0
A2A
A2A 0.3
v1.32.3
ContrastAPI
api.contrastcyber.com
· ContrastCyber
Security + OSINT API with 52 MCP tools, 7 MCP Resources (ATLAS+D3FEND+CWE catalog browsing), and conditional triage Prompt for AI agents: CVE/KEV/CWE lookup, composite risk scoring (CVSS+EPSS+KEV+PoC fusion), CVSS v3.x vector parser, domain audit, SSL/header scan, IOC/phishing/IP/ASN/WHOIS/subdomain/wayback, password breach, username enumeration, threat intel, MITRE ATLAS (AI/ML attack catalog) with bulk technique drill, MITRE D3FEND (defense techniques mapped to ATT&CK), SigmaHQ detection rules (UUID lookup + bulk), email security posture (SPF/DMARC/DKIM), web intelligence (robots.txt parser, redirect-chain walker, email validation, brand-asset scraper, SEO audit).
🛡
Own this agent?
Verify the domain
api.contrastcyber.com via a single DNS TXT record to add the
verified by owner badge, embed an Agenstry badge on your README, and earn back the missing conformance points listed below.
🔔
Watch this agent for changes.
Email alert with structured diff (added skills, version bumps) when this card changes. Structured JSON via card-changes API.
Sign in to subscribe
Trust score
51/100
grade D · 9 criteria
Uptime
67.5%
40 probes
Revenue · 30d
—
no payment wallet declared
Usage · 7d
1
impressions + calls
Card drift · 7d
stable
0 snapshots tracked
Owner
unverified
claim this listing →
D
Conformance score: 51/100
D-grade: significant issues — auth-gated, partially broken, or stale.
click to expand breakdown ▾
click to collapse breakdown ▴
D
Conformance score: 51/100
D-grade: significant issues — auth-gated, partially broken, or stale.
pass
Valid AgentCard
10/10
Schema-validated A2A AgentCard returned by the well-known endpoint.
fail
Live JSON-RPC
5/25
Endpoint replies but body isn't a valid JSON-RPC 2.0 A2A response.
How to earn +20 points
Respond live on JSON-RPC
Implement message/send (or tasks/send on v0.x). Return a 200 with a valid JSON-RPC response. Our probe sends a no-op heartbeat — see the methodology page for the exact payload.
Docs →
partial
Protocol version
5/10
Declares pre-1.0 A2A 0.3 (Google preview). Upgrade to v1.x for full points.
How to earn +5 points
Declare protocolVersion
Add `"protocolVersion": "1.0"` to the AgentCard root. Without it, callers can't negotiate v0.x vs v1.0 compatibility.
Docs →
info
JWS signature
0/10
Card is unsigned (most published agents are).
partial
Uptime track record
10/15
27/40 probes succeeded (68% uptime).
How to earn +5 points
Stabilise uptime
We probe every agent on a tiered schedule. Sustained 99 %+ uptime over 20+ checks scores full points. Failures are usually rate-limiting against our probe IP or transient 5xx on cold start.
Docs →
pass
Skill declaration
10/10
Declares 51 skills with structured metadata.
partial
Verified Identity
5/10
Provider declared: ContrastCyber (https://contrastcyber.com). Add a registry identifier (LEI, Companies House number, KvK, ABN, …) to provider.legalEntity for full verified-business credit.
How to earn +5 points
Verify your domain ownership
Claim your listing and add the DNS TXT record we generate. Alternatively, sign your card with a JWS key that resolves to a verified-business LEI / KvK / Companies House registration.
Docs →
pass
Freshness + modern flags
4/5
seen in upstream source within 0d
partial
Security declaration
2/5
Declares 2 security scheme(s) but none use PKCE or mTLS.
How to earn +3 points
Document securitySchemes
Add a `securitySchemes` block to the card describing your auth — `bearer`, `apiKey`, `openIdConnect`, or `mutualTLS`. Routers refuse to call agents that declare no auth model.
Docs →
Activity (audit trail)
last 24h · 0 calls Public aggregate · no PII recorded0
calls 24h
1
calls 7d
1
routed 7d
Recent events (last 20)
| When | Event | Method | Status | Latency |
|---|---|---|---|---|
| 2026-05-17T15:32:53 | routed | — |
200 ok | — |
| 2026-05-15T16:45:13 | search_impression | api_search |
200 ok | — |
| 2026-05-15T16:44:42 | search_impression | api_search |
200 ok | — |
Uptime
67.5%
40 probes
Response
80ms
last probe
Skills
51
declared
Streaming
✓
SSE-capable
Endpoints
| Agent card | https://api.contrastcyber.com/.well-known/agent-card.json |
| Provider | https://contrastcyber.com |
| Docs | https://api.contrastcyber.com/quickstart |
Discovered via
smithery
recrawl_hot
mcp_registry
recrawl_warm
Skills · 51 declared · mapped to canonical taxonomy
CVE Lookup
Look up CVE details with CVSS, EPSS, KEV, patch info
securitycvevulnerability
CVE Search
Search CVEs by vendor, product, keyword
securitycve
Leading CVEs
Top trending/high-severity CVEs
securitycve
KEV Detail
CISA KEV record: federal patch deadline, required action, ransomware association, CWE list
securitycvekevcisa
CWE Lookup
MITRE CWE catalog: description, mitigations, parent/child weakness chain, CVE count
securitycweweakness
Domain Audit
Full-stack domain security audit
osintdomain
Subdomain Enumeration
Enumerate subdomains via crt.sh
osintdomain
SSL/TLS Check
Certificate validation + grading (A-F)
securityssl
Security Headers
HTTP security header validation with value checks
securityheaders
Tech Fingerprint
Detect CMS, frameworks, servers, JS libraries
osintfingerprint
Injection Check
Basic SQLi/XSS reflection test
securityinjection
Secret Leakage Check
Scan for exposed secrets in responses
securitysecrets
Dependency Check
Vulnerable JS library detection
securitydependencies
IOC Lookup
Indicator of compromise check (IP, domain, hash)
threat-intelioc
Hash Lookup
File hash reputation (MD5/SHA1/SHA256)
threat-intelhash
Threat Report
Consolidated threat report
threat-intel
Password Breach
HIBP password breach check (k-anonymity)
securitypassword
Disposable Email
Detect disposable / temp email domains
osintemail
Phone Lookup
Phone carrier, region, country
osintphone
Username Lookup
Cross-platform username enumeration
osintusername
Wayback Lookup
Internet Archive snapshots for a URL
osintwayback
ATLAS Technique Lookup
MITRE ATLAS (AI/ML attack catalog) technique lookup by id (AML.T####). Returns tactics, maturity, ATT&CK bridge, pivot hints
securityai-mlatlasmitre
ATLAS Technique Search
Search the MITRE ATLAS AI/ML attack catalog by keyword, tactic, or maturity
securityai-mlatlasmitre
Bulk ATLAS Technique Lookup
Drill into up to 50 MITRE ATLAS technique ids in a single call — natural follow-up to atlas_case_study_lookup's techniques_used array
securityai-mlatlasmitrebulk
ATLAS Case Study Lookup
MITRE ATLAS real-world AI/ML attack incident case study (AML.CS####)
securityai-mlatlasincident
ATLAS Case Study Search
Search ATLAS case studies by keyword or by referenced ATLAS technique
securityai-mlatlasincident
D3FEND Defense Lookup
MITRE D3FEND defense technique lookup by slug (e.g. TokenBinding). Returns tactic, artifact, mapped ATT&CK T-codes
securityd3fenddefensemitre
D3FEND Defense Search
Search D3FEND defenses by keyword, tactic (Harden/Detect/Isolate/...), or targeted artifact
securityd3fenddefensemitre
D3FEND Reverse Lookup
Given an ATT&CK T-code, return all D3FEND defenses that mitigate it. Bridges offensive intel (CVE/ATLAS/ATT&CK) to defensive playbook
securityd3fenddefensemitreattack
D3FEND Coverage Audit
Batch defense coverage breakdown across multiple ATT&CK T-codes — count defenses per tactic + identify undefended techniques
securityd3fenddefensemitreaudit
Contrast Triage (Prompt)
v1.23.0 conditional MCP Prompt: pick a tool chain by perspective ('red' = offensive recon, 'blue' = defensive triage) for an auto-detected target (CVE / ATLAS /…
securityprompttriageworkflow
ATLAS Catalog (MCP Resources)
v1.23.0 MCP Resources: browse the full MITRE ATLAS catalog (167 techniques + 57 case studies) without spending a tool slot. URIs: atlas://catalog, atlas://techn…
securityai-mlatlasmitreresource
D3FEND Catalog (MCP Resources)
v1.23.0 MCP Resources: browse the full MITRE D3FEND defense catalog (149 defenses). URIs: d3fend://catalog, d3fend://defense/{id}.
securityd3fenddefensemitreresource
CWE Catalog (MCP Resources)
v1.23.0 MCP Resources: browse the full MITRE CWE catalog (944 weaknesses). URIs: cwe://catalog (slim), cwe://weakness/{id} (full record).
securitycwemitreresource
Robots.txt Parser
v1.25.0 Fetch + parse a target domain's robots.txt — sitemaps, per-User-agent allow/disallow, crawl-delay, Host directive (RFC 9309). Use BEFORE crawling/scrapi…
osintweb-intelrobotscrawler
Redirect Chain Walker
v1.25.0 Walk a URL's HTTP redirect chain hop-by-hop, returning per-hop status, Location, latency. SSRF-guarded at every hop. Use to deobfuscate URL shorteners, …
osintweb-intelredirectphishing
Email Verify (Combined)
v1.25.0 One-call email validation combining syntax + MX records + disposable check + role-address detection (admin@/info@/noreply@) + free-provider classificati…
osintemailvalidationlead-gen
Brand Assets Scraper
v1.25.0 Scrape a domain's homepage <head> for public brand assets — favicon, og:image, theme-color, og:site_name, JSON-LD Organization.logo. Enriches CRM record…
osintweb-intelbrandingcrm
SEO Audit (One-Page)
v1.25.0 One-shot SEO audit of a domain's homepage with a 0-100 composite score (10 rules) + missing_signals list of concrete fixes. Use BEFORE pitching SEO work…
seoweb-intelauditmarketing
Health · last 30 probes
Who's calling this agent 30d
3 interactions captured (impressions + lookups + A2A calls) · 1 routing decisions picked this agent
By AI host (caller_kind)
Unknown (no UA)
2 (67%)
curl
1 (33%)
Via which API surface
unknown
2
rest
1
Top search intents that surfaced this agent
pdf parsing · 2
extract a pdf invoice and email the summary · 1
Per-caller-identity drill-down is private to the agent owner (visible on the owner dashboard). Cross-platform context + competitor benchmarks in the Enterprise tier.
Cheaper or better alternatives per-skill
↑ 10 higher quality
For each canonical skill this agent serves, the cheapest priced competitor and the highest-quality competitor — only shown when at least one beats the current agent. Skills where this agent is already best on both axes are hidden.
Security Posture Review
devops
18 other agents serve this
9 other agents serve this
Threat Analysis and Triage
security
12 other agents serve this
Penetration Test Recon
security
8 other agents serve this
KYC and Identity Verification
compliance
34 other agents serve this
Document Summarization
content
16 other agents serve this
16 other agents serve this
Dependency Audit and Update
coding
14 other agents serve this
Network Intelligence
reasoning
18 other agents serve this
10 other agents serve this
Similar agents embedding-nearest
Embed your Agenstry badge
Paste any of these into your README, agent card, or marketing page. Each badge auto-updates and links back to this page.
Markdown / HTML snippets
[](https://agenstry.com/agents/api.contrastcyber.com) [](https://agenstry.com/agents/api.contrastcyber.com) [](https://agenstry.com/agents/api.contrastcyber.com) [](https://agenstry.com/agents/api.contrastcyber.com)
Audit-grade evidence bundle
JSON snapshot for vendor-review files. Add ?sign=true for a JWS-signed envelope verifiable against
our JWKS. See the methodology.
Raw agent card JSON
{
"name": "ContrastAPI",
"description": "Security + OSINT API with 52 MCP tools, 7 MCP Resources (ATLAS+D3FEND+CWE catalog browsing), and conditional triage Prompt for AI agents: CVE/KEV/CWE lookup, composite risk scoring (CVSS+EPSS+KEV+PoC fusion), CVSS v3.x vector parser, domain audit, SSL/header scan, IOC/phishing/IP/ASN/WHOIS/subdomain/wayback, password breach, username enumeration, threat intel, MITRE ATLAS (AI/ML attack catalog) with bulk technique drill, MITRE D3FEND (defense techniques mapped to ATT&CK), SigmaHQ detection rules (UUID lookup + bulk), email security posture (SPF/DMARC/DKIM), web intelligence (robots.txt parser, redirect-chain walker, email validation, brand-asset scraper, SEO audit).",
"url": "https://api.contrastcyber.com",
"version": "1.32.3",
"protocolVersion": "0.3",
"protocolVersions": [
"0.3"
],
"iconUrl": "https://api.contrastcyber.com/static/logo-ph.png",
"supportedInterfaces": [
{
"protocolBinding": "MCP-HTTP",
"url": "https://api.contrastcyber.com/mcp/"
},
{
"protocolBinding": "OpenAPI",
"url": "https://api.contrastcyber.com/openapi.json"
},
{
"protocolBinding": "HTTP-REST",
"url": "https://api.contrastcyber.com/v1"
}
],
"provider": {
"organization": "ContrastCyber",
"url": "https://contrastcyber.com"
},
"documentationUrl": "https://api.contrastcyber.com/quickstart",
"capabilities": {
"streaming": true,
"pushNotifications": false,
"stateTransitionHistory": false
},
"defaultInputModes": [
"text",
"application/json"
],
"defaultOutputModes": [
"application/json"
],
"interfaces": [
{
"type": "mcp",
"url": "https://api.contrastcyber.com/mcp/",
"transport": "streamable-http"
},
{
"type": "openapi",
"url": "https://api.contrastcyber.com/openapi.json"
}
],
"skills": [
{
"id": "cve_lookup",
"name": "CVE Lookup",
"description": "Look up CVE details with CVSS, EPSS, KEV, patch info",
"tags": [
"security",
"cve",
"vulnerability"
],
"examples": [
"Look up CVE-2021-44228",
"Get details for Log4Shell"
]
},
{
"id": "cve_search",
"name": "CVE Search",
"description": "Search CVEs by vendor, product, keyword",
"tags": [
"security",
"cve"
],
"examples": [
"Find CVEs for Apache Struts",
"Search recent nginx vulnerabilities"
]
},
{
"id": "cve_leading",
"name": "Leading CVEs",
"description": "Top trending/high-severity CVEs",
"tags": [
"security",
"cve"
],
"examples": [
"What are this week's leading CVEs?",
"Top KEV-listed vulnerabilities"
]
},
{
"id": "bulk_cve_lookup",
"name": "Bulk CVE Lookup",
"description": "Batch CVE details",
"tags": [
"security",
"cve"
],
"examples": [
"Lookup CVE-2024-1234, CVE-2024-5678 together"
]
},
{
"id": "exploit_lookup",
"name": "Exploit Lookup",
"description": "Public exploits for a CVE",
"tags": [
"security",
"exploit"
],
"examples": [
"Are there public exploits for CVE-2023-34362?"
]
},
{
"id": "kev_detail",
"name": "KEV Detail",
"description": "CISA KEV record: federal patch deadline, required action, ransomware association, CWE list",
"tags": [
"security",
"cve",
"kev",
"cisa"
],
"examples": [
"KEV detail for CVE-2021-44228",
"Federal patch deadline for Log4Shell"
]
},
{
"id": "cwe_lookup",
"name": "CWE Lookup",
"description": "MITRE CWE catalog: description, mitigations, parent/child weakness chain, CVE count",
"tags": [
"security",
"cwe",
"weakness"
],
"examples": [
"Look up CWE-79 (XSS)",
"Mitigations for CWE-89 (SQL injection)"
]
},
{
"id": "audit_domain",
"name": "Domain Audit",
"description": "Full-stack domain security audit",
"tags": [
"osint",
"domain"
],
"examples": [
"Audit example.com for security issues"
]
},
{
"id": "domain_report",
"name": "Domain Report",
"description": "Summary report for a domain",
"tags": [
"osint",
"domain"
],
"examples": [
"Generate security report for github.com"
]
},
{
"id": "subdomain_enum",
"name": "Subdomain Enumeration",
"description": "Enumerate subdomains via crt.sh",
"tags": [
"osint",
"domain"
],
"examples": [
"Find all subdomains of contrastcyber.com"
]
},
{
"id": "dns_lookup",
"name": "DNS Lookup",
"description": "DNS records (A, AAAA, MX, TXT, NS)",
"tags": [
"osint",
"dns"
],
"examples": [
"DNS records for cloudflare.com"
]
},
{
"id": "whois_lookup",
"name": "WHOIS Lookup",
"description": "Domain registration info",
"tags": [
"osint",
"whois"
],
"examples": [
"WHOIS for openai.com"
]
},
{
"id": "ssl_check",
"name": "SSL/TLS Check",
"description": "Certificate validation + grading (A-F)",
"tags": [
"security",
"ssl"
],
"examples": [
"Check SSL cert for api.example.com",
"Grade TLS config for mydomain.com"
]
},
{
"id": "check_headers",
"name": "Security Headers",
"description": "HTTP security header validation with value checks",
"tags": [
"security",
"headers"
],
"examples": [
"Check security headers on example.com"
]
},
{
"id": "scan_headers",
"name": "Scan Headers",
"description": "Bulk header scan",
"tags": [
"security",
"headers"
],
"examples": [
"Scan headers for multiple URLs"
]
},
{
"id": "tech_fingerprint",
"name": "Tech Fingerprint",
"description": "Detect CMS, frameworks, servers, JS libraries",
"tags": [
"osint",
"fingerprint"
],
"examples": [
"What stack runs example.com?",
"Fingerprint technologies on mysite.io"
]
},
{
"id": "check_injection",
"name": "Injection Check",
"description": "Basic SQLi/XSS reflection test",
"tags": [
"security",
"injection"
],
"examples": [
"Test example.com/search for injection"
]
},
{
"id": "check_secrets",
"name": "Secret Leakage Check",
"description": "Scan for exposed secrets in responses",
"tags": [
"security",
"secrets"
],
"examples": [
"Check if example.com leaks API keys"
]
},
{
"id": "check_dependencies",
"name": "Dependency Check",
"description": "Vulnerable JS library detection",
"tags": [
"security",
"dependencies"
],
"examples": [
"Check JS libs on example.com for CVEs"
]
},
{
"id": "ioc_lookup",
"name": "IOC Lookup",
"description": "Indicator of compromise check (IP, domain, hash)",
"tags": [
"threat-intel",
"ioc"
],
"examples": [
"Is 1.2.3.4 a known IOC?"
]
},
{
"id": "bulk_ioc_lookup",
"name": "Bulk IOC Lookup",
"description": "Batch IOC check",
"tags": [
"threat-intel",
"ioc"
],
"examples": [
"Check multiple IPs and hashes at once"
]
},
{
"id": "ip_lookup",
"name": "IP Lookup",
"description": "IP geolocation, ASN, reputation",
"tags": [
"osint",
"ip"
],
"examples": [
"Who owns 8.8.8.8?",
"Geolocate 1.1.1.1"
]
},
{
"id": "asn_lookup",
"name": "ASN Lookup",
"description": "Autonomous system info",
"tags": [
"osint",
"asn"
],
"examples": [
"Details for AS13335 (Cloudflare)"
]
},
{
"id": "hash_lookup",
"name": "Hash Lookup",
"description": "File hash reputation (MD5/SHA1/SHA256)",
"tags": [
"threat-intel",
"hash"
],
"examples": [
"Is this SHA256 malicious?"
]
},
{
"id": "threat_intel",
"name": "Threat Intel",
"description": "Multi-source threat lookup",
"tags": [
"threat-intel"
],
"examples": [
"Is evil.com malicious?"
]
},
{
"id": "threat_report",
"name": "Threat Report",
"description": "Consolidated threat report",
"tags": [
"threat-intel"
],
"examples": [
"Generate threat report for suspicious.io"
]
},
{
"id": "phishing_check",
"name": "Phishing Check",
"description": "Phishing URL detection",
"tags": [
"security",
"phishing"
],
"examples": [
"Is paypal-secure.net a phishing site?"
]
},
{
"id": "password_check",
"name": "Password Breach",
"description": "HIBP password breach check (k-anonymity)",
"tags": [
"security",
"password"
],
"examples": [
"Has my password been leaked?"
]
},
{
"id": "email_disposable",
"name": "Disposable Email",
"description": "Detect disposable / temp email domains",
"tags": [
"osint",
"email"
],
"examples": [
"Is mailinator.com a disposable email?"
]
},
{
"id": "email_mx",
"name": "Email MX",
"description": "Email domain MX record validation",
"tags": [
"osint",
"email"
],
"examples": [
"MX records for example.com"
]
},
{
"id": "phone_lookup",
"name": "Phone Lookup",
"description": "Phone carrier, region, country",
"tags": [
"osint",
"phone"
],
"examples": [
"Carrier for +14155552671"
]
},
{
"id": "username_lookup",
"name": "Username Lookup",
"description": "Cross-platform username enumeration",
"tags": [
"osint",
"username"
],
"examples": [
"Find accounts for username torvalds"
]
},
{
"id": "wayback_lookup",
"name": "Wayback Lookup",
"description": "Internet Archive snapshots for a URL",
"tags": [
"osint",
"wayback"
],
"examples": [
"Archived versions of example.com"
]
},
{
"id": "atlas_technique_lookup",
"name": "ATLAS Technique Lookup",
"description": "MITRE ATLAS (AI/ML attack catalog) technique lookup by id (AML.T####). Returns tactics, maturity, ATT&CK bridge, pivot hints",
"tags": [
"security",
"ai-ml",
"atlas",
"mitre"
],
"examples": [
"Look up AML.T0051 (LLM Prompt Injection)",
"Details for ATLAS AML.T0000"
]
},
{
"id": "atlas_technique_search",
"name": "ATLAS Technique Search",
"description": "Search the MITRE ATLAS AI/ML attack catalog by keyword, tactic, or maturity",
"tags": [
"security",
"ai-ml",
"atlas",
"mitre"
],
"examples": [
"Find ATLAS techniques about prompt injection",
"List demonstrated AI/ML attacks"
]
},
{
"id": "bulk_atlas_technique_lookup",
"name": "Bulk ATLAS Technique Lookup",
"description": "Drill into up to 50 MITRE ATLAS technique ids in a single call \u2014 natural follow-up to atlas_case_study_lookup's techniques_used array",
"tags": [
"security",
"ai-ml",
"atlas",
"mitre",
"bulk"
],
"examples": [
"Bulk drill the techniques_used from this ATLAS case study",
"Lookup AML.T0051, AML.T0043, AML.T0061 together"
]
},
{
"id": "atlas_case_study_lookup",
"name": "ATLAS Case Study Lookup",
"description": "MITRE ATLAS real-world AI/ML attack incident case study (AML.CS####)",
"tags": [
"security",
"ai-ml",
"atlas",
"incident"
],
"examples": [
"Look up AML.CS0000 (Evasion of Deep Learning Detector)"
]
},
{
"id": "atlas_case_study_search",
"name": "ATLAS Case Study Search",
"description": "Search ATLAS case studies by keyword or by referenced ATLAS technique",
"tags": [
"security",
"ai-ml",
"atlas",
"incident"
],
"examples": [
"Find AI/ML evasion incidents",
"Case studies using AML.T0043"
]
},
{
"id": "d3fend_defense_lookup",
"name": "D3FEND Defense Lookup",
"description": "MITRE D3FEND defense technique lookup by slug (e.g. TokenBinding). Returns tactic, artifact, mapped ATT&CK T-codes",
"tags": [
"security",
"d3fend",
"defense",
"mitre"
],
"examples": [
"Look up D3FEND TokenBinding",
"Details for D3FEND FileHashing"
]
},
{
"id": "d3fend_defense_search",
"name": "D3FEND Defense Search",
"description": "Search D3FEND defenses by keyword, tactic (Harden/Detect/Isolate/...), or targeted artifact",
"tags": [
"security",
"d3fend",
"defense",
"mitre"
],
"examples": [
"Find D3FEND Harden defenses for Access Token",
"Search D3FEND for sandbox techniques"
]
},
{
"id": "d3fend_defense_for_attack",
"name": "D3FEND Reverse Lookup",
"description": "Given an ATT&CK T-code, return all D3FEND defenses that mitigate it. Bridges offensive intel (CVE/ATLAS/ATT&CK) to defensive playbook",
"tags": [
"security",
"d3fend",
"defense",
"mitre",
"attack"
],
"examples": [
"What D3FEND defenses mitigate T1059?",
"Defenses for T1550.001"
]
},
{
"id": "d3fend_attack_coverage",
"name": "D3FEND Coverage Audit",
"description": "Batch defense coverage breakdown across multiple ATT&CK T-codes \u2014 count defenses per tactic + identify undefended techniques",
"tags": [
"security",
"d3fend",
"defense",
"mitre",
"audit"
],
"examples": [
"Coverage for T1059, T1190, T1550.001",
"Which of these ATT&CK techniques have no D3FEND mitigation?"
]
},
{
"id": "contrast_triage",
"name": "Contrast Triage (Prompt)",
"description": "v1.23.0 conditional MCP Prompt: pick a tool chain by perspective ('red' = offensive recon, 'blue' = defensive triage) for an auto-detected target (CVE / ATLAS / ATT&CK / CWE / hash / IP / domain).",
"tags": [
"security",
"prompt",
"triage",
"workflow"
],
"examples": [
"/contrast-triage 8.8.8.8 blue",
"/contrast-triage CVE-2021-44228 red",
"/contrast-triage AML.T0051 blue"
]
},
{
"id": "atlas_resources",
"name": "ATLAS Catalog (MCP Resources)",
"description": "v1.23.0 MCP Resources: browse the full MITRE ATLAS catalog (167 techniques + 57 case studies) without spending a tool slot. URIs: atlas://catalog, atlas://technique/{id}, atlas://case-study/{id}.",
"tags": [
"security",
"ai-ml",
"atlas",
"mitre",
"resource"
],
"examples": [
"Browse atlas://catalog",
"Read atlas://technique/AML.T0051"
]
},
{
"id": "d3fend_resources",
"name": "D3FEND Catalog (MCP Resources)",
"description": "v1.23.0 MCP Resources: browse the full MITRE D3FEND defense catalog (149 defenses). URIs: d3fend://catalog, d3fend://defense/{id}.",
"tags": [
"security",
"d3fend",
"defense",
"mitre",
"resource"
],
"examples": [
"Browse d3fend://catalog",
"Read d3fend://defense/TokenBinding"
]
},
{
"id": "cwe_resources",
"name": "CWE Catalog (MCP Resources)",
"description": "v1.23.0 MCP Resources: browse the full MITRE CWE catalog (944 weaknesses). URIs: cwe://catalog (slim), cwe://weakness/{id} (full record).",
"tags": [
"security",
"cwe",
"mitre",
"resource"
],
"examples": [
"Browse cwe://catalog",
"Read cwe://weakness/CWE-79"
]
},
{
"id": "robots_txt",
"name": "Robots.txt Parser",
"description": "v1.25.0 Fetch + parse a target domain's robots.txt \u2014 sitemaps, per-User-agent allow/disallow, crawl-delay, Host directive (RFC 9309). Use BEFORE crawling/scraping a target site to honour its published rules.",
"tags": [
"osint",
"web-intel",
"robots",
"crawler"
],
"examples": [
"Get robots.txt rules for github.com",
"What sitemaps does cloudflare.com publish?"
]
},
{
"id": "redirect_chain",
"name": "Redirect Chain Walker",
"description": "v1.25.0 Walk a URL's HTTP redirect chain hop-by-hop, returning per-hop status, Location, latency. SSRF-guarded at every hop. Use to deobfuscate URL shorteners, audit suspicious phishing links, trace marketing tracking redirects.",
"tags": [
"osint",
"web-intel",
"redirect",
"phishing"
],
"examples": [
"Where does this bit.ly link actually go?",
"Trace redirect chain for https://t.co/xyz"
]
},
{
"id": "email_verify",
"name": "Email Verify (Combined)",
"description": "v1.25.0 One-call email validation combining syntax + MX records + disposable check + role-address detection (admin@/info@/noreply@) + free-provider classification (gmail/outlook/yahoo). Replaces 2-3 tool calls. NO SMTP RCPT TO probing \u2014 ethical floor declared.",
"tags": [
"osint",
"email",
"validation",
"lead-gen"
],
"examples": [
"Verify admin@example.com",
"Is jane@gmail.com a personal address?"
]
},
{
"id": "brand_assets",
"name": "Brand Assets Scraper",
"description": "v1.25.0 Scrape a domain's homepage <head> for public brand assets \u2014 favicon, og:image, theme-color, og:site_name, JSON-LD Organization.logo. Enriches CRM records / company-card UIs without manual screenshots. Honours robots.txt, Cache-Control, per-target throttle.",
"tags": [
"osint",
"web-intel",
"branding",
"crm"
],
"examples": [
"Get brand assets for stripe.com",
"Find logo + favicon for github.com"
]
},
{
"id": "seo_audit",
"name": "SEO Audit (One-Page)",
"description": "v1.25.0 One-shot SEO audit of a domain's homepage with a 0-100 composite score (10 rules) + missing_signals list of concrete fixes. Use BEFORE pitching SEO work, when triaging a lead's marketing maturity, or as a structured pre-flight before deeper Lighthouse / SEMrush audits. Honours robots.txt.",
"tags": [
"seo",
"web-intel",
"audit",
"marketing"
],
"examples": [
"Score the SEO of example.com",
"Audit shopify.com homepage SEO"
]
}
],
"securitySchemes": {
"apiKey": {
"type": "apiKey",
"name": "X-API-Key",
"in": "header"
},
"bearer": {
"type": "http",
"scheme": "bearer"
}
},
"supportsAuthenticatedExtendedCard": false
}