Have I Been Pwned MCP Server

Overview Inspect Schema Related Servers Score Discussions

list_all_breaches

Retrieve a comprehensive list of all data breaches stored in the system, optionally filtered by domain, to identify potential security risks to your accounts.

Instructions

List all breaches in the system

Input Schema

TableJSON Schema

Name	Required	Description	Default
`domain`	No	Filter breaches by domain

Implementation Reference

src/index.ts:408-464 (handler)
The handler function for the 'list_all_breaches' tool. It calls the HIBP API endpoint '/breaches' with optional domain filter, processes the response by sorting breaches by date, formats a detailed text summary, and returns it as MCP content.
/** * Handle the list_all_breaches tool */ private async handleListAllBreaches(args: any) { const params: Record<string, any> = {}; if (args && args.domain) { params.domain = args.domain; } const response = await this.axiosInstance.get("/breaches", { params }); if (!response.data || response.data.length === 0) { return { content: [ { type: "text", text: args && args.domain ? `No breaches found for domain: ${args.domain}` : "No breaches found in the system.", }, ], }; } const breaches = response.data; // Format the breach list for better readability let summary = args && args.domain ? `Found ${breaches.length} breaches for domain ${args.domain}:\n\n` : `Found ${breaches.length} breaches in the system:\n\n`; // Sort breaches by date (newest first) breaches.sort((a: any, b: any) => { return new Date(b.BreachDate).getTime() - new Date(a.BreachDate).getTime(); }); breaches.forEach((breach: any, index: number) => { summary += `${index + 1}. ${breach.Name} (${breach.BreachDate})\n`; summary += ` Domain: ${breach.Domain}\n`; summary += ` Accounts affected: ${breach.PwnCount.toLocaleString()}\n`; summary += ` Compromised data: ${breach.DataClasses.join(", ")}\n`; if (index < breaches.length - 1) { summary += "\n"; } }); return { content: [ { type: "text", text: summary, }, ], }; }
src/index.ts:135-143 (schema)
The input schema for the 'list_all_breaches' tool, defining an optional 'domain' string parameter to filter breaches.
inputSchema: { type: "object", properties: { domain: { type: "string", description: "Filter breaches by domain", }, }, },
src/index.ts:132-144 (registration)
Registration of the 'list_all_breaches' tool in the ListTools response, including name, description, and input schema.
{ name: "list_all_breaches", description: "List all breaches in the system", inputSchema: { type: "object", properties: { domain: { type: "string", description: "Filter breaches by domain", }, }, }, },
src/index.ts:171-172 (registration)
Registration in the CallToolRequestSchema switch statement, dispatching 'list_all_breaches' calls to the handleListAllBreaches method.
case "list_all_breaches": return await this.handleListAllBreaches(request.params.arguments);

This server cannot be installed

Other Tools

Related Tools

get_breach_details
@Cyreslab-AI/hibp-mcp-server
search_vulnerabilities
@firetix/vulnerability-intelligence-mcp-server
list_exploitations
@malloryai/mallory-mcp-server
vul_vendor_product_cve
@roadwy/cve-search_mcp
cve_lookup
@firetix/vulnerability-intelligence-mcp-server
get_errors_issues
@lekt9/openreplay-mcp

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Cyreslab-AI/hibp-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server