oversight-threat-intel
mcpsmithery## Sectora Threat Intelligence Ask your AI *"is this CVE actually being exploited?"* and get real data back โ not a guess from 2024 training cutoff. Sectora blends **EPSS scores**, **CISA KEV** status, **public exploit** availability, **Nuclei templates**, and **CVSS** into a single 0โ100 **weaponization score**. Your LLM stops hallucinating severity and starts giving actionable answers grounded in live signals. --- ### ๐ ๏ธ Tools | Tool | What it does | |---|---| | `lookup_cve` | Full CVE enrichment โ EPSS, KEV, exploits, Nuclei, ransomware use | | `get_weaponization_score` | 0โ100 score blending 5 exploitation signals | | `search_cves` | Find CVEs by keyword, severity, KEV status, or exploit availability | | `assess_tech_risk` | Risk summary for a stack (e.g. `"nginx 1.25, OpenSSL 3.1, PostgreSQL 16"`) | | `get_kev_recent` | Newly added CISA KEV entries | | `get_trending_cves` | EPSS spikes + new exploits this week | | `lookup_ip_reputation` | Community IP rep from the Sectora Shield WAF network | | `get_threat_stats` | Database coverage stats | --- ### ๐ฌ Try these prompts - *"Is CVE-2024-3400 being actively exploited? What's its weaponization score?"* - *"What's the weaponization score for Log4Shell?"* - *"Assess the security risk of running nginx 1.25 and OpenSSL 3.1"* - *"Show me the critical CVEs added to CISA KEV this week"* - *"Has IP 45.33.32.156 been reported for attacks?"* --- ### โก Quick start (Claude Desktop) ```json { "mcpServers": { "sectora": { "type": "streamable-http", "url": "https://mcp.sectora.io/mcp" } } } Works out of the box with Claude Desktop, Claude Code, Cursor, Windsurf, ChatGPT, and any MCP-compatible client. --- ๐ Free tier 300 requests/minute per IP. No signup. No credit card. Discovery calls (tools/list, initialize) don't count against quota. Need higher limits for production use? Get a free API key at sectora.io/settings/api-keys โ 3,000 req/min. --- ๐ Privacy We log request metadata (IP, country, tool name, latency) for abuse detection and service reliability. We do not log tool arguments or responses โ the CVEs and IPs you look up are never stored. 30-day retention. Full details at sectora.io/legal/privacy. --- ๐ข About Built and operated by Sectora โ an AI-era DAST platform that scans production apps for vulnerabilities. This MCP is our way of putting the same threat-intel enrichment our scanners use directly inside your AI workflow
By Smithery | 13 findings | Scanned 7/3/2026 | tooltrust-scanner/v0.3.19
Risk Summary
Safe With Normal ControlsDep Visibility is the main signal, but overall risk remains within an acceptable range.
Potential impact: This finding indicates the tool should be reviewed before it is trusted.
Recommended action: No high-risk findings were detected in this scan, but you should still apply least-privilege defaults and rescan after changes.
Suggested policy: keep this tool behind manual approval, do not allow unattended runs, and re-scan after narrowing risky permissions.
Security Findings (13)
tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
search_cveslookup_ip_reputationFix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.
Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.
lookup_cveassess_tech_risksearch_cvesget_kev_recentget_trending_cvesget_weaponization_scorelookup_ip_reputationget_threat_statsFix: Review and remediate the identified issue.
declared capabilities: network access, database access
search_cvesdeclared capabilities: network access
lookup_ip_reputationdeclared capabilities: database access
get_threat_statsFix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
Scan this tool yourself
Reproduce this audit locally, integrate into CI, or let your agent audit its own tools.
Install once, then scan any MCP server:
$ curl -sfL https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-scanner/main/install.sh | bash$ tooltrust-scanner scan --server "npx -y oversight-threat-intel"Adjust the package name if your npm registry name differs from the tool ID. View source
Add badge to your README
Copy this Markdown to show your ToolTrust grade on GitHub.
[](https://github.com/AgentSafe-AI/tooltrust-directory)