osint-mcp-server

Instructions

Implementation Reference

• src/securitytrails/index.ts:80-107 (handler)

  The actual implementation of the stWhois logic that calls the SecurityTrails API.

  export async function stWhois(domain: string, apiKey: string): Promise<StWhoisResult> {
    const data = await stFetch(`/domain/${encodeURIComponent(domain)}/whois`, apiKey);
    const w = data ?? {};
  
    const contacts: StWhoisResult["contacts"] = [];
    for (const type of ["registrant", "admin", "technical"]) {
      const c = w[type];
      if (c) {
        contacts.push({
          type,
          name: c.name,
          organization: c.organization,
          email: c.email,
          country: c.country,
        });
      }
    }
  
    return {
      domain,
      registrar: w.registrar?.name,
      createdDate: w.created_date,
      updatedDate: w.updated_date,
      expiresDate: w.expires_date,
      nameservers: w.nameservers ?? [],
      contacts,
    };
  }

• src/protocol/tools.ts:260-270 (registration)

  The registration and tool definition for st_whois, which wraps the implementation in a MCP tool.

  const stWhoisTool: ToolDef = {
    name: "st_whois",
    description: "Enhanced WHOIS lookup via SecurityTrails with registrant/admin/technical contacts. Requires ST_API_KEY.",
    schema: {
      domain: z.string().describe("Domain to look up"),
    },
    execute: async (args, ctx) => {
      const key = requireApiKey(ctx.config.stApiKey, "SecurityTrails", "ST_API_KEY");
      return json(await stWhois(args.domain as string, key));
    },
  };

• src/securitytrails/index.ts:30-38 (schema)

  Type definition for the result returned by the st_whois tool.

  interface StWhoisResult {
    domain: string;
    registrar?: string;
    createdDate?: string;
    updatedDate?: string;
    expiresDate?: string;
    nameservers: string[];
    contacts: { type: string; name?: string; organization?: string; email?: string; country?: string }[];
  }