PeerGlass

Overview Schema Related Servers Score Discussions

peerglass_threat_intel

Read-onlyIdempotent

Analyze IP addresses for security threats using Shodan and GreyNoise intelligence, identifying open ports, CVEs, malicious activity, and calculating risk scores.

Instructions

Passive threat intelligence for an IP address from two sources:

Shodan InternetDB (always available, no API key required):
- Open ports detected via internet scanning
- CVE identifiers for detected services
- Reverse DNS hostnames
- Shodan tags (cdn, vpn, tor-exit, etc.)
GreyNoise Community (requires GREYNOISE_API_KEY env var):
- Classification: malicious / benign / unknown
- RIOT flag: trusted service (Google, Amazon, etc.)
- Noise flag: benign internet background scanner
- Named actor or service attribution

Produces an aggregated risk score (0–100) and level (LOW / MEDIUM / HIGH / CRITICAL).

Args: params (ThreatIntelInput): - ip (str): IPv4 address (e.g. '1.2.3.4') - response_format (str): 'markdown' (default) or 'json'

Returns: str: Open ports, CVEs, GreyNoise classification, and risk assessment.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`params`	Yes

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Tool Definition Quality

Score is being calculated. Check back soon.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/duksh/peerglass'

If you have feedback or need assistance with the MCP directory API, please join our Discord server