Skip to main content
Glama
jmaciasc-google

Google Threat Intelligence MCP Server

get_entities_related_to_an_url

Retrieve entities related to a URL, such as domains, IPs, files, reports, or malware families, by specifying a relationship type.

Instructions

Retrieve entities related to the the given URL.

The following table shows a summary of available relationships for URL objects.

Relationship

Description

Return type

analyses

Analyses for the URL.

analyse

associations

URL's associated objects (reports, campaigns, IoC collections, malware families, software toolkits, vulnerabilities, threat-actors), without filtering by the associated object type.

collection

campaigns

Campaigns associated to the URL.

collection

collections

IoC Collections associated to the URL.

collection

comments

Community posted comments about the URL.

comment

communicating_files

Files that communicate with a given URL when they're executed.

file

contacted_domains

Domains from which the URL loads some kind of resource.

domain

contacted_ips

IPs from which the URL loads some kind of resource.

ip_address

downloaded_files

Files downloaded from the URL.

file

embedded_js_files

JS files embedded in a URL.

file

graphs

Graphs including the URL.

graph

http_response_contents

HTTP response contents from the URL.

file

last_serving_ip_address

Last IP address that served the URL.

ip_address

malware_families

Malware families associated to the URL.

collection

memory_pattern_parents

Files having a domain as string on memory during sandbox execution.

file

network_location

Domain or IP for the URL.

domain or ip_address

parent_resource_urls

Returns the URLs where this URL has been loaded as resource.

url

redirecting_urls

URLs that redirected to the given URL.

url

redirects_to

URLs that this url redirects to.

url

referrer_files

Files containing the URL.

file

referrer_urls

URLs referring the URL.

url

related_collections

Returns the Collections of the parent Domains or IPs of this URL.

collection

related_comments

Community posted comments in the URL's related objects.

comment

related_reports

Reports that are directly and indirectly related to the URL.

collection

related_threat_actors

URL's related threat actors.

collection

reports

Reports directly associated to the URL.

collection

software_toolkits

Software and Toolkits associated to the URL.

collection

submissions

URL's submissions.

url

urls_related_by_tracker_id

URLs that share the same tracker ID.

url

user_votes

URL's votes made by current signed-in user.

vote

votes

Votes for the URL.

vote

vulnerabilities

Vulnerabilities associated to the URL.

collection

Args: url (required): URL to analyse. relationship_name (required): Relationship name. descriptors_only (required): Bool. Must be True when the target object type is one of file, domain, url, ip_address or collection. limit: Limit the number of objects to retrieve. 10 by default. Returns: List of entities related to the URL.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
urlYes
limitNo
descriptors_onlyYes
relationship_nameYes

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
resultYes
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries the burden. It discloses the input parameters and the return type (list of entities). It does not mention error handling, rate limits, or explicit read-only nature, but the tool name and description imply a safe read operation. Overall, it is fairly transparent.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with a clear first sentence stating purpose, followed by a helpful table, then parameter explanations. The table is somewhat long but provides necessary details. It is appropriately sized given the complexity of relationships.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Considering the presence of an output schema (not shown), the description covers all needed aspects: purpose, all parameters, a comprehensive list of relationship types, and return type. It is complete for an AI agent to select and invoke the tool correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Despite 0% schema description coverage, the description thoroughly explains each parameter: 'url' as the URL to analyse, 'relationship_name' via a detailed table, 'descriptors_only' with a rule for when it must be True, and 'limit' with default. This adds significant value beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description explicitly states the purpose: 'Retrieve entities related to the the given URL.' It also lists specific relationship types via a table, distinguishing it from sibling tools that target other entity types (e.g., domains, files).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The tool name and description make it clear that it is for URLs. The table of relationships guides which relationship_name to use. However, it does not explicitly state when not to use this tool or mention alternatives like get_entities_related_to_a_domain, relying on the name for differentiation.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jmaciasc-google/gti-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server