ZEN SecDB
Server Details
ZEN SecDB MCP server for CVE intelligence, CVSS/EPSS scoring, advisories, SSVC, and package audits.
- Status
- Unhealthy
- Last Tested
- Transport
- Streamable HTTP
- URL
Glama MCP Gateway
Connect through Glama MCP Gateway for full control over tool access and complete visibility into every call.
Full call logging
Every tool call is logged with complete inputs and outputs, so you can debug issues and audit what your agents are doing.
Tool access control
Enable or disable individual tools per connector, so you decide what your agents can and cannot do.
Managed credentials
Glama handles OAuth flows, token storage, and automatic rotation, so credentials never expire on your clients.
Usage analytics
See which tools your agents call, how often, and when, so you can understand usage patterns and catch anomalies.
Tool Definition Quality
Average 4.5/5 across 11 of 11 tools scored.
Each tool targets a distinct operation: CVE details, scores, historical EPSS, search, sightings, SSVC, Linux audit, PURL audit, and feed reports. No overlapping purposes.
All tool names follow snake_case with a consistent pattern: noun_noun or verb_noun. No mixing of conventions.
11 tools cover a well-scoped domain: vulnerability analysis, auditing, and reporting. Neither too few nor too many.
Complete query surface: single-CVE lookup, scoring, EPSS history, search, sightings, SSVC prioritization, and two audit types. No obvious gaps for the server's purpose.
Available Tools
11 toolsepss_timeseriesAInspect
Get the historical EPSS time series for a specific CVE.
What this tool does
Returns the historical EPSS score, percentile, and model version available for a CVE across time, ordered by date. Useful for analyzing how exploitability likelihood has evolved over time.
When to use this tool
Use this tool when the user asks about:
EPSS trend over time
how exploitability probability changed
whether EPSS spiked or dropped
historical comparison of risk
If the user only wants the current EPSS score, use vulnerability_score instead.
Inputs
cve_id: valid CVE identifier (
CVE-YYYY-NNNNN).
Outputs
series: array of objects, each containing:
date: measurement date in ISO formatscore: EPSS scorepercentile: EPSS percentilemodel: EPSS model version
LLM usage guidelines
Never guess EPSS values-use this tool for all EPSS time-series questions.
If
cve_idis malformed or incomplete, ask the user to correct it before calling.If the user mentions multiple CVEs, call the tool once per CVE as needed.
If no historical data is available, return an empty series and state that no EPSS history was found.
| Name | Required | Description | Default |
|---|---|---|---|
| cve_id | Yes | CVE identification (CVE-YYYY-NNNNN) |
Output Schema
| Name | Required | Description |
|---|---|---|
| series | No |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Discloses the output structure (date, score, percentile, model) and behavior when no data (empty series). No annotations are provided, so the description carries full burden; it is clear and honest, though it could mention any potential side effects or limitations.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with clear sections (what, when, inputs, outputs, LLM guidelines). Front-loaded with purpose. Each sentence adds value, though some sections could be slightly more compact.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's simplicity (one parameter, list output) and the presence of an output schema, the description fully explains the return structure and edge cases (no data). No additional context is needed.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% and the parameter description in the schema is nearly identical to the tool description. The description adds a guideline for handling malformed IDs, but does not significantly augment the meaning of the parameter itself.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description uses specific verb 'Get' and resource 'historical EPSS time series' for a CVE, and distinguishes from sibling tool 'vulnerability_score' which provides only current score. Clearly states the tool's function and scope.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicitly states when to use (trend analysis, historical comparison) and when not (current score → use vulnerability_score). Also provides guidance for multiple CVEs and malformed inputs.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
feed_reportAInspect
Run a public ZEN SecDB feed report.
What this tool does
Executes a predefined report on ZEN SecDB public feed data and returns structured results for analytics, trends, distributions, and top-N summaries.
Supported reports can cover public datasets such as:
CVEs
security advisories
EPSS
weaknesses
CPE vendors and products
exploit references
sightings and IOC-related data
Use feed_report_catalog to discover the list of available reports and their supported input parameters.
When to use this tool
Use this tool when the user asks about:
distributions, trends, or counts across public vulnerability data
top CVEs, top weaknesses, top vendors, or similar rankings
timeline-based summaries such as yearly or monthly trends
aggregated views over public SecDB feed data
Do not use this tool when the user asks for details about a single CVE, advisory, or exploit. Use the dedicated lookup tools instead.
Inputs
report_id: identifier of the report to execute
filters: optional object with report-specific filters
limit: optional maximum number of results to return, when supported by the selected report
Outputs
summary: Optional Markdown summary of the report results
report: structured JSON object containing:
report_id: executed report identifierfilters: applied filtersdata: structured report rows or aggregated values
LLM usage guidelines
Use
feed_report_catalogwhen you need to discover which public reports are available or which parameters they support.Do not guess report IDs-use the catalog when uncertain.
Present
summarydirectly to the user-it is already Markdown.Use
reportfor structured follow-up analysis, comparisons, or tool chaining.If the selected report does not exist, return a clear not-found error instead of guessing an alternative.
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | optional maximum number of results to return, when supported by the selected report | |
| filters | No | optional object with report-specific filters | |
| report_id | Yes | identifier of the report to execute |
Output Schema
| Name | Required | Description |
|---|---|---|
| data | Yes | structured report rows or aggregated values |
| filters | No | optional JSON schema describing supported input parameters |
| summary | No | Optional Markdown summary of the report results |
| report_id | Yes | executed report identifier |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description must carry the full burden. It explains that executing a report returns structured results with a summary and data, and notes that it covers public datasets. It also gives error-handling instructions (return not-found error for invalid report IDs). However, it does not explicitly state that the tool is read-only or that it has no side effects, which would be beneficial. The description is still strong, hence a 4.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-organized into clear sections ('What this tool does', 'When to use', 'Inputs', 'Outputs', 'LLM usage guidelines') and is front-loaded with the main purpose. It is concise enough for the complexity, though could be slightly trimmed. Every sentence adds value, earning a 4.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's complexity (executing reports with filters, limit, and structured output), the description covers purpose, usage, inputs, outputs, and error handling. It references 'feed_report_catalog' for discovery and provides clear output structure. The presence of an output schema means detailed return values need not be explained, but the overview is sufficient. The description is complete for an agent to use this tool correctly.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100% (all three parameters have descriptions in the schema). The description's 'Inputs' section repeats those descriptions without adding new meaning. According to the rubric, when coverage is high, the baseline is 3, and no extra value is added here.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The tool name 'feed_report' is clearly explained: it runs a public ZEN SecDB feed report. The description lists supported datasets (CVEs, advisories, etc.) and explicitly distinguishes from sibling tools by directing users to 'feed_report_catalog' for discovery and to dedicated lookup tools for single CVE/advisory details. The purpose is specific, with a clear verb-resource relationship.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit when-to-use scenarios (distributions, trends, top-N, aggregated views) and when-not-to-use (single CVE/advisory details, with alternatives). It also instructs to use 'feed_report_catalog' to discover available reports and to not guess report IDs. This gives clear guidance for tool selection.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
feed_report_catalogAInspect
List available public ZEN SecDB feed reports.
What this tool does
Returns the catalog of available ZEN SecDB public feed reports, including their identifiers, descriptions, and supported input parameters.
This tool helps discover which reports can be executed through feed_report.
When to use this tool
Use this tool when:
the user asks what public reports are available
you need to discover the correct report ID before running a report
you need to inspect supported filters or input parameters
you are unsure which report best matches the user request
Inputs
This tool does not require any input.
Outputs
reports: array of report definitions, each containing:
report_id: report identifiertitle: human-readable report titledescription: short explanation of what the report returnsinput_schema: optional JSON schema describing supported input parameters
LLM usage guidelines
Use this tool before
feed_reportwhenever the correct report ID or supported parameters are not already known.Do not invent report IDs or parameters not present in the catalog.
Prefer the most specific matching report for the user request.
When useful, briefly summarize the most relevant available reports before calling
feed_report.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
Output Schema
| Name | Required | Description |
|---|---|---|
| reports | No |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
While no annotations exist, the description covers output format, zero input requirement, and LLM usage guidelines. It is a read‑only catalog operation, though rate limits or idempotency are not mentioned – not critical here.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Structured with headings and clear sections; every sentence adds value. Slightly verbose but still efficient for the level of detail provided.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given zero parameters and no annotations, the description fully covers purpose, usage, output schema, and LLM guidelines – no gaps remain.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
No parameters exist; description confirms no input needed and elaborates on output fields, exceeding the baseline of 4 for zero‑parameter tools.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool lists available public ZEN SecDB feed reports, using specific verb-resource (list catalog) and distinguishes from sibling feed_report.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicit when-to-use (discover report IDs, inspect filters, unsure which report) and when-not (do not invent IDs), with direct reference to sibling feed_report.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
linux_auditAInspect
Perform a Linux package vulnerability audit using SecDB.
What this tool does
Analyzes the installed packages of a Linux system-identified by OS and OS version-and returns vulnerability information plus a Markdown summary. The audit results are based exclusively on the package list provided by the user.
When to use this tool
Use this tool when the user wants to determine:
whether installed packages contain known vulnerabilities
whether a host, VM, container, or base image is affected by security advisories
which packages require patching or upgrading
If the user does not know the valid values for os or version, first call the linux_os tool to retrieve the exact supported combinations.
Inputs
os: Linux distribution identifier supported by SecDB (use
linux_osto obtain allowed values).version: OS version or codename corresponding to the selected distribution.
packages: list of installed packages, one per line, generated using the appropriate system command:
For RPM-based distributions (RHEL, CentOS, Rocky, Alma, SUSE)
rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n'For DEB-based distributions (Ubuntu, Debian)
dpkg-query -W -f='${Package} ${Version} ${Architecture}\n'For Alpine Linux
apk list -IThe raw output of these commands can be passed directly as the packages input (one package per line).
...
python3 3.12.3-0ubuntu2.1 amd64
systemd 255.4-1ubuntu8.10 amd64
tmux 3.4-1ubuntu0.1 amd64
...Outputs
report: structured objects describing the advisories affecting the audited packages.
summary: Markdown summary including total vulnerabilities, severity breakdown, and key findings.
LLM usage guidelines
Never guess whether a package is vulnerable-always call this tool for Linux audits.
If
osorversionis unclear or missing, calllinux_osand ask the user to choose a valid combination.Normalize the package list to “one entry per line” if the user provides unstructured output.
The
summaryis already Markdown and can be shown directly.Use
reportwhen deeper technical analysis is required.
| Name | Required | Description | Default |
|---|---|---|---|
| os | Yes | Linux distribution identifier supported by SecDB (use `linux_os` to obtain allowed values) | |
| version | Yes | OS version or codename corresponding to the selected distribution | |
| packages | Yes | list of installed packages, **one per line**, generated using the appropriate system command |
Output Schema
| Name | Required | Description |
|---|---|---|
| report | No | |
| summary | No | Markdown summary including total vulnerabilities, severity breakdown, and key findings |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so the description carries full burden. It clearly states that results are based exclusively on the provided package list (not scanning the system). It describes the two outputs (report and summary). It does not mention auth, rate limits, or error scenarios, but for this tool, the key behavioral trait is that it's a static analysis of a user-provided list, which is well communicated.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with clear sections (What this tool does, When to use, Inputs, Outputs, LLM usage guidelines). It is somewhat lengthy but includes necessary details like package listing commands. Every section earns its place, though minor redundancy exists (e.g., the input section repeats the commands). Front-loaded with purpose.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the complexity of the tool with 3 parameters, a clear input format requirement, and output schemas (not shown but indicated), the description covers all necessary aspects: purpose, usage, input details with examples, output types, and LLM guidelines. It does not need to explain return values in detail since there is an output schema. 'Contextual Completeness' is fully satisfied.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100%, so baseline is 3. The description adds significant value: for 'os', it explains to use linux_os to get valid values; for 'packages', it provides exact shell commands for RPM-based, DEB-based, and Alpine distributions, and shows an example of the expected format. This goes well beyond the schema definitions.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description starts with a clear verb+resource: 'Perform a Linux package vulnerability audit using SecDB.' It specifies analyzing installed packages and returning vulnerability info and a Markdown summary. It distinguishes from siblings like purl_audit (which likely uses PURLs) and linux_os (which provides OS values).
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description includes a 'When to use this tool' section that lists specific use cases. It also provides 'LLM usage guidelines' with explicit instructions: never guess vulnerabilities, call linux_os if os/version unknown, normalize package list, and use report for deeper analysis. It tells when to call a sibling tool (linux_os) to get valid inputs.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
linux_osAInspect
List supported Linux operating systems and their corresponding versions for use with the linux_audit tool.
What this tool does
Returns an array of supported OS/version pairs, each in the form:
{"os":"name", "versions":["version or codename"]}This allows the LLM and the user to know exactly which inputs are valid for the linux_audit tool.
When to use this tool
Use this tool when:
the user does not know which OS names or versions are supported
the user provides unclear or ambiguous OS information
you need to validate
os/versionbefore performing a Linux audit
This tool should typically be called before linux_audit whenever parameters are uncertain.
Inputs
This tool does not require any input.
Outputs
Returns an array of objects:
os: supported Linux distribution identifier
versions: corresponding list of supported release or codename
Example:
[
{"os": "ubuntu", "versions": ["noble","focal"]},
{"os": "debian", "versions": ["bookworm","sid"]},
{"os": "redhat", "version": ["redhat-9.0"]}
]LLM usage guidelines
Use this tool to validate or suggest correct OS/version combinations before calling
linux_audit.If the user provides invalid or misspelled OS names, retrieve the official list here and ask them to select one.
Do not guess operating system identifiers-always rely on this tool to confirm correctness.
| Name | Required | Description | Default |
|---|---|---|---|
No parameters | |||
Output Schema
| Name | Required | Description |
|---|---|---|
| supported | No |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
Describes that the tool returns an array of OS/version objects with no side effects. Despite no annotations, it fully discloses behavior: it is a read-only retrieval tool. No contradictions noted.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with clear sections (what, when, inputs, outputs, LLM guidelines). Every sentence adds value, no redundancy, front-loaded with purpose.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the simplicity (no params, no nested objects) and presence of an output schema, the description fully covers all necessary information for correct invocation and understanding of results.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
No parameters required, so baseline is 4. The description adds value by explaining the output format in detail, which compensates for the lack of params.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states that the tool lists supported Linux OS versions for use with linux_audit. It uses specific verb 'list' and resource 'supported Linux OS versions', and distinguishes itself from siblings by being a prerequisite for linux_audit.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Provides explicit guidance on when to use (user doesn't know OS names/versions, unclear info, need validation) and when to call (before linux_audit). It also advises not to guess and to confirm correctness using this tool.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
purl_auditAInspect
Perform a software package vulnerability audit using SecDB.
What this tool does
Analyzes a list of software packages identified by PURL (Package URL) and returns vulnerability information plus a Markdown summary. The audit results are based exclusively on the package list provided.
When to use this tool
Use this tool when the user wants to determine:
whether application dependencies contain known vulnerabilities
whether a project is affected by security advisories
which packages require patching or upgrading
Supported ecosystems
npm - Node.js packages (e.g. pkg:npm/lodash@4.17.21)
maven - Java/JVM packages (e.g. pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1)
pypi - Python packages (e.g. pkg:pypi/django@4.2.0)
gem - Ruby gems (e.g. pkg:gem/rails@7.0.0)
cargo - Rust crates (e.g. pkg:cargo/openssl-src@111.10)
nuget - .NET packages (e.g. pkg:nuget/Newtonsoft.Json@13.0.1)
golang - Go modules (e.g. pkg:golang/github.com/gin-gonic/gin@1.9.1)
composer - PHP packages (e.g. pkg:composer/symfony/symfony@6.4.0)
Inputs
purls: list of Package URLs, one per entry. Generate them from your project manifest files:
Node.js: package.json / package-lock.json
Python: requirements.txt / Pipfile.lock / pyproject.toml
Ruby: Gemfile.lock
Go: go.mod / go.sum
Rust: Cargo.lock
PHP: composer.lock
Java: pom.xml / build.gradle
.NET: *.csproj / packages.lock.json
Outputs
report: structured JSON objects describing the advisories affecting the audited packages.
summary: Markdown summary including total vulnerabilities, severity breakdown, and key findings.
LLM usage guidelines
Never guess whether a package is vulnerable — always call this tool.
Only submit PURLs from the supported ecosystems listed above; others will be ignored.
The
summaryis already Markdown and can be shown directly.Use
reportwhen deeper technical analysis is required.
| Name | Required | Description | Default |
|---|---|---|---|
| purls | Yes | List of Package URLs (PURL) to audit |
Output Schema
| Name | Required | Description |
|---|---|---|
| report | No | |
| summary | No | Markdown summary including total vulnerabilities, severity breakdown, and key findings |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It describes inputs (list of PURLs), outputs (report JSON, markdown summary), and supported ecosystems, but does not explicitly mention non-obvious aspects like idempotency or rate limits. However, it is sufficiently transparent for a read-only audit tool.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with sections and bullet points, making it easy to scan. It is relatively long but every section serves a purpose; it could be slightly more concise without losing clarity.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the complexity (multiple ecosystems, input generation, output usage), the description is complete. It covers all needed context: when to use, how to prepare inputs, what outputs to expect, and how to interpret them. The presence of an output schema is noted but the description already explains outputs adequately.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% for the single parameter 'purls'. The description adds extensive context: PURL format per ecosystem, how to generate them from manifest files, and the requirement to only submit supported ecosystems, far exceeding the schema's brief description.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly specifies the tool's action: 'Perform a software package vulnerability audit using SecDB.' It names the resource (software packages by PURL) and distinguishes from siblings like linux_audit or vulnerability_info by focusing on PURL-based auditing.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
It provides explicit guidance on when to use the tool (determining vulnerabilities, advisories, patching needs) and includes detailed input generation instructions per ecosystem. It also advises against guessing and clarifies when to use report vs summary.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
sightings_searchAInspect
Search real-world vulnerability sightings in SecDB.
What this tool does
Retrieves information about where and how a vulnerability appears in the real world, including:
Exploit-DB, Metasploit modules, PoCs
Scanner plugins (Nessus, OpenVAS/Greenbone)
Vendor advisories
Social/media references (Reddit, Mastodon, Bluesky)
MISP threat-intel sightings
When to use this tool
Use this tool when the user asks:
"Is this CVE exploited in the wild?"
"Is there a PoC or exploit available?"
"Does Nessus or OpenVAS have a plugin for this CVE?"
"Is this vulnerability being discussed online?"
"Show me all advisories/exploits for this CVE/product."
Inputs
Any of the following may be used:
cve_id: search by specific CVE
query: full-text search (name, product, advisory ID, exploit reference, etc.)
category: filter sightings by type (e.g.,
exploit,nasl,advisory,scanner,poc,social,misp)status: filter by sighting state (
exploited,mitigated,seen,confirmed, etc.)
Outputs
Returns an array of sightings, typically containing:
cve_idstatuscategoryreferencedetails(object with additional structured data)
LLM usage guidelines
Use
cve_idwhen the question targets a specific vulnerability.Use
queryfor broad or exploratory searches.Only use valid enum values for
categoryandstatus.Use this tool instead of assuming exploitation, PoCs, or plugin availability.
| Name | Required | Description | Default |
|---|---|---|---|
| query | No | Full-text-search for vulnerability name, CVE ID or Advisory ID, categories, etc. | |
| cve_id | No | CVE identification (CVE-YYYY-NNNN) | |
| status | No | Sighting status | |
| category | No | Sighting category (scanner, exploit, advisory, nasl, etc.) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It describes the search behavior and output structure, and implies read-only access. While it does not explicitly state 'read-only' or non-destructive nature, the context suggests it is a safe query tool. No contradictions.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with clear sections (What, When, Inputs, Outputs, Guidelines). It is slightly verbose but every section adds value. It could be trimmed slightly without losing meaning.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool has 4 parameters, no required params, and no output schema, the description is exceptionally complete. It explains all inputs, typical outputs, and provides usage guidance. It covers both what the tool does and how to use it effectively.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with descriptions for all 4 parameters. The description adds meaning by explaining the purpose of each parameter, giving real-world examples (e.g., category values like 'exploit', 'nasl') and recommending when to use cve_id vs query. This added context goes beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool searches for real-world vulnerability sightings, listing specific types (exploit-db, metasploit, Nessus, etc.). It distinguishes itself from siblings like vulnerability_search (which likely focuses on vulnerability metadata) and epss_timeseries (threat scoring).
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit 'When to use this tool' section with example questions and LLM usage guidelines. It advises when to use cve_id vs query. However, it does not explicitly state when not to use the tool or mention alternatives among siblings.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
ssvc_calculatorAInspect
Compute CISA SSVC (Stakeholder-Specific Vulnerability Categorization) for a CVE.
What this tool does
Calculates the SSVC decision (Track, Track*, Attend, Act) using:
exploitation status
technical impact
automatable exploitation
mission prevalence (user-provided)
public well-being impact (user-provided)
This reflects CISA's official SSVC prioritization model.
When to use this tool
Use this tool when the user asks about:
how urgently a CVE should be remediated
CISA SSVC priority or risk category
a structured decision model for remediation
Inputs
cve_id: the vulnerability to evaluate (
CVE-YYYY-NNNNN)mission_prevalence:
M,S, orE(must be provided by the user)public_well_being_impact:
M,A, orI(must be provided by the user)
Outputs
decision: one of Track, Track*, Attend, Actexploitationtechnical_impactautomatablemission_prevalencepublic_well_being_impactmission_and_well_being_impact_valuevector_stringsummary: Markdown explanation of the outcome
LLM usage guidelines
Always ask the user for mission_prevalence (M/S/E) and public_well_being_impact (M/A/I) before calling.
Never guess these values—SSVC depends on user context.
Use the
summaryto explain clearly why the decision was returned.Combine with
vulnerability_scoreorsightings_searchif the user needs additional context.
| Name | Required | Description | Default |
|---|---|---|---|
| cve_id | Yes | CVE ID | |
| mission_prevalence | Yes | # Mission Prevalence A mission essential function (MEF) is a function directly related to accomplishing the organization's mission as set forth in its statutory or executive charter. Identifying MEFs is part of business continuity planning or crisis planning. In contrast to non-essential functions, an organization must perform a [MEF] during a disruption to normal operations. The mission is the reason an organization exists, and MEFs are how that mission is realized. Non- essential functions support the smooth delivery or success of MEFs rather than directly supporting the mission. ## Possible values - "M" or "Minimal" Neither support nor essential apply. The vulnerable component may be used within the entities, but it is not used as a mission-essential component, nor does it provide impactful support to mission-essential functions. - "S" or "Support" The vulnerable component only supports MEFs for two or more entities. - "E" or "Essential" The vulnerable component directly provides capabilities that constitute at least one MEF for at least one entity; component failure may (but does not necessarily) lead to overall mission failure. ## Instructions for LLM Ask the user for the "Mission Prevalence" value before calling the tool. | |
| public_well_being_impact | Yes | # Public Well-being Impact ## Possible values - "M" or "Minimal" **Type of Harm -> All**, The effect is below the threshold for all aspects described in material. - "A" or "Material" **Type of Harm -> Physical harm**, Does one or more of the following: - Causes physical distress or injury to system users. - Introduces occupational safety hazards. - Reduces and/or results in failure of cyber-physical system safety margins. **Type of Harm -> Environment**, Major externalities (property damage, environmental damage, etc.) are imposed on other parties. **Type of Harm -> Financial**, Financial losses likely lead to bankruptcy of multiple persons. **Type of Harm -> Psychological**, Widespread emotional or psychological harm, sufficient to necessitate counseling or therapy, impact populations of people. - "I" or "Irreversible" **Type of Harm -> Physical harm**, One or both of the following are true: - Multiple fatalities are likely. - The cyber-physical system, of which the vulnerable component is a part, isl ikely lost or destroyed. **Type of Harm -> Environment**, Extreme or serious externalities (immediate public health threat, environmental damage leading to small ecosystem collapse, etc.) are imposed on other parties. **Type of Harm -> Financial**, Social systems (elections, financial grid, etc.) supported by the software are destabilized and potentially collapse. **Type of Harm -> Psychological N/A ## Instructions for LLM Ask the user for the "Public Well-being Impact" value before calling the tool. |
Output Schema
| Name | Required | Description |
|---|---|---|
| summary | No | Summary |
| decision | Yes | Decision |
| automatable | Yes | Automatable |
| exploitation | Yes | State of Exploitation (Evidence of Active Exploitation of a Vulnerability) |
| vector_string | Yes | SSVC Vector String |
| technical_impact | Yes | Technical Impact (Technical Impact of Exploiting the Vulnerability) |
| mission_prevalence | Yes | Mission Prevalence (Impact on Mission Essential Functions of Relevant Entities) |
| public_well_being_impact | Yes | Public Well-being Impact |
| mission_and_well_being_impact_value | Yes | Mission and Well-Being Impact Value |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It comprehensively explains the tool's behavior: what it calculates (decision using four factors), which inputs are user-provided vs automatically looked up, the output fields including a Markdown summary, and the need for user-provided context. No behavioral details are omitted or contradicted.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with clear sections (What, When, Inputs, Outputs, LLM guidelines). It is appropriately sized for the complexity, with every sentence contributing useful information. The most critical information (purpose and when to use) is front-loaded.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's complexity (SSVC decision model with multiple inputs and outputs), the description is remarkably complete. It covers the decision logic, all input constraints, output fields, and usage best practices. Since an output schema exists (true), the explanation of return values is sufficient without deep schema details.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema description coverage is 100%, with detailed descriptions and LLM instructions already in the schema. The tool description's 'Inputs' section restates parameter names and notes they must be user-provided, which adds minimal semantic value beyond the schema. A score of 3 is appropriate for baseline when schema covers parameters thoroughly.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states that the tool computes CISA SSVC for a CVE, specifying the exact verb ('Compute') and resource ('CISA SSVC'). It distinguishes from sibling tools by focusing on SSVC prioritization, which is unique among tools like vulnerability_score or vulnerability_search.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description includes a dedicated 'When to use this tool' section with specific query triggers. It provides explicit instructions for the AI: always ask the user for mission_prevalence and public_well_being_impact, never guess these values, and consider combining with other tools. This provides clear guidance on when and how to use the tool versus alternatives.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
vulnerability_infoAInspect
Get detailed information about a specific CVE.
What this tool does
Retrieves the full vulnerability record for a CVE from SecDB, including:
official description and summary
CVSS metrics (all versions available)
EPSS metadata (if present)
affected products and versions
vendor/security advisories
references and upstream sources
weakness classification (CWE)
exploit and patch information (if included in the record)
All information is returned in a structured Markdown format suitable for direct display.
When to use this tool
Use this tool when the user asks:
"Give me details about CVE-XYZ."
"Which products are affected by this vulnerability?"
"Show me advisories or references for this CVE."
"Explain what this vulnerability is and how serious it is."
This tool is ideal for deep inspection of a single vulnerability. For multiple CVEs, call the tool once per CVE.
Inputs
cve_id: valid CVE identifier (
CVE-YYYY-NNNNN).
Outputs
Markdown-formatted vulnerability information including:
detailed description
severity metrics (CVSS, vectors)
affected products list
advisory list
references
weakness (CWE) details
additional structured metadata from SecDB
LLM usage guidelines
Always prefer this tool when the user needs factual information about a specific CVE.
If multiple CVEs are mentioned, call the tool once per CVE.
Combine with:
vulnerability_score- to enrich output with numerical CVSS/EPSS metricssightings_search- to check real-world exploitation, PoCs, plugins, advisoriesssvc_calculator- to compute prioritization based on the vulnerability data
Do not hallucinate product lists, advisories, or details—use what the tool returns.
| Name | Required | Description | Default |
|---|---|---|---|
| cve_id | Yes | CVE identification (CVE-YYYY-NNNNN) |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations are provided, so the description carries the full burden. It describes the output format (Markdown) and lists fields returned, adequately conveying that it is a read-only retrieval without side effects.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with clear sections and bullet points, front-loading the core purpose. It is slightly verbose but all sentences serve a purpose, making it easy to scan.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Despite having no output schema and no annotations, the description thoroughly explains inputs, outputs, usage scenarios, and integration with sibling tools, fully covering what an agent needs to correctly invoke the tool.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The input schema already describes the single parameter fully (100% coverage). The description adds only the word 'valid' for the CVE identifier, which is minimal extra value beyond the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool retrieves detailed information about a specific CVE, listing specific data fields. It distinguishes from sibling tools by emphasizing deep inspection of a single vulnerability and suggesting combinations with other tools like vulnerability_score and sightings_search.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description provides explicit when-to-use scenarios with example user queries, instructions to call once per CVE, and suggestions for combining with sibling tools. It lacks explicit when-not-to-use statements but implies limitations for bulk queries.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
vulnerability_scoreAInspect
Get CVSS and current EPSS score for a specific CVE.
What this tool does
Returns a full risk snapshot for a CVE, including:
CVSS version
CVSS base score
CVSS severity
CVSS vector string
human-readable explanation of the CVSS vector
current EPSS score
The field cvss_explain provides a natural-language interpretation of the CVSS vector (attack conditions, privileges, user interaction, impact breakdown).
Example:
For CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, the explanation may read:
"The vulnerability can be exploited remotely over the network with low complexity,
without authentication and without user interaction. Exploitation may lead to high
impact on confidentiality, high impact on integrity, and high impact on availability."
When to use this tool
Use this tool when the user asks:
"What is the CVSS/EPSS of this CVE?"
"Explain the CVSS vector of this vulnerability."
"What is the severity and why?"
"Give me the risk profile for this CVE."
For EPSS historical trends, use epss_timeseries.
Inputs
cve_id: valid CVE identifier (
CVE-YYYY-NNNNN).
Outputs
cvss_versioncvss_base_scorecvss_base_severitycvss_vector_stringcvss_explain- human-readable explanation of the CVSS vectorepss_score
LLM usage guidelines
Never guess CVSS or EPSS values—always call this tool.
Use the
cvss_explainfield directly when the user wants an interpretation of the vector string.If multiple CVEs are referenced, call the tool once per CVE.
Combine this tool with
sightings_searchorssvc_calculatorfor more complete risk assessments.
| Name | Required | Description | Default |
|---|---|---|---|
| cve_id | Yes | CVE identification (CVE-YYYY-NNNNN) |
Output Schema
| Name | Required | Description |
|---|---|---|
| epss_score | Yes | EPSS score |
| cvss_explain | No | Explain CVSS |
| cvss_version | Yes | CVSS version |
| cvss_base_score | Yes | CVSS base score |
| cvss_base_severity | Yes | CVSS base severity |
| cvss_vector_string | Yes | CVSS vector string |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
No annotations provided, so description carries full burden. It fully explains the output fields and includes example usage. However, it does not mention authentication, rate limits, or any side effects, though given the tool's nature, these are likely minimal.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
Well-structured with separate sections for description, usage guidelines, inputs, outputs, and LLM usage guidelines. Includes clear examples and bullet points; no extraneous content.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the simple one-parameter tool with a detailed output schema, the description is fully complete. It covers when to use, input format, output details, and example usage, leaving no gaps.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
The schema already covers the single parameter `cve_id` with 100% coverage. The description adds format specification (CVE-YYYY-NNNNN) and usage context, providing marginal extra value over the schema.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool retrieves CVSS and EPSS scores for a specific CVE, with strong differentiation from siblings like `epss_timeseries` and `vulnerability_info`.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
Explicitly lists when to use (e.g., 'What is the CVSS/EPSS of this CVE?') and when not to (e.g., for EPSS historical trends, use `epss_timeseries`). Also provides LLM usage guidelines and tool combination suggestions.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
vulnerability_searchAInspect
Perform a full-text vulnerability search in SecDB.
What this tool does
Searches across:
CVE entries
Security advisories
Exploit references
Product and vendor vulnerability data
Results are formatted in Markdown and include a search summary.
When to use this tool
Use this tool when the user asks:
to look up a CVE, advisory, exploit, or product
"show vulnerabilities for X"
"search for advisories about Y"
exploratory or broad vulnerability discovery
Inputs
query: free-text search term (CVE ID, advisory ID, product name, exploit name, vendor, keyword, etc.)
Outputs
results: array of Markdown-formatted search hits
summary: Markdown summary with counts and a link to continue searching on SecDB
LLM usage guidelines
Use this tool instead of assuming whether a CVE/advisory/exploit exists.
Present
resultsandsummarydirectly to the user-they are already Markdown.Combine with
vulnerability_score,epss_timeseries, orsightings_searchfor deeper analysis.
| Name | Required | Description | Default |
|---|---|---|---|
| query | Yes | CVE ID, vulnerability name, Advisory ID, Exploit, etc. |
Output Schema
| Name | Required | Description |
|---|---|---|
| results | No | |
| summary | No | Search summary with found records (ID) and link for continue the search on SecDB |
Tool Definition Quality
Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?
With no annotations provided, the description carries the full burden. It discloses that results are Markdown-formatted, includes a summary, and searches full-text across multiple data sources. However, it does not mention result limits, pagination, authentication requirements, or whether the tool is read-only, leaving some behavioral gaps.
Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.
Is the description appropriately sized, front-loaded, and free of redundancy?
The description is well-structured with clear headings, bullet points, and sections (What, When, Inputs, Outputs, LLM guidelines). It is appropriately detailed without being verbose, though slightly longer than minimal.
Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.
Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?
Given the tool's complexity (search across multiple vulnerability-related resources) and the presence of an output schema (expected but not shown), the description covers inputs, outputs, and usage context. It mentions combining with other tools, making it complete for most use cases.
Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.
Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?
Schema coverage is 100% with one parameter (query) described. The description adds value by explaining it is a free-text search term and listing examples (CVE ID, advisory ID, product name, etc.), which goes beyond the schema description.
Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.
Does the description clearly state what the tool does and how it differs from similar tools?
The description clearly states the tool performs a full-text vulnerability search in SecDB and lists specific resources searched (CVE, advisories, exploits, product/vendor data). It effectively distinguishes from sibling tools like vulnerability_info, vulnerability_score, epss_timeseries, and sightings_search through usage guidelines.
Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.
Does the description explain when to use this tool, when not to, or what alternatives exist?
The description explicitly provides 'When to use this tool' with concrete examples (look up CVE, advisory, exploit, product; search for advisories; exploratory discovery). It also advises combining with other tools for deeper analysis. It lacks explicit 'when not to use' statements, but the guidance is clear.
Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.
Claim this connector by publishing a /.well-known/glama.json file on your server's domain with the following structure:
{
"$schema": "https://glama.ai/mcp/schemas/connector.json",
"maintainers": [{ "email": "your-email@example.com" }]
}The email address must match the email associated with your Glama account. Once published, Glama will automatically detect and verify the file within a few minutes.
Control your server's listing on Glama, including description and metadata
Access analytics and receive server usage reports
Get monitoring and health status updates for your server
Feature your server to boost visibility and reach more users
For users:
Full audit trail – every tool call is logged with inputs and outputs for compliance and debugging
Granular tool control – enable or disable individual tools per connector to limit what your AI agents can do
Centralized credential management – store and rotate API keys and OAuth tokens in one place
Change alerts – get notified when a connector changes its schema, adds or removes tools, or updates tool definitions, so nothing breaks silently
For server owners:
Proven adoption – public usage metrics on your listing show real-world traction and build trust with prospective users
Tool-level analytics – see which tools are being used most, helping you prioritize development and documentation
Direct user feedback – users can report issues and suggest improvements through the listing, giving you a channel you would not have otherwise
The connector status is unhealthy when Glama is unable to successfully connect to the server. This can happen for several reasons:
The server is experiencing an outage
The URL of the server is wrong
Credentials required to access the server are missing or invalid
If you are the owner of this MCP connector and would like to make modifications to the listing, including providing test credentials for accessing the server, please contact support@glama.ai.
Discussions
No comments yet. Be the first to start the discussion!