ToolTrust
A2/100
Smithery

oversight-threat-intel

mcpsmithery

@Smithery

## Sectora Threat Intelligence Ask your AI *"is this CVE actually being exploited?"* and get real data back โ€” not a guess from 2024 training cutoff. Sectora blends **EPSS scores**, **CISA KEV** status, **public exploit** availability, **Nuclei templates**, and **CVSS** into a single 0โ€“100 **weaponization score**. Your LLM stops hallucinating severity and starts giving actionable answers grounded in live signals. --- ### ๐Ÿ› ๏ธ Tools | Tool | What it does | |---|---| | `lookup_cve` | Full CVE enrichment โ€” EPSS, KEV, exploits, Nuclei, ransomware use | | `get_weaponization_score` | 0โ€“100 score blending 5 exploitation signals | | `search_cves` | Find CVEs by keyword, severity, KEV status, or exploit availability | | `assess_tech_risk` | Risk summary for a stack (e.g. `"nginx 1.25, OpenSSL 3.1, PostgreSQL 16"`) | | `get_kev_recent` | Newly added CISA KEV entries | | `get_trending_cves` | EPSS spikes + new exploits this week | | `lookup_ip_reputation` | Community IP rep from the Sectora Shield WAF network | | `get_threat_stats` | Database coverage stats | --- ### ๐Ÿ’ฌ Try these prompts - *"Is CVE-2024-3400 being actively exploited? What's its weaponization score?"* - *"What's the weaponization score for Log4Shell?"* - *"Assess the security risk of running nginx 1.25 and OpenSSL 3.1"* - *"Show me the critical CVEs added to CISA KEV this week"* - *"Has IP 45.33.32.156 been reported for attacks?"* --- ### โšก Quick start (Claude Desktop) ```json { "mcpServers": { "sectora": { "type": "streamable-http", "url": "https://mcp.sectora.io/mcp" } } } Works out of the box with Claude Desktop, Claude Code, Cursor, Windsurf, ChatGPT, and any MCP-compatible client. --- ๐ŸŽ Free tier 300 requests/minute per IP. No signup. No credit card. Discovery calls (tools/list, initialize) don't count against quota. Need higher limits for production use? Get a free API key at sectora.io/settings/api-keys โ†’ 3,000 req/min. --- ๐Ÿ”’ Privacy We log request metadata (IP, country, tool name, latency) for abuse detection and service reliability. We do not log tool arguments or responses โ€” the CVEs and IPs you look up are never stored. 30-day retention. Full details at sectora.io/legal/privacy. --- ๐Ÿข About Built and operated by Sectora โ€” an AI-era DAST platform that scans production apps for vulnerabilities. This MCP is our way of putting the same threat-intel enrichment our scanners use directly inside your AI workflow

By Smithery | 13 findings | Scanned 7/3/2026 | tooltrust-scanner/v0.3.19

2 Low11 Info

Risk Summary

Safe With Normal Controls

Dep Visibility is the main signal, but overall risk remains within an acceptable range.

Potential impact: This finding indicates the tool should be reviewed before it is trusted.

Recommended action: No high-risk findings were detected in this scan, but you should still apply least-privilege defaults and rescan after changes.

Suggested policy: keep this tool behind manual approval, do not allow unattended runs, and re-scan after narrowing risky permissions.

Security Findings (13)

  • LowAS-011

    โ„น๏ธMissing Rate-Limit / Timeout ร—2

    tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

    search_cveslookup_ip_reputation

    Fix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

  • InfoAS-014

    โ„น๏ธDependency Inventory Unavailable ร—8

    Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

    lookup_cveassess_tech_risksearch_cvesget_kev_recentget_trending_cvesget_weaponization_scorelookup_ip_reputationget_threat_stats

    Fix: Review and remediate the identified issue.

  • InfoAS-002

    โš ๏ธExcessive Permissions ร—3

    declared capabilities: network access, database access

    search_cves

    declared capabilities: network access

    lookup_ip_reputation

    declared capabilities: database access

    get_threat_stats

    Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

Scan this tool yourself

Reproduce this audit locally, integrate into CI, or let your agent audit its own tools.

Install once, then scan any MCP server:

$ curl -sfL https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-scanner/main/install.sh | bash
$ tooltrust-scanner scan --server "npx -y oversight-threat-intel"

Adjust the package name if your npm registry name differs from the tool ID. View source

Add badge to your README

Copy this Markdown to show your ToolTrust grade on GitHub.

[![ToolTrust Grade A](https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-directory/main/docs/badges/grade-a.svg)](https://github.com/AgentSafe-AI/tooltrust-directory)