cyberneticlibrary
← library

Validate vulnerabilities and breach risk

contrastapimcp_serversetup L20
smithery:contrastcyber/contrastapi
What it does

Lookup CVEs with EPSS/KEV and domain security intelligence

Best for

Security-aware AI agents validating vulnerabilities, domain posture, and breach risk in real time.

Inputs
  • · CVE ID (e.g., CVE-2024-1234)
  • · domain name for audit
  • · IP address for threat intel
Outputs
  • · CVE details with EPSS/KEV/PoC metadata
  • · domain security posture score (0-100)
  • · IP reputation and abuse reports
Requires
  • · API key to api.contrastcyber.com
Preconditions
  • · Network access to api.contrastcyber.com
  • · MCP client with stdio or HTTP transport
Failure modes
  • · Rate limits on high-volume CVE queries
  • · Missing CVE data for 0-days or proprietary vulns
  • · SSRF attacks if input validation skipped
Trust signals
  • · 53 tools + 60+ endpoints documented
  • · 2446 passing tests
  • · MIT licensed
  • · Explicit ethical limits on crawling (robots.txt, rate limits)