osint-mcp-server

st_whois

Perform WHOIS lookups to retrieve domain registration details including registrant, admin, and technical contact information using SecurityTrails data.

Instructions

Enhanced WHOIS lookup via SecurityTrails with registrant/admin/technical contacts. Requires ST_API_KEY.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`domain`	Yes	Domain to look up

Implementation Reference

src/securitytrails/index.ts:80-107 (handler)

The actual implementation of the stWhois logic that calls the SecurityTrails API.

export async function stWhois(domain: string, apiKey: string): Promise<StWhoisResult> {
  const data = await stFetch(`/domain/${encodeURIComponent(domain)}/whois`, apiKey);
  const w = data ?? {};

  const contacts: StWhoisResult["contacts"] = [];
  for (const type of ["registrant", "admin", "technical"]) {
    const c = w[type];
    if (c) {
      contacts.push({
        type,
        name: c.name,
        organization: c.organization,
        email: c.email,
        country: c.country,
      });
    }
  }

  return {
    domain,
    registrar: w.registrar?.name,
    createdDate: w.created_date,
    updatedDate: w.updated_date,
    expiresDate: w.expires_date,
    nameservers: w.nameservers ?? [],
    contacts,
  };
}

src/protocol/tools.ts:260-270 (registration)

The registration and tool definition for st_whois, which wraps the implementation in a MCP tool.

const stWhoisTool: ToolDef = {
  name: "st_whois",
  description: "Enhanced WHOIS lookup via SecurityTrails with registrant/admin/technical contacts. Requires ST_API_KEY.",
  schema: {
    domain: z.string().describe("Domain to look up"),
  },
  execute: async (args, ctx) => {
    const key = requireApiKey(ctx.config.stApiKey, "SecurityTrails", "ST_API_KEY");
    return json(await stWhois(args.domain as string, key));
  },
};

src/securitytrails/index.ts:30-38 (schema)

Type definition for the result returned by the st_whois tool.

interface StWhoisResult {
  domain: string;
  registrar?: string;
  createdDate?: string;
  updatedDate?: string;
  expiresDate?: string;
  nameservers: string[];
  contacts: { type: string; name?: string; organization?: string; email?: string; country?: string }[];
}

Tool Definition Quality

B3.3/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It adds value by specifying the data source ('via SecurityTrails'), the enhanced contact details included, and the authentication requirement ('Requires ST_API_KEY'). However, it lacks details on rate limits, error handling, or response format, which are important for a tool with no output schema.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise and front-loaded, consisting of a single sentence that efficiently conveys the tool's purpose, enhancement details, and authentication requirement. Every word earns its place with no wasted information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (single parameter, no output schema, no annotations), the description is adequate but has gaps. It covers the what and how (enhanced WHOIS via SecurityTrails with contacts and API key) but lacks details on output format, error cases, or comparison to siblings, which would improve completeness for an agent's decision-making.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 100%, with the single parameter 'domain' clearly documented in the schema. The description doesn't add any parameter-specific information beyond what the schema provides, such as domain format examples or validation rules. With high schema coverage, the baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool performs an 'Enhanced WHOIS lookup via SecurityTrails' with specific contact details (registrant/admin/technical contacts), which is a specific verb+resource combination. However, it doesn't explicitly differentiate from sibling tools like 'whois_domain' or 'whois_ip' that might offer similar functionality, preventing a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description mentions 'Requires ST_API_KEY' as a prerequisite, providing some context about authentication needs. However, it offers no guidance on when to use this tool versus alternatives like 'whois_domain' or 'whois_ip' from the sibling list, nor does it specify any exclusions or preferred scenarios for this enhanced WHOIS lookup.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/osint-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server