Mallory MCP Server

from typing import Any, Dict from ..decorator.api import handle_api_errors from ..server.server import mcp, malloryai_client @mcp.tool() @handle_api_errors async def get_exploitation( identifier: str, ) -> Dict[str, Any]: """Get a specific exploitation Use this to look up exploitation data when you want to know if a vulnerability has been exploited in the wild, and who detected the exploitation. This function retrieves detailed information about a specific exploitation incident using its unique identifier. Args: identifier (str): The unique UUID of the exploitation to retrieve. Example format: "123e4567-e89b-12d3-a456-426614174000" Returns: Dict[str, Any]: Dictionary containing detailed exploitation data including: - uuid: Unique identifier for the exploitation - begins_at: When the exploitation was first observed - ends_at: When the exploitation activity ended - count: Number of exploitation occurrences detected - detection_signature_uuid: UUID of the detection signature - detection_signature_name: Name of the detection signature - detection_signature_source: Source of the detection (e.g., vendor, tool) - detection_signature_method: Method used for detection - created_at: When this record was created - updated_at: When this record was last updated """ return await malloryai_client.exploitations.get_exploitation(identifier=identifier) @mcp.tool() @handle_api_errors async def list_exploitations( offset: int = 0, limit: int = 10, sort: str = "created_at", order: str = "desc", ) -> Dict[str, Any]: """Get exploitation data Use this to look up exploitation data when you want to know if vulnerabilities have been exploited in the wild, and who detected the exploitations. This function retrieves a list of exploitation incidents with filtering and sorting options. The data can help identify: - Recent exploitations in the wild - Which detection signatures identified the exploitations - Frequency of exploitation activities (count) - Timeframes of exploitation activities Args: offset (int, optional): The number of items to skip before starting to collect the result set. Defaults to 0. limit (int, optional): The maximum number of items to return. Minimum value is 1. Defaults to 10 (API default is 100). sort (str, optional): Field to sort by - either 'count', 'created_at', or 'updated_at'. Defaults to 'created_at'. order (str, optional): Sort order - either 'asc' or 'desc'. Defaults to 'desc'. Returns: Dict[str, Any]: Dictionary containing: - data: List of exploitation records with fields including: - uuid - begins_at - ends_at - count - detection_signature_uuid - detection_signature_name - detection_signature_source - detection_signature_method - created_at - updated_at """ return await malloryai_client.exploitations.list_exploitations( offset=offset, limit=limit, sort=sort, order=order )