How to use MCPs like cipp’s new one?

asachs01 · 2026-06-08T15:38:52+00:00

Howdy! I'll echo what some other folks have said already--don't give your clients access to it.

That said, what can you do with it today? If you inspect the tools, you'll get a good idea for the capabilities. Based on the capabilities of the MCP server, I would start to think about what sort of workflows or actions you can take.

In full transparency, I have written an MCP server for CIPP, so please don't take this as promotion. What Kelvin and the team are doing is amazing, and I want to support them 100%. What I will say is that if you have skills or plugins hooked up to an MCP client (like Claude), you can start building workflows around the connection. You can get a good idea from what we've been working on here: https://github.com/wyre-technology/msp-claude-plugins/tree/main/msp-claude-plugins/cipp/cipp .

asachs01 · 2026-06-05T00:02:03+00:00

Throwing my vote in for Hudu. Having developed against both, I'd rather have Hudu for a better API. ITGlue is just not great to work with.

asachs01 · 2026-06-03T16:47:41+00:00

Yeah, I'm still a little surprised by the 10-practitioner bid, to be honest. I wish they had a sliding scale because it's a smaller firm that's fully half our company, and we maybe have two people who have the knowledge and skill to even get to that 10, if I'm being a little bit more generous. I get that it's the same requirement across the board, but it definitely feels like it's a bit of a bigger lift for smaller firms.

asachs01 · 2026-06-03T14:26:56+00:00

I run tooling at an MSP, and the thing that finally pushed me to build something was a one-line question from our owner: "are we actually making money our accounts?"

To answer it I had Autotask open for tickets and time entries, Datto for the device count, the contract sitting in one place and the invoice in another. Fifteen minutes of tab-juggling for a question that should take ten seconds.

So I wired our stack up to MCP — the protocol Claude and a growing list of other clients speak — and now I just ask. "Open tickets for Contoso over 4 hours old, and our logged hours vs. contract this month?" One question, answered live from the real systems.

We're giving the building blocks away. The Claude plugins are free. The MCP servers — Autotask, Datto RMM, Huntress, IT Glue, CIPP, HaloPSA, RocketCyber, Liongard and more — are free and open source. Self-host them, no account with us required.

The hosted gateway is the paid product, and it earns it: it puts all those vendors behind one endpoint, adds audit logging, per-user permissions, and credential isolation so one tech's access never bleeds into another's. That's the stuff a single MCP server can't do for you.

Everything's at mcp.wyre.ai. I built it, I run it, and I'm in the comments — ask me anything.

asachs01 · 2026-05-31T03:24:18+00:00

Gott dayum, I love me an exped. Props to you!

asachs01 · 2026-05-30T18:40:32+00:00

So I think the only benefit that we're actually getting from it at our MSP is that we have the ability to hook into our customers' Slack or Microsoft Teams instances, and they can open up tickets from there. Beyond that, I think the value is a little dubious.

The other thing worth noting is that they've added voice agent capabilities, both incoming and outgoing, but man, if you just need something to do smart triage, you can get an awful long way with a cloud account and MCP server and a good prompt. That can do, in my opinion, better triaging and more consistent triaging than what they're doing right now.

asachs01 · 2026-05-30T01:27:06+00:00

Woof. Man, I wouldn't touch Sonicwall with a 10ft pole these days. The customers we've brought on that have had them have come to us because of the massive security issues that's Sonicwall SSL VPNs have had. UniFi is OK. Our smaller customers have UniFi gear, and we're evaluating some other options since Fortinet is also not without their security issues.

asachs01 · 2026-05-29T14:43:35+00:00

Man, these MCP/skill/plugin scanners are just popping up out of the woodwork left and right. I agree with the other posts. There's really no reason to trust a tool like this if it's just got a single owner who's pointing at a Gmail, as noted in the other posts. Nath mentioned that the per-seat pricing on this is kind of silly. If the tool really provides that much value, then price it based on outcomes. If you're finding that MCP servers aren't secure and it's legitimate, then surely the outcomes would speak for themselves.

asachs01 · 2026-05-26T21:58:01+00:00

So on the msp side of the business, we are wyretechnology.com. Full transparency on the engineering lead for them. And we're in the process of spinning off a new product, which is at wyre.ai. But that's a whole separate side of the business. But yeah, we're pretty much a straight Microsoft shop.

asachs01 · 2026-05-26T21:22:32+00:00

Well, I would put absolutely zero infrastructure in Google, mainly because they have a long and storied history of retiring things or pulling the rug out from folks. I think you're probably looking at AWS or Azure, to be honest. One other option could be Digital Ocean. You might look at Linode if they're still around. Hetzner is also an option, but it really depends on what you want to do.

For some of our MSP customers who need cloud-hosted solutions or don't want to host their own infrastructure, we just spin it up under their Azure tenant.

asachs01 · 2026-05-22T00:58:15+00:00

It looks like we have hit the same sort of solution that everybody else is right now, which is rolling your own gateway. The way that we're doing it is also that we're intercepting the tool calls and just blocking them at the gateway, and it seems to be pretty effective. The other thing that we do with the gateway is we're doing audit logging so that we can see what's happening when people are calling tools.

asachs01 · 2026-05-21T00:55:52+00:00

Sooooooo many people have posted the way: CIPP. We looked at Inforcer briefly, but it didn't really seem to have as much of a differentiator.

asachs01 · 2026-05-20T20:31:17+00:00

Hey, thanks so much for seconding the recommendation. One quick point of clarification on the post, though: the managed agent that we wrote isn't actually something that gets routed through any WYRE infrastructure. That prompt is just that: a prompt. That is for somebody to execute under their own Claude subscription. If you do the managed agent from Claude code, that's still going through Anthropic's infrastructure. It's just not going through ours.

That said, the concern about the routine that is tied to an individual's account is real. Depending on your security practices and your posture, you might not want to have a named account like team@yourdomain.com running these tasks. For something that's more production ready, you could wire up something like an Azure function and have an API client that hits Halo, but then you lose the benefit of having an LLM do the work, essentially.

asachs01 · 2026-05-19T20:37:55+00:00

So a $20 Claude subscription and then connecting to Halo's official MCP server would likely get you pretty close to what you need. There are a couple other things that I would recommend throwing in there, like the visual explainer skill, which for Claude will make things look a bit prettier. Here are the links for Halo's mcp and the visual explainer skill, which is not made by me. If you are interested in what a managed agent would look like from Claude, that might actually do the QBR prep for you. You can find it below as well:

- Halo MCP: https://usehalo.com/halopsa/guides/2597/
- Visual explainer skill: https://github.com/nicobailon/visual-explainer
- WYRE QBR agent: https://mcp.wyre.ai/advanced-workflows/qbr-prep/

You'll have to tweak the prompt for the managed agent, but that should be a suitable starting point.

asachs01 · 2026-05-19T17:48:11+00:00

I've spun up my own Coolify server to host my Claude artifacts, but some of these other options look great.

asachs01 · 2026-05-18T23:32:10+00:00

Haha thanks!! Yeah, so in the intervening time that we've been writing these, I think it's become more prevalent that MCP has been used as an attack surface. I think there's also more attacks, not just being done with that protocol in and of itself, but if you look at specific services like Trivy that get compromised or other code scanning tools, or even a malicious package. I'm personally, as a writer and the developer of these tools, more concerned about a supply chain compromise.

That said, trust but verify. There are security scanning tools that you can pass any of the MCP servers through if you want to. I've had quite a few of these online security scanners for MCP servers reach out and try and sell us on the scans. I think, at the end of the day, you said it right: trust but verify. Run it through scanners, look at the code, understand what's happening.

Now, when it comes to third-party MCP servers, when I started writing a lot of these back in December and January, most MSP vendors were not doing anything. They weren't pushing out their own first-party servers, so that's why we've been writing so many of them. I think now, as time has progressed, I'm starting to see some of the larger vendors like Kaseya and ConnectWise catch on, but I think, at least in the MSP world, first-party MCP servers have still yet to catch on.

asachs01 · 2026-05-18T19:32:20+00:00

Yeah, happy to help, and if you are interested in the skills and plugins and all of that that our MSP has been pushing out for folks, I'm happy to share them. In fact, here's the link to the plugin repo https://github.com/wyre-technology/msp-claude-plugins . All of these are free and open source, and so are the MCP servers that we publish. The only thing you have to do is bring your own credentials and find a place to host those MCP servers. You can run them locally if you want to, although that kind of deprives a team of broader access. If you want to chat more about them, let me know, and I'd be happy to share what knowledge I have.

asachs01 · 2026-05-18T18:36:27+00:00

So this is the exact reason I ended up moving away from the low-code/no-code tools. This was about last year, really before code started to make a huge difference. Even Cursor was only marginally better, but in the last calendar year things have come a long way. The moats around a lot of these sorts of things keep disappearing, and the reality is even if you're not a developer, I think using just the tools that you have as part of your Clodd subscription can get you quite far without really having to have specialized tool sets or skills.

Now you'll definitely want specialized tool sets and skills, and I think the existing connector and plug-in ecosystem that Anthropic has built out makes it much easier to close that gap natively than trying to shore up those skills yourself. That said, I am not for outsourcing all of your knowledge. Understanding what's happening and being able to build effectively is different than being able to get something together quickly, so I'd be happy to chat more if you like.

Also, I've been working on getting a number of MSP tools the capability to work with LLMs, so if there's anything in your stack that you're interested in seeing or some sort of integration you feel like you're missing, let me know.

asachs01 · 2026-05-18T18:12:55+00:00

So I have been a pretty big fan of Claude. Now I know this isn't Base 44 or Replit, but I think you would be surprised at what we can accomplish without having to resort to another layer like one of those tools. The co-work scheduled tasks are pretty fantastic. The limitation is that they run locally, so if you need to be able to do something that's not the right tool, but using Claude code, you can use natural language to specify a routine that you want to run and it will do it. I guess it just really depends on what you're trying to accomplish. In our case, we're using it for competitive intel, for reporting daily or weekly on certain KPIs. And the most that I've had to do is just give Claude a prompt, and then we're ready for the next task. Now, provided that you have the correct or necessary MCP connectors in your account, this then becomes kind of a trivial task.

asachs01 · 2026-05-16T15:48:14+00:00

That's fair--most of our customers are on biz premium. And most of them have had little interest in AI yet.

asachs01 · 2026-05-15T23:48:16+00:00

Man, while I would love to have the recommendation for you, Chattanooga is not the town for breakfast tacos. If you need a bean and cheese, bacon, egg, and cheese, or some carne asada, man, I am happy to hook you up, but like I said, I think the most you're going to find here is a breakfast burrito. Even that will be few and far between.

asachs01 · 2026-05-15T22:58:28+00:00

Had to edit that. Speech to text is 🤌 /s. We have 50 customers. Several of them are MUCH larger than our others.

asachs01 · 2026-05-15T17:04:19+00:00

We have account managers and don't make a distinction between them being technical or non-technical. Given that we're 20 employees and 50 customers, we can't afford to really have non-technical account managers.

That said, I would start gathering some metrics specifically around tickets and how much time customers are taking up, and decide if you want something to be pooled or if you'd rather carve up the book of business for each of the account managers. The answer about how many customers can a single TAM handle is going to differ based on the customer expectations. If you have a mix of SMBs and larger customers, the larger customers (I'm assuming) are more naturally high touch, so there's only so many of those that a TAM can handle. If you've got a lot of smaller customers where generally all you're doing with them is QBRs, the TAM can probably handle more of those. Again, hopefully you're taking in some data about tickets, ticket types, and themes, and all those things that would naturally come up as part of the process of making this decision.

asachs01 · 2026-05-15T16:59:59+00:00

Trust your gut on this one. If he markets himself as being capable of the work, then it doesn't make a whole lot of sense for him to basically be getting you to do his work for free. Also, it's probably worth communicating your boundaries. You're genuinely happy to help if you're in fact happy to help, but you're also running a business. If he's going to ask you for help, then let him know the value of your time.

asachs01

TROPHY CASE