RAD Security

Instructions

Implementation Reference

• src/operations/cves.ts:33-43 (handler)

  The core handler function that executes the search_cves tool logic by constructing a URL to the CVE search API and fetching the results.
  export async function searchCves(vendor: string, product?: string): Promise<any> { const url = product ? `${BASE_URL}/search/${encodeURIComponent(vendor)}/${encodeURIComponent(product)}` : `${BASE_URL}/search/${encodeURIComponent(vendor)}`; const response = await fetch(url); if (!response.ok) { throw new Error(`Failed to search CVEs: ${response.statusText}`); } return response.json(); }
• src/operations/cves.ts:11-14 (schema)

  Zod input schema defining the parameters for the search_cves tool: vendor (required) and product (optional).
  export const searchCvesSchema = z.object({ vendor: z.string().describe("Vendor name to search for"), product: z.string().optional().describe("Product name to search for"), });
• src/index.ts:309-312 (registration)

  Tool registration in the listTools response, specifying name, description, and input schema.
  name: "search_cves", description: "Search CVEs by vendor and optionally product. Source: cve-search.org", inputSchema: zodToJsonSchema(cves.searchCvesSchema), },
• src/index.ts:716-722 (helper)

  Dispatch handler in the main CallToolRequest handler that parses arguments using the schema and delegates to the core searchCves function.
  case "search_cves": { const args = cves.searchCvesSchema.parse(request.params.arguments); const response = await cves.searchCves(args.vendor, args.product); return { content: [{ type: "text", text: JSON.stringify(response, null, 2) }], }; }