WireMCP

Instructions

Implementation Reference

• index.js:256-297 (handler)

  The main handler function for the 'check_ip_threats' tool. It takes an IP address, fetches the latest IP blacklist from URLhaus using axios, parses it for IPv4 addresses, checks if the input IP is listed, and returns a text response indicating if it's a threat.
  async (args) => { try { const { ip } = args; console.error(`Checking IP ${ip} against URLhaus blacklist`); const urlhausUrl = 'https://urlhaus.abuse.ch/downloads/text/'; console.error(`Fetching URLhaus blacklist from ${urlhausUrl}`); let urlhausData; let isThreat = false; try { const response = await axios.get(urlhausUrl); console.error(`URLhaus response status: ${response.status}, length: ${response.data.length} chars`); console.error(`URLhaus raw data (first 200 chars): ${response.data.slice(0, 200)}`); const ipRegex = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/; urlhausData = [...new Set(response.data.split('\n') .map(line => { const match = line.match(ipRegex); return match ? match[0] : null; }) .filter(ip => ip))]; console.error(`URLhaus lookup successful: ${urlhausData.length} blacklist IPs fetched`); console.error(`Sample URLhaus IPs: ${urlhausData.slice(0, 5).join(', ') || 'None'}`); isThreat = urlhausData.includes(ip); console.error(`IP ${ip} checked against URLhaus: ${isThreat ? 'Threat found' : 'No threat found'}`); } catch (e) { console.error(`Failed to fetch URLhaus data: ${e.message}`); urlhausData = []; } const outputText = `IP checked: ${ip}\n\n` + `Threat check against URLhaus blacklist:\n${ isThreat ? 'Potential threat detected in URLhaus blacklist.' : 'No threat detected in URLhaus blacklist.' }`; return { content: [{ type: 'text', text: outputText }], }; } catch (error) { console.error(`Error in check_ip_threats: ${error.message}`); return { content: [{ type: 'text', text: `Error: ${error.message}` }], isError: true }; } }
• index.js:253-255 (schema)

  The Zod input schema for the tool, validating a single 'ip' parameter as an IPv4 address.
  { ip: z.string().regex(/\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/).describe('IP address to check (e.g., 192.168.1.1)'), },
• index.js:250-298 (registration)

  Registers the 'check_ip_threats' tool on the MCP server using server.tool(), including name, description, schema, and handler function.
  server.tool( 'check_ip_threats', 'Check a given IP address against URLhaus blacklist for IOCs', { ip: z.string().regex(/\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/).describe('IP address to check (e.g., 192.168.1.1)'), }, async (args) => { try { const { ip } = args; console.error(`Checking IP ${ip} against URLhaus blacklist`); const urlhausUrl = 'https://urlhaus.abuse.ch/downloads/text/'; console.error(`Fetching URLhaus blacklist from ${urlhausUrl}`); let urlhausData; let isThreat = false; try { const response = await axios.get(urlhausUrl); console.error(`URLhaus response status: ${response.status}, length: ${response.data.length} chars`); console.error(`URLhaus raw data (first 200 chars): ${response.data.slice(0, 200)}`); const ipRegex = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/; urlhausData = [...new Set(response.data.split('\n') .map(line => { const match = line.match(ipRegex); return match ? match[0] : null; }) .filter(ip => ip))]; console.error(`URLhaus lookup successful: ${urlhausData.length} blacklist IPs fetched`); console.error(`Sample URLhaus IPs: ${urlhausData.slice(0, 5).join(', ') || 'None'}`); isThreat = urlhausData.includes(ip); console.error(`IP ${ip} checked against URLhaus: ${isThreat ? 'Threat found' : 'No threat found'}`); } catch (e) { console.error(`Failed to fetch URLhaus data: ${e.message}`); urlhausData = []; } const outputText = `IP checked: ${ip}\n\n` + `Threat check against URLhaus blacklist:\n${ isThreat ? 'Potential threat detected in URLhaus blacklist.' : 'No threat detected in URLhaus blacklist.' }`; return { content: [{ type: 'text', text: outputText }], }; } catch (error) { console.error(`Error in check_ip_threats: ${error.message}`); return { content: [{ type: 'text', text: `Error: ${error.message}` }], isError: true }; } } );