Shodan MCP Server

Instructions

Implementation Reference

• src/index.ts:1970-1991 (handler)

  MCP CallTool handler for get_cves_by_epss tool. Extracts limit parameter, calls CVEDBClient.getCvesByEpss, and returns JSON response or handles errors.
  case "get_cves_by_epss": { const limit = request.params.arguments?.limit ? Number(request.params.arguments.limit) : 10; try { const epssCves = await cvedbClient.getCvesByEpss(limit); return { content: [{ type: "text", text: JSON.stringify(epssCves, null, 2) }] }; } catch (error) { if (error instanceof McpError) { throw error; } throw new McpError( ErrorCode.InternalError, `Error getting CVEs by EPSS: ${(error as Error).message}` ); } }
• src/index.ts:788-803 (helper)

  Core implementation in CVEDBClient that queries https://cvedb.shodan.io/cves API with sort_by_epss=true and limit parameters to fetch CVEs sorted by EPSS score.
  async getCvesByEpss(limit: number = 10): Promise<any> { try { const response = await this.axiosInstance.get("/cves", { params: { sort_by_epss: true, limit } }); return response.data; } catch (error: unknown) { if (axios.isAxiosError(error)) { throw new McpError( ErrorCode.InternalError, `CVEDB API error: ${error.response?.data?.error || error.message}` ); } throw error; } }
• src/index.ts:1266-1277 (registration)

  Tool registration in ListTools handler, including name, description, and input schema definition.
  name: "get_cves_by_epss", description: "Get CVEs sorted by EPSS score (Exploit Prediction Scoring System)", inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } } }
• src/index.ts:1268-1276 (schema)

  Input schema definition for the get_cves_by_epss tool.
  inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } }