Back to ContrastAPI

Card snapshot

contrastcyber.com · 2026-06-14 00:26:35 UTC · 40e283ddf5cfcbc6543b070a653c1dfb9d336220aa76e5be854c7975cf014195

This is a frozen copy of the agent's agent-card.json as we observed it at the timestamp above. We capture a new snapshot every time the card's content hash changes. Useful for: forensic drift analysis, verifying downstream callers see the right version, reproducing routing decisions made historically. 

{
  "name": "ContrastAPI",
  "description": "Landing pointer card for ContrastAPI, the live product of ContrastCyber (an umbrella building products humans and AI agents use the same way \u2014 see provider). ContrastAPI is a Security + OSINT API with 54 MCP tools, 7 MCP Resources (ATLAS+D3FEND+CWE catalog browsing), and 3 MCP Prompts (incl. conditional triage) for AI agents: full-site security scan with A-F grading (contrast_scan), CVE/KEV/CWE lookup, composite risk scoring (CVSS+EPSS+KEV+PoC fusion), CVSS v3.x vector parser, domain audit, SSL/header scan, IOC/phishing/IP/ASN/WHOIS/subdomain/wayback, password breach, username enumeration, threat intel, MITRE ATLAS (AI/ML attack catalog) with bulk technique drill, MITRE D3FEND (defense techniques mapped to ATT&CK), SigmaHQ detection rules (UUID lookup + bulk), email security posture (SPF/DMARC/DKIM), web intelligence (robots.txt parser, redirect-chain walker, email validation, brand-asset scraper, SEO audit). All execution interfaces are served by api.contrastcyber.com; the full 54-skill agent card is at https://api.contrastcyber.com/.well-known/agent-card.json",
  "url": "https://contrastcyber.com",
  "version": "1.35.0",
  "protocolVersion": "0.3.0",
  "protocolVersions": [
    "0.3.0"
  ],
  "iconUrl": "https://contrastcyber.com/static/branding/logo_256.png",
  "supportedInterfaces": [
    {
      "protocolBinding": "MCP-HTTP",
      "url": "https://api.contrastcyber.com/mcp/"
    },
    {
      "protocolBinding": "OpenAPI",
      "url": "https://api.contrastcyber.com/openapi.json"
    },
    {
      "protocolBinding": "HTTP-REST",
      "url": "https://api.contrastcyber.com/v1"
    }
  ],
  "provider": {
    "organization": "ContrastCyber",
    "url": "https://contrastcyber.com"
  },
  "documentationUrl": "https://api.contrastcyber.com/quickstart",
  "capabilities": {
    "streaming": true,
    "pushNotifications": false,
    "stateTransitionHistory": false
  },
  "defaultInputModes": [
    "text",
    "application/json"
  ],
  "defaultOutputModes": [
    "application/json"
  ],
  "interfaces": [
    {
      "type": "mcp",
      "url": "https://api.contrastcyber.com/mcp/",
      "transport": "streamable-http"
    },
    {
      "type": "openapi",
      "url": "https://api.contrastcyber.com/openapi.json"
    }
  ],
  "skills": [
    {
      "id": "contrast_scan",
      "name": "Contrast Scan",
      "description": "Full-site security scan \u2014 11 checks (SSL, headers, DNS, DNSSEC, cookies, redirects, info disclosure, HTTP methods, CORS, HTML analysis, CSP) scored out of 100 points with a single A-F grade",
      "tags": [
        "security",
        "scan",
        "grade",
        "audit"
      ],
      "examples": [
        "Scan example.com and grade its security",
        "Run contrast_scan on mydomain.io"
      ]
    },
    {
      "id": "cve_lookup",
      "name": "CVE Lookup",
      "description": "Look up CVE details with CVSS, EPSS, KEV, patch info",
      "tags": [
        "security",
        "cve",
        "vulnerability"
      ],
      "examples": [
        "Look up CVE-2021-44228",
        "Get details for Log4Shell"
      ]
    },
    {
      "id": "audit_domain",
      "name": "Domain Audit",
      "description": "Full-stack domain security audit",
      "tags": [
        "osint",
        "domain"
      ],
      "examples": [
        "Audit example.com for security issues"
      ]
    },
    {
      "id": "ssl_check",
      "name": "SSL/TLS Check",
      "description": "Certificate validation + grading (A-F)",
      "tags": [
        "security",
        "ssl"
      ],
      "examples": [
        "Check SSL cert for api.example.com",
        "Grade TLS config for mydomain.com"
      ]
    },
    {
      "id": "threat_intel",
      "name": "Threat Intel",
      "description": "Multi-source threat lookup",
      "tags": [
        "threat-intel"
      ],
      "examples": [
        "Is evil.com malicious?"
      ]
    },
    {
      "id": "ip_lookup",
      "name": "IP Lookup",
      "description": "IP geolocation, ASN, reputation",
      "tags": [
        "osint",
        "ip"
      ],
      "examples": [
        "Who owns 8.8.8.8?",
        "Geolocate 1.1.1.1"
      ]
    },
    {
      "id": "atlas_technique_lookup",
      "name": "ATLAS Technique Lookup",
      "description": "MITRE ATLAS (AI/ML attack catalog) technique lookup by id (AML.T####). Returns tactics, maturity, ATT&CK bridge, pivot hints",
      "tags": [
        "security",
        "ai-ml",
        "atlas",
        "mitre"
      ],
      "examples": [
        "Look up AML.T0051 (LLM Prompt Injection)",
        "Details for ATLAS AML.T0000"
      ]
    },
    {
      "id": "d3fend_defense_for_attack",
      "name": "D3FEND Reverse Lookup",
      "description": "Given an ATT&CK T-code, return all D3FEND defenses that mitigate it. Bridges offensive intel (CVE/ATLAS/ATT&CK) to defensive playbook",
      "tags": [
        "security",
        "d3fend",
        "defense",
        "mitre",
        "attack"
      ],
      "examples": [
        "What D3FEND defenses mitigate T1059?",
        "Defenses for T1550.001"
      ]
    }
  ],
  "securitySchemes": {
    "apiKey": {
      "type": "apiKey",
      "name": "X-API-Key",
      "in": "header"
    },
    "bearer": {
      "type": "http",
      "scheme": "bearer"
    }
  },
  "supportsAuthenticatedExtendedCard": false
}