{"audit":{"version":"1.3","generated_at":"2026-05-23T01:22:22.692329+00:00","generated_by":"Agenstry","report_url":"https://agenstry.com/agents/api.contrastcyber.com","methodology_url":"https://agenstry.com/methodology","verifier_jwks_url":"https://agenstry.com/.well-known/jwks.json","subject":{"domain":"api.contrastcyber.com","name":"ContrastAPI","url":"https://api.contrastcyber.com/.well-known/agent-card.json"}},"identity":{"provider":{"organization":"ContrastCyber","url":"https://contrastcyber.com"},"registry_verification":null,"signature":{"signed":false,"signature_valid":null}},"protocol":{"version":"0.3","supports_streaming":true,"supports_push_notifications":false},"operational":{"live_state":"wrong_response","live_responds":false,"last_status_code":200,"last_elapsed_ms":80,"last_error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe"},"track_record":{"first_seen":"2026-05-14T00:43:04.720074+00:00","last_checked":"2026-05-22T12:55:26.111733+00:00","last_seen_ok":"2026-05-14T20:45:02.062089+00:00","checks_total":40,"checks_ok":27,"uptime_pct":67.5,"archived":false,"archived_reason":null},"conformance":{"score":51,"grade":"D","summary":"D-grade: significant issues — auth-gated, partially broken, or stale.","criteria":[{"key":"valid_card","label":"Valid AgentCard","points":10,"max_points":10,"status":"pass","detail":"Schema-validated A2A AgentCard returned by the well-known endpoint."},{"key":"live_responds","label":"Live JSON-RPC","points":5,"max_points":25,"status":"fail","detail":"Endpoint replies but body isn't a valid JSON-RPC 2.0 A2A response."},{"key":"protocol_version","label":"Protocol version","points":5,"max_points":10,"status":"partial","detail":"Declares pre-1.0 A2A 0.3 (Google preview). Upgrade to v1.x for full points."},{"key":"signature","label":"JWS signature","points":0,"max_points":10,"status":"info","detail":"Card is unsigned (most published agents are)."},{"key":"uptime","label":"Uptime track record","points":10,"max_points":15,"status":"partial","detail":"27/40 probes succeeded (68% uptime)."},{"key":"skills","label":"Skill declaration","points":10,"max_points":10,"status":"pass","detail":"Declares 51 skills with structured metadata."},{"key":"verified_identity","label":"Verified Identity","points":5,"max_points":10,"status":"partial","detail":"Provider declared: ContrastCyber (https://contrastcyber.com). Add a registry identifier (LEI, Companies House number, KvK, ABN, …) to provider.legalEntity for full verified-business credit."},{"key":"freshness","label":"Freshness + modern flags","points":4,"max_points":5,"status":"pass","detail":"seen in upstream source within 0d"},{"key":"security","label":"Security declaration","points":2,"max_points":5,"status":"partial","detail":"Declares 2 security scheme(s) but none use PKCE or mTLS."}]},"skills":[{"id":"cve_lookup","name":"CVE Lookup","description":"Look up CVE details with CVSS, EPSS, KEV, patch info","tags":["security","cve","vulnerability"],"examples":["Look up CVE-2021-44228","Get details for Log4Shell"],"inputModes":[],"outputModes":[]},{"id":"cve_search","name":"CVE Search","description":"Search CVEs by vendor, product, keyword","tags":["security","cve"],"examples":["Find CVEs for Apache Struts","Search recent nginx vulnerabilities"],"inputModes":[],"outputModes":[]},{"id":"cve_leading","name":"Leading CVEs","description":"Top trending/high-severity CVEs","tags":["security","cve"],"examples":["What are this week's leading CVEs?","Top KEV-listed vulnerabilities"],"inputModes":[],"outputModes":[]},{"id":"bulk_cve_lookup","name":"Bulk CVE Lookup","description":"Batch CVE details","tags":["security","cve"],"examples":["Lookup CVE-2024-1234, CVE-2024-5678 together"],"inputModes":[],"outputModes":[]},{"id":"exploit_lookup","name":"Exploit Lookup","description":"Public exploits for a CVE","tags":["security","exploit"],"examples":["Are there public exploits for CVE-2023-34362?"],"inputModes":[],"outputModes":[]},{"id":"kev_detail","name":"KEV Detail","description":"CISA KEV record: federal patch deadline, required action, ransomware association, CWE list","tags":["security","cve","kev","cisa"],"examples":["KEV detail for CVE-2021-44228","Federal patch deadline for Log4Shell"],"inputModes":[],"outputModes":[]},{"id":"cwe_lookup","name":"CWE Lookup","description":"MITRE CWE catalog: description, mitigations, parent/child weakness chain, CVE count","tags":["security","cwe","weakness"],"examples":["Look up CWE-79 (XSS)","Mitigations for CWE-89 (SQL injection)"],"inputModes":[],"outputModes":[]},{"id":"audit_domain","name":"Domain Audit","description":"Full-stack domain security audit","tags":["osint","domain"],"examples":["Audit example.com for security issues"],"inputModes":[],"outputModes":[]},{"id":"domain_report","name":"Domain Report","description":"Summary report for a domain","tags":["osint","domain"],"examples":["Generate security report for github.com"],"inputModes":[],"outputModes":[]},{"id":"subdomain_enum","name":"Subdomain Enumeration","description":"Enumerate subdomains via crt.sh","tags":["osint","domain"],"examples":["Find all subdomains of contrastcyber.com"],"inputModes":[],"outputModes":[]},{"id":"dns_lookup","name":"DNS Lookup","description":"DNS records (A, AAAA, MX, TXT, NS)","tags":["osint","dns"],"examples":["DNS records for cloudflare.com"],"inputModes":[],"outputModes":[]},{"id":"whois_lookup","name":"WHOIS Lookup","description":"Domain registration info","tags":["osint","whois"],"examples":["WHOIS for openai.com"],"inputModes":[],"outputModes":[]},{"id":"ssl_check","name":"SSL/TLS Check","description":"Certificate validation + grading (A-F)","tags":["security","ssl"],"examples":["Check SSL cert for api.example.com","Grade TLS config for mydomain.com"],"inputModes":[],"outputModes":[]},{"id":"check_headers","name":"Security Headers","description":"HTTP security header validation with value checks","tags":["security","headers"],"examples":["Check security headers on example.com"],"inputModes":[],"outputModes":[]},{"id":"scan_headers","name":"Scan Headers","description":"Bulk header scan","tags":["security","headers"],"examples":["Scan headers for multiple URLs"],"inputModes":[],"outputModes":[]},{"id":"tech_fingerprint","name":"Tech Fingerprint","description":"Detect CMS, frameworks, servers, JS libraries","tags":["osint","fingerprint"],"examples":["What stack runs example.com?","Fingerprint technologies on mysite.io"],"inputModes":[],"outputModes":[]},{"id":"check_injection","name":"Injection Check","description":"Basic SQLi/XSS reflection test","tags":["security","injection"],"examples":["Test example.com/search for injection"],"inputModes":[],"outputModes":[]},{"id":"check_secrets","name":"Secret Leakage Check","description":"Scan for exposed secrets in responses","tags":["security","secrets"],"examples":["Check if example.com leaks API keys"],"inputModes":[],"outputModes":[]},{"id":"check_dependencies","name":"Dependency Check","description":"Vulnerable JS library detection","tags":["security","dependencies"],"examples":["Check JS libs on example.com for CVEs"],"inputModes":[],"outputModes":[]},{"id":"ioc_lookup","name":"IOC Lookup","description":"Indicator of compromise check (IP, domain, hash)","tags":["threat-intel","ioc"],"examples":["Is 1.2.3.4 a known IOC?"],"inputModes":[],"outputModes":[]},{"id":"bulk_ioc_lookup","name":"Bulk IOC Lookup","description":"Batch IOC check","tags":["threat-intel","ioc"],"examples":["Check multiple IPs and hashes at once"],"inputModes":[],"outputModes":[]},{"id":"ip_lookup","name":"IP Lookup","description":"IP geolocation, ASN, reputation","tags":["osint","ip"],"examples":["Who owns 8.8.8.8?","Geolocate 1.1.1.1"],"inputModes":[],"outputModes":[]},{"id":"asn_lookup","name":"ASN Lookup","description":"Autonomous system info","tags":["osint","asn"],"examples":["Details for AS13335 (Cloudflare)"],"inputModes":[],"outputModes":[]},{"id":"hash_lookup","name":"Hash Lookup","description":"File hash reputation (MD5/SHA1/SHA256)","tags":["threat-intel","hash"],"examples":["Is this SHA256 malicious?"],"inputModes":[],"outputModes":[]},{"id":"threat_intel","name":"Threat Intel","description":"Multi-source threat lookup","tags":["threat-intel"],"examples":["Is evil.com malicious?"],"inputModes":[],"outputModes":[]},{"id":"threat_report","name":"Threat Report","description":"Consolidated threat report","tags":["threat-intel"],"examples":["Generate threat report for suspicious.io"],"inputModes":[],"outputModes":[]},{"id":"phishing_check","name":"Phishing Check","description":"Phishing URL detection","tags":["security","phishing"],"examples":["Is paypal-secure.net a phishing site?"],"inputModes":[],"outputModes":[]},{"id":"password_check","name":"Password Breach","description":"HIBP password breach check (k-anonymity)","tags":["security","password"],"examples":["Has my password been leaked?"],"inputModes":[],"outputModes":[]},{"id":"email_disposable","name":"Disposable Email","description":"Detect disposable / temp email domains","tags":["osint","email"],"examples":["Is mailinator.com a disposable email?"],"inputModes":[],"outputModes":[]},{"id":"email_mx","name":"Email MX","description":"Email domain MX record validation","tags":["osint","email"],"examples":["MX records for example.com"],"inputModes":[],"outputModes":[]},{"id":"phone_lookup","name":"Phone Lookup","description":"Phone carrier, region, country","tags":["osint","phone"],"examples":["Carrier for +14155552671"],"inputModes":[],"outputModes":[]},{"id":"username_lookup","name":"Username Lookup","description":"Cross-platform username enumeration","tags":["osint","username"],"examples":["Find accounts for username torvalds"],"inputModes":[],"outputModes":[]},{"id":"wayback_lookup","name":"Wayback Lookup","description":"Internet Archive snapshots for a URL","tags":["osint","wayback"],"examples":["Archived versions of example.com"],"inputModes":[],"outputModes":[]},{"id":"atlas_technique_lookup","name":"ATLAS Technique Lookup","description":"MITRE ATLAS (AI/ML attack catalog) technique lookup by id (AML.T####). Returns tactics, maturity, ATT&CK bridge, pivot hints","tags":["security","ai-ml","atlas","mitre"],"examples":["Look up AML.T0051 (LLM Prompt Injection)","Details for ATLAS AML.T0000"],"inputModes":[],"outputModes":[]},{"id":"atlas_technique_search","name":"ATLAS Technique Search","description":"Search the MITRE ATLAS AI/ML attack catalog by keyword, tactic, or maturity","tags":["security","ai-ml","atlas","mitre"],"examples":["Find ATLAS techniques about prompt injection","List demonstrated AI/ML attacks"],"inputModes":[],"outputModes":[]},{"id":"bulk_atlas_technique_lookup","name":"Bulk ATLAS Technique Lookup","description":"Drill into up to 50 MITRE ATLAS technique ids in a single call — natural follow-up to atlas_case_study_lookup's techniques_used array","tags":["security","ai-ml","atlas","mitre","bulk"],"examples":["Bulk drill the techniques_used from this ATLAS case study","Lookup AML.T0051, AML.T0043, AML.T0061 together"],"inputModes":[],"outputModes":[]},{"id":"atlas_case_study_lookup","name":"ATLAS Case Study Lookup","description":"MITRE ATLAS real-world AI/ML attack incident case study (AML.CS####)","tags":["security","ai-ml","atlas","incident"],"examples":["Look up AML.CS0000 (Evasion of Deep Learning Detector)"],"inputModes":[],"outputModes":[]},{"id":"atlas_case_study_search","name":"ATLAS Case Study Search","description":"Search ATLAS case studies by keyword or by referenced ATLAS technique","tags":["security","ai-ml","atlas","incident"],"examples":["Find AI/ML evasion incidents","Case studies using AML.T0043"],"inputModes":[],"outputModes":[]},{"id":"d3fend_defense_lookup","name":"D3FEND Defense Lookup","description":"MITRE D3FEND defense technique lookup by slug (e.g. TokenBinding). Returns tactic, artifact, mapped ATT&CK T-codes","tags":["security","d3fend","defense","mitre"],"examples":["Look up D3FEND TokenBinding","Details for D3FEND FileHashing"],"inputModes":[],"outputModes":[]},{"id":"d3fend_defense_search","name":"D3FEND Defense Search","description":"Search D3FEND defenses by keyword, tactic (Harden/Detect/Isolate/...), or targeted artifact","tags":["security","d3fend","defense","mitre"],"examples":["Find D3FEND Harden defenses for Access Token","Search D3FEND for sandbox techniques"],"inputModes":[],"outputModes":[]},{"id":"d3fend_defense_for_attack","name":"D3FEND Reverse Lookup","description":"Given an ATT&CK T-code, return all D3FEND defenses that mitigate it. Bridges offensive intel (CVE/ATLAS/ATT&CK) to defensive playbook","tags":["security","d3fend","defense","mitre","attack"],"examples":["What D3FEND defenses mitigate T1059?","Defenses for T1550.001"],"inputModes":[],"outputModes":[]},{"id":"d3fend_attack_coverage","name":"D3FEND Coverage Audit","description":"Batch defense coverage breakdown across multiple ATT&CK T-codes — count defenses per tactic + identify undefended techniques","tags":["security","d3fend","defense","mitre","audit"],"examples":["Coverage for T1059, T1190, T1550.001","Which of these ATT&CK techniques have no D3FEND mitigation?"],"inputModes":[],"outputModes":[]},{"id":"contrast_triage","name":"Contrast Triage (Prompt)","description":"v1.23.0 conditional MCP Prompt: pick a tool chain by perspective ('red' = offensive recon, 'blue' = defensive triage) for an auto-detected target (CVE / ATLAS / ATT&CK / CWE / hash / IP / domain).","tags":["security","prompt","triage","workflow"],"examples":["/contrast-triage 8.8.8.8 blue","/contrast-triage CVE-2021-44228 red","/contrast-triage AML.T0051 blue"],"inputModes":[],"outputModes":[]},{"id":"atlas_resources","name":"ATLAS Catalog (MCP Resources)","description":"v1.23.0 MCP Resources: browse the full MITRE ATLAS catalog (167 techniques + 57 case studies) without spending a tool slot. URIs: atlas://catalog, atlas://technique/{id}, atlas://case-study/{id}.","tags":["security","ai-ml","atlas","mitre","resource"],"examples":["Browse atlas://catalog","Read atlas://technique/AML.T0051"],"inputModes":[],"outputModes":[]},{"id":"d3fend_resources","name":"D3FEND Catalog (MCP Resources)","description":"v1.23.0 MCP Resources: browse the full MITRE D3FEND defense catalog (149 defenses). URIs: d3fend://catalog, d3fend://defense/{id}.","tags":["security","d3fend","defense","mitre","resource"],"examples":["Browse d3fend://catalog","Read d3fend://defense/TokenBinding"],"inputModes":[],"outputModes":[]},{"id":"cwe_resources","name":"CWE Catalog (MCP Resources)","description":"v1.23.0 MCP Resources: browse the full MITRE CWE catalog (944 weaknesses). URIs: cwe://catalog (slim), cwe://weakness/{id} (full record).","tags":["security","cwe","mitre","resource"],"examples":["Browse cwe://catalog","Read cwe://weakness/CWE-79"],"inputModes":[],"outputModes":[]},{"id":"robots_txt","name":"Robots.txt Parser","description":"v1.25.0 Fetch + parse a target domain's robots.txt — sitemaps, per-User-agent allow/disallow, crawl-delay, Host directive (RFC 9309). Use BEFORE crawling/scraping a target site to honour its published rules.","tags":["osint","web-intel","robots","crawler"],"examples":["Get robots.txt rules for github.com","What sitemaps does cloudflare.com publish?"],"inputModes":[],"outputModes":[]},{"id":"redirect_chain","name":"Redirect Chain Walker","description":"v1.25.0 Walk a URL's HTTP redirect chain hop-by-hop, returning per-hop status, Location, latency. SSRF-guarded at every hop. Use to deobfuscate URL shorteners, audit suspicious phishing links, trace marketing tracking redirects.","tags":["osint","web-intel","redirect","phishing"],"examples":["Where does this bit.ly link actually go?","Trace redirect chain for https://t.co/xyz"],"inputModes":[],"outputModes":[]},{"id":"email_verify","name":"Email Verify (Combined)","description":"v1.25.0 One-call email validation combining syntax + MX records + disposable check + role-address detection (admin@/info@/noreply@) + free-provider classification (gmail/outlook/yahoo). Replaces 2-3 tool calls. NO SMTP RCPT TO probing — ethical floor declared.","tags":["osint","email","validation","lead-gen"],"examples":["Verify admin@example.com","Is jane@gmail.com a personal address?"],"inputModes":[],"outputModes":[]},{"id":"brand_assets","name":"Brand Assets Scraper","description":"v1.25.0 Scrape a domain's homepage <head> for public brand assets — favicon, og:image, theme-color, og:site_name, JSON-LD Organization.logo. Enriches CRM records / company-card UIs without manual screenshots. Honours robots.txt, Cache-Control, per-target throttle.","tags":["osint","web-intel","branding","crm"],"examples":["Get brand assets for stripe.com","Find logo + favicon for github.com"],"inputModes":[],"outputModes":[]},{"id":"seo_audit","name":"SEO Audit (One-Page)","description":"v1.25.0 One-shot SEO audit of a domain's homepage with a 0-100 composite score (10 rules) + missing_signals list of concrete fixes. Use BEFORE pitching SEO work, when triaging a lead's marketing maturity, or as a structured pre-flight before deeper Lighthouse / SEMrush audits. Honours robots.txt.","tags":["seo","web-intel","audit","marketing"],"examples":["Score the SEO of example.com","Audit shopify.com homepage SEO"],"inputModes":[],"outputModes":[]}],"provenance":[{"source":"smithery","first_seen":"2026-05-14T00:43:04.720074+00:00"},{"source":"recrawl_hot","first_seen":"2026-05-14T03:34:58.821323+00:00"},{"source":"mcp_registry","first_seen":"2026-05-18T13:05:07.751971+00:00"},{"source":"recrawl_warm","first_seen":"2026-05-21T23:37:26.737315+00:00"}],"recent_probes":[{"fetched_at":"2026-05-22T12:55:26.111733+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":80,"live_responds":null},{"fetched_at":"2026-05-22T06:17:49.856551+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":81,"live_responds":null},{"fetched_at":"2026-05-21T23:37:26.737315+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":71,"live_responds":null},{"fetched_at":"2026-05-20T18:11:47.619227+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":68,"live_responds":null},{"fetched_at":"2026-05-20T17:03:34.988119+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":74,"live_responds":null},{"fetched_at":"2026-05-20T13:14:50.386749+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":78,"live_responds":null},{"fetched_at":"2026-05-20T03:06:19.722350+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":76,"live_responds":null},{"fetched_at":"2026-05-19T22:27:38.017420+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":74,"live_responds":null},{"fetched_at":"2026-05-19T18:54:03.203912+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":74,"live_responds":null},{"fetched_at":"2026-05-18T23:51:27.785376+00:00","ok":false,"status_code":200,"error":"schema invalid: 3 validation errors for AgentCard\nsupportedInterfaces.0\n  Input should be a valid string [type=string_type, input_value={'protocolBinding': 'MCP-...contrastcybe","elapsed_ms":71,"live_responds":null}],"catalog_attestation":null,"verification_history":[],"signatures":[{"protected":"eyJhbGciOiJFUzI1NiIsImprdSI6Imh0dHBzOi8vYWdlbnN0cnkuY29tLy53ZWxsLWtub3duL2p3a3MuanNvbiIsImtpZCI6ImFnZW50ZmluZGVyLWVzMjU2LTEiLCJ0eXAiOiJKT1NFIn0","signature":"NY8KX6hbmK3tGHKPlrWRQ7Jbzdhj2Q9oe4RGvS9sQUmxpk3bMSLK4tKQ9jG5pQKi3_ZPp016CpttQaFtxdZTtQ"}]}