account 360 for a client`, `log time on a connectwise ticket`, `use connectwise-manage`, `run connectwise-manage-cli`.
cove
The first CLI and MCP server for Cove Data Protection - fleet-wide backup health, billing usage, and storage trends from a terminal, with the local history the vendor console doesn't keep. Trigger phrases: `which backups failed last night`, `check cove backup status`, `stale cove devices`, `cove storage growth`, `cove billing usage report`, `use cove`, `run cove-cli`.
crowdstrike
Every CrowdStrike Falcon MSP operation, plus a Flight-Control-aware local store that answers fleet-wide questions across all your tenants at once - something no other Falcon tool (including the official MCP server) does. Trigger phrases: `check crowdstrike alerts across all tenants`, `show stale falcon sensors`, `critical vulnerabilities across my crowdstrike fleet`, `crowdstrike tenant scorecard`, `list falcon child CIDs`, `use crowdstrike-cli`, `run crowdstrike-cli`.
datto-bcdr
Sync your whole Datto BCDR fleet into local SQLite and answer the questions the per-appliance Partner Portal can't: which backups failed screenshot verification, which are stale, and which clients are at risk. Trigger phrases: `which datto backups failed screenshot verification`, `datto bcdr fleet health`, `which clients are at risk in datto`, `find stale datto backups`, `datto storage runway`, `use datto-bcdr`, `run datto-bcdr-cli`, `datto recoverability score`, `client backup report for qbr`, `triage datto alerts fleet-wide`.
datto-rmm
Every Datto RMM API operation, plus a local SQLite fleet store and fleet-wide analytics no other Datto tool has. Trigger phrases: `datto rmm stale devices`, `which endpoints have antivirus disabled`, `datto rmm patch gaps`, `qbr scorecard for a site`, `warranty expiring devices`, `use datto-rmm`, `run datto-rmm-cli`.
domotz
Every Domotz endpoint, plus a local SQLite fleet mirror that answers cross-site questions. Trigger phrases: `which domotz sites are down`, `list offline devices across all sites`, `export domotz device inventory`, `check fleet health in domotz`, `find new devices on the network`, `use domotz`, `run domotz-cli`.
gradient
The Synthesize partner API from the terminal - every endpoint, plus a usage-push ledger, billing drift detection, and alert-to-ticket tracing no other Gradient tool has. Trigger phrases: `push usage counts to gradient`, `sync usage to synthesize`, `check my synthesize integration status`, `find unmapped gradient accounts`, `did my gradient alert create a ticket`, `use gradient`, `run gradient-cli`.
halopsa
Every HaloPSA, HaloITSM and HaloCRM feature, plus a local SQLite store and cross-entity views the API can't return. Trigger phrases: `triage my Halo queue`, `check SLA breaches in HaloPSA`, `who is overloaded in Halo`, `client card for Acme in Halo`, `Halo contract burn-down`, `what changed in Halo since this morning`, `find time gaps in my Halo timesheet`, `use halopsa`, `run halopsa`.
hubspot
Every Sales Hub feature, plus offline cross-object queries and retained property-change history. Trigger phrases: `find meetings ever scheduled`, `monthly meeting outcome report`, `hubspot stale leads`, `who do I call today hubspot`, `engagements timeline for this contact`, `use hubspot-cli`, `run hubspot`.
hudu
Every Hudu cmdlet, plus an offline SQLite mirror, cross-entity audits, and agent-native output no PowerShell module or read-only MCP ships. Trigger phrases: `hudu hygiene scorecard`, `audit hudu documentation`, `find stale hudu passwords`, `what hudu certs expire soon`, `score hudu documentation completeness`, `onboard a new client in hudu`, `use hudu`, `run hudu`.
huntress
Every Huntress endpoint, plus fleet-wide incident, coverage, and billing rollups the API can't. Trigger phrases: `show me all critical huntress incidents`, `huntress coverage gaps across my orgs`, `huntress blast radius for this IP`, `reconcile huntress billing`, `huntress agent health report`, `use huntress`, `run huntress`.
itglue
Every IT Glue resource, plus an offline SQLite mirror, fleet-wide cross-resource search, and documentation-hygiene analytics no other IT Glue tool offers. Trigger phrases: `find this device across all my IT Glue clients`, `which IT Glue organizations are under-documented`, `audit stale passwords in IT Glue`, `sync IT Glue to a local database`, `what changed in IT Glue since last week`, `use itglue`, `run itglue`.
kaseya-bms
The first dedicated CLI and MCP server for Kaseya BMS - the full PSA surface plus offline sync, full-text search, and the queue, contract-burn, and unbilled-revenue analytics the web grid can't compute. Trigger phrases: `check the BMS queue`, `stale tickets in Kaseya BMS`, `how many contract hours are left`, `unbilled time in BMS`, `BMS sales pipeline`, `use kaseya-bms`, `run kaseya-bms`.
knowbe4
Every KnowBe4 KMSAT reporting feature, plus a local SQLite store for the questions the console cannot answer. Trigger phrases: `who keeps clicking phishing in knowbe4`, `knowbe4 repeat clickers`, `knowbe4 risk leaderboard`, `who failed phishing but never trained`, `knowbe4 training coverage gaps`, `build a knowbe4 qbr`, `use knowbe4`, `run knowbe4-cli`.
levelio
Every Level RMM endpoint, plus a local SQLite fleet store and offline cross-entity rollups no Level tool has: at-risk ranking, patch posture, alert triage, and stale-device detection in one command. Trigger phrases: `check my level fleet`, `what level devices are at risk`, `level patch posture`, `level stale devices`, `level client scorecard`, `triage level alerts`, `use levelio`, `run levelio-cli`.
liongard
Every Liongard endpoint, plus an offline copy of your whole MSP estate you can join, search, and drift-check from one command. Trigger phrases: `what changed across my Liongard environments`, `show stale Liongard launchpoints`, `which Liongard agents are offline`, `pivot a Liongard metric across all systems`, `Liongard drift report`, `use liongard`, `run liongard`.
microsoft-graph
The maintained single-binary successor to the retiring mgc - every MSP-relevant Microsoft Graph surface, plus an offline store that finds wasted licenses, privileged-access risks, and stale devices no single API call can. Trigger phrases: `find unused microsoft 365 licenses`, `who has global admin in this tenant`, `triage microsoft defender alerts`, `list non-compliant intune devices`, `microsoft graph tenant snapshot`, `use microsoft-graph`, `run microsoft-graph`.
mspbots
The first MSPbots tool anywhere - readable filters, alias-named resources, full exports, and the KPI history MSPbots itself doesn't keep. Trigger phrases: `pull the open tickets dataset from MSPbots`, `export MSPbots data to CSV`, `snapshot our MSPbots KPIs`, `is our ticket backlog up or down this week`, `what columns does this MSPbots dataset have`, `use mspbots`, `run mspbots-cli`.
n-central
Every N-central REST endpoint, plus an offline SQLite mirror of your whole org tree, cross-tenant search, issue-triage rollups, and a JWT-expiry guardian no other N-central tool has.
nerdio
The first non-PowerShell client for the Nerdio Manager for MSP API - cross-account AVD fleet audits, async-job plumbing, and offline search no other Nerdio tool has. Trigger phrases: `list nerdio accounts`, `audit autoscale across customers`, `which AVD hosts are running`, `nerdio billing rollup`, `wait for nerdio job`, `use nerdio`, `run nerdio-cli`.
ninjaone
Every NinjaOne report, plus a local store that answers fleet-wide questions no single API call can: patch compliance, backup gaps, AV blast-radius, health, drift. Trigger phrases: `check patch compliance in ninjaone`, `which ninjaone devices have no backup`, `ninjaone av threat sweep`, `ninjaone fleet health for an org`, `show stale ninjaone devices`, `use ninjaone`, `run ninjaone`.
pagerduty
Every PagerDuty incident, on-call and service operation from the terminal, plus a local SQLite mirror that answers cross-entity questions - MTTA/MTTR, on-call coverage gaps, responder load - that neither the API nor the web UI can. Trigger phrases: `who is on call for this service`, `show me the open pagerduty incidents`, `what's the mttr for this service`, `acknowledge the pagerduty incident`, `which services have no on-call coverage`, `use pagerduty`, `run pagerduty-cli`.
pandadoc
Every PandaDoc endpoint, plus an offline document pipeline no other PandaDoc tool has - stalled deals, aging, recipient engagement, and open quote value from a local store. Trigger phrases: `check my pandadoc pipeline`, `which proposals are stalled`, `list pandadoc documents`, `create a document from a template`, `how much quote value is open`, `use pandadoc`, `run pandadoc`.
pax8
Every Pax8 Partner API endpoint, plus an offline store that reconciles billing, tracks MRR, and catches usage overages no Pax8 tool surfaces. Trigger phrases: `reconcile pax8 billing`, `what is my pax8 mrr`, `list pax8 companies`, `check pax8 usage overages`, `pax8 customer 360`, `use pax8`, `run pax8-cli`.
pipedrive
Full Pipedrive CRUD plus a local SQLite pipeline copy: stale deals, forecasts, aging, dupes, rep leaderboards. Trigger phrases: `which deals are going stale in pipedrive`, `what's my weighted pipeline forecast`, `who do I need to follow up with today`, `find duplicate contacts in pipedrive`, `show the sales rep leaderboard`, `use pipedrive`, `run pipedrive`.
proofpoint
Every TAP Threat Insight endpoint, plus a local threat store that answers the cross-endpoint questions - who is both attacked and clicking, what touched this user - inside Proofpoint's punishing daily quotas. Trigger phrases: `pull proofpoint siem events`, `who are my VAPs`, `decode this urldefense link`, `proofpoint incident brief`, `top clickers this month`, `use proofpoint`, `run proofpoint-cli`.
quickbooks
Every QuickBooks Online Accounting entity, plus an offline SQLite mirror, cross-entity search, and AR/AP aging no SDK or read-only MCP ships. Trigger phrases: `who owes us money`, `ar aging`, `what do we owe`, `overdue invoices in quickbooks`, `sync quickbooks`, `quickbooks cash position`, `use quickbooks`, `run quickbooks`.
rocketcyber
The first CLI and MCP server for RocketCyber Managed SOC, with triage and posture analytics no console page or API call computes. Trigger phrases: `check rocketcyber incidents`, `soc triage board`, `which rocketcyber agents are offline`, `rocketcyber secure score trend`, `audit rocketcyber suppression rules`, `use rocketcyber`, `run rocketcyber-cli`.
rootly
Every Rootly incident, alert, and on-call object as a typed command, with a local SQLite mirror for offline analytics. Trigger phrases: `who is on call right now`, `find incidents similar to this one`, `what fixed this service last time`, `compute MTTR by service`, `find on-call coverage gaps`, `use rootly`, `run rootly`.
runzero
Every runZero query, plus a local SQLite copy of your whole attack surface that diffs over time, joins assets to vulnerabilities offline, and costs zero API quota to re-slice. Trigger phrases: `list runzero assets`, `triage my runzero exposure`, `what changed on my attack surface`, `which assets are affected by this CVE`, `find stale assets in runzero`, `use runzero`, `run runzero-cli`.
salesbuildr
Every Salesbuildr resource as a scriptable command, plus offline margin and pipeline analytics. Trigger phrases: `salesbuildr stale quotes`, `check quote margins`, `salesbuildr pipeline velocity`, `sync salesbuildr catalog`, `company whitespace salesbuildr`, `use salesbuildr`, `run salesbuildr`.
sentinelone
Every SentinelOne v2.1 management endpoint, plus an offline SQLite store and cross-entity analytics - fleet health, threat triage, blast radius, drift - that no console view offers. Trigger phrases: `triage sentinelone threats`, `check sentinelone threats`, `sentinelone fleet health`, `which endpoints have active threats`, `what changed in sentinelone overnight`, `sentinelone agent status`, `use sentinelone`, `run sentinelone-cli`.
servosity
Use when the user asks where their attention is needed across Servosity clients, which backups went stale, what changed since yesterday, to build QBR backup reports, draft stale-backup follow-up emails, watch restore queues during a DR event, reconcile the Servosity bill, or find unprovisioned agents. Wraps the Servosity partner API plus a local fleet mirror with snapshot history. Trigger phrases: `what needs my attention on servosity`, `fleet stale backups`, `show me the QBR backup report for`, `triage servosity issues`, `drift since yesterday on servosity`, `watch restore queue`, `reconcile servosity bill`, `Servosity + ChatGPT`, `Servosity + Claude`, `use servosity`, `run servosity-cli`.
sherweb
Every Sherweb Partner API capability, plus a local SQLite store, offline analytics, and margin/drift/orphan joins no other Sherweb tool has. Trigger phrases: `reconcile sherweb billing`, `what's my margin per customer in sherweb`, `find orphaned sherweb subscriptions`, `list sherweb customers`, `preview a sherweb seat change`, `use sherweb`, `run sherweb-cli`.
skykick
Fleet-wide M365 backup assurance for SkyKick Cloud Backup - posture, stale snapshots, and coverage gaps no portal or wrapper can show. Trigger phrases: `check skykick backups`, `which customers aren't backed up`, `stale skykick snapshots`, `skykick fleet health`, `skykick backup alerts`, `audit m365 backup retention`, `use skykick`, `run skykick-cli`.
superops
Use when the user asks to triage a SuperOps queue, see who's about to breach SLA, pull a client 360 before a QBR, find at-risk assets (unpatched and actively alerting), check alert coverage, total billable worklog per client at month-end, find stale tickets, or run any cross-entity question across SuperOps PSA and RMM. Wraps the full SuperOps GraphQL surface plus a local SQLite mirror; read-only by default with a single previewable `raw mutation` write path. Trigger phrases: `list superops tickets`, `which tickets are breaching SLA`, `client 360 in superops`, `at-risk assets in superops`, `unbilled worklog in superops`, `stale tickets in superops`, `SuperOps + ChatGPT`, `SuperOps + Claude`, `use superops`, `run superops-cli`.
syncro
Use when the user asks to list or triage Syncro tickets, find logged-but-unbilled time, check AR aging, see which assets are missing patches, rank RMM alert noise, pull a cross-entity customer profile, or run any Syncro PSA or RMM workflow. Wraps the Syncro API plus an offline SQLite mirror with cross-customer search and billing-leakage analytics. Trigger phrases: `list syncro tickets`, `show uninvoiced time in syncro`, `syncro ar aging`, `which syncro assets are missing patches`, `triage stale syncro tickets`, `Syncro + ChatGPT`, `Syncro + Claude`, `use syncro`, `run syncro-cli`.
connectwise-control
Use when the user asks to list, search, or inspect ConnectWise Control (ScreenConnect) remote-support and access sessions, run a command on a guest machine, rename or tag sessions, manage instance users, or read the audit log. Turns the ScreenConnect instance surface into typed commands with an offline SQLite mirror. Trigger phrases: `list connectwise control sessions`, `screenconnect session detail`, `run command on a screenconnect guest`, `connectwise control audit log`, `use connectwise control`, `run connectwise-control-cli`.
rewst
Use when the user asks to check Rewst automation health, find failed or dormant workflows, report automation ROI/time-saved, compare config drift between client orgs, or check integration-pack coverage across tenants. Turns Rewst's GraphQL-only gateway into typed commands and adds cross-org rollups the web app makes you assemble one client at a time. Trigger phrases: `check rewst automation health`, `rewst failed workflows`, `how much time did rewst save`, `rewst config drift between orgs`, `which rewst orgs are missing a pack`, `use rewst`, `run rewst`.
Bio shown is the top-scored skill's repo description as a fallback — real GitHub bios land in a future update.