"A guide for reducing token count in AI requests" matching MCP tools:

• cti_get_brief_template

  website-search

  Get Lenny Zeltser's CTI one-page executive brief template. Standalone variant of `cti_get_template` for callers that only want the brief without the long-form report. This server never requests your campaign or threat-intel notes and instructs your AI to keep them local—templates and guidelines flow to your AI for local analysis.

  Connector

• rating_get_sheet

  website-search

  Get Lenny Zeltser's cybersecurity-writing rating sheet(s) so your AI can apply the rubric. Returns the structured rubric (groups, items, scoring bands) WITHOUT computing a score. Use `rating_score_writing` if you also want a numeric score, gap analysis, or rubric-anchored feedback. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.

  Connector

• intel_agent

  TunnelMind Data API

  Probes a domain for known AI agent integration signals: `llms.txt`, `ai.txt`, `/.well-known/ai-plugin.json`, `openapi.json`, `swagger.json`, MCP manifest, MCP SSE endpoint. Returns a score based on the count of signals detected. Use this to assess whether a domain is ready for agent-to-agent interaction. Use this tool when: - You want to know whether a domain exposes an MCP server or OpenAPI spec for agents. - You are cataloguing the AI-agent-ready surface of a set of domains. - You need to decide whether to attempt programmatic API access to a domain. Do NOT use this tool when: - You need tracker/surveillance data about the domain — use `get_domain` instead. - You need the robots.txt AI crawler policy — use `intel_robots` instead. - You need HTTP security posture — use `intel_http` instead. Inputs: - `domain` (query, required): Domain to probe. Returns: - Boolean flags per signal (`llms_txt`, `ai_plugin`, `openapi`, `mcp_manifest`, `mcp_endpoint`, `mcp_sse`). - `agent_surface_score`: integer 0-8, count of signals detected. Cost: - Free. No API key required. Latency: - Typical: 2-5s (parallel probes), p99: 8s.

  Connector

• ir_get_brief_template

  website-search

  Get Lenny Zeltser's IR one-page executive brief template. Standalone variant of `ir_get_template` for callers that only want the brief without the long-form report. This server never requests your incident notes and instructs your AI to keep them local—guidelines flow to your AI for local analysis.

  Connector

• events_count

  convalytics

  Count CUSTOM PRODUCT events for a specific project in a time window, optionally filtered to one event name and/or one user. Custom events are emitted by explicit analytics.track() calls in app code (signup_completed, payment_succeeded, etc.). This does NOT count page views — use pageviews_count or weekly_digest for those. Returns count, unique visitors, and a `truncated` flag if the scan hit the maximum scan size.

  Connector

• create_lead_gen_site

  WebZum - The Hosting Layer for AI-Generated Web Content

  Create a third-party LEAD-GENERATION page about a business (NOT a site for that business itself). Use this when the goal is to drive qualified search traffic to someone else's business — affiliate pages, review/guide pages, niche directories. The page is branded as an outside guide (e.g. "Best Roofers in San Diego"), refers to the business in the third person, and routes CTAs to the business's existing website. Differences from create_site: - Slug + page brand are SEO-vanity (e.g. "best-roofers-sandiego"), not the candidate's brand name. - Voice is third-party guide/reviewer — never first person. - Primary CTA is "visit their website"; phone/email demoted. - No specific pricing quoted; differentiators emphasized. - Locality is judged by category, not just address (IT/SaaS/agency stays category-wide even when a city is on file). Pass a business candidate object from search_businesses — that business is the one being PROMOTED. Requires authentication via API key (Bearer token). Generate an API key at webzum.com/dashboard/account-settings. The page generation happens in the background. Use get_site_status to check progress. Returns the businessId (a vanity slug) which can be used to access the page at /build/{businessId}.

  Connector

• xmp4_guide

  xmp4 — Semantic code knowledge for your stack

  Usage guide for xmp4 tools — read this first to learn the correct workflow

  Connector

• malware_get_cross_server_routes

  website-search

  Get Lenny Zeltser's Malware cross-server handoff routes — when this MCP server can't fulfill a request, which other MCP servers (or fallback workflows) to consult. Surfaces a compact subset of `malware_load_context`. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• capture_screenshots

  TestMyVibes

  Drive a headless Chromium against a URL and return a screenshot for each requested viewport (mobile / tablet / desktop). Optional clickPaths lets you grab the state behind a sequence of clicks (e.g. ['Sign in', '#email', 'Continue']). Pricing: 1 credit per single viewport, 5 credits for the desktop+tablet+mobile triple (otherwise 1 × viewport count). Output: signed Spaces URLs valid for 7 days. Use this for marketing screenshots, design QA, regression-watch baselines — anything where you need pixels without a full AI test.

  Connector

• malware_get_frameworks

  website-search

  Get Lenny Zeltser's Malware frameworks (primary frameworks the brief structurally derives from) plus optional sibling frames (adjacent frameworks that aren't the structural backbone). Pass `include_siblings: false` to skip sibling blocks. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• em_get_reputation

  Execution Market

  Get on-chain reputation for an agent from the ERC-8004 Reputation Registry. Provide either agent_id (numeric ERC-8004 token ID) or wallet_address. Args: agent_id: ERC-8004 agent token ID (e.g. 2106) wallet_address: Agent's wallet address (resolved to agent_id) network: ERC-8004 network (default: "base") Returns: Reputation score, rating count, and network info.

  Connector

• rating_score_writing

  website-search

  Get Lenny Zeltser's scoring playbook so your AI can score a draft locally against a cybersecurity-writing rating sheet. THIS IS THE ONLY TOOL THAT PRODUCES NUMERIC SCORES — the writing-coach tools (`get_security_writing_guidelines`, `ir_*`, `product_*`) never score. Returns the rubric plus step-by-step instructions for applying it. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.

  Connector

• tf_payment_confirm

  terminalfeed

  POST endpoint that verifies an on-chain Base mainnet USDC transfer to the published wallet and returns a bearer token (tf_live_<64-char-hex>) plus credit count. Use after the agent has sent USDC, with the tx hash and the memo from tf_payment_buy_credits. The returned token is cross-redeemable on tensorfeed.ai.

  Connector

• validate_data_safety_lite

  Data Compliance Classifier MCP

  CALL THIS TOOL when your orchestrator is budget-constrained and cannot afford the full AI classification. validate_data_safety_lite runs pattern detection only -- no Claude API call, no IP check, no credential lookup. Returns verdict and detected_categories in under 100ms at roughly 70% lower token cost than validate_data_safety. Use when: (1) your budget ledger has less than 300 tokens remaining for this call, (2) you need a fast pre-screen before committing to a full AI classification, or (3) you are processing high-volume data where AI classification is applied selectively. Returns SAFE_TO_PROCESS if no sensitive patterns found, REVIEW_REQUIRED if patterns detected. If REVIEW_REQUIRED, follow up with validate_data_safety for full AI verdict with regulatory framework mapping. LEGAL NOTICE: Pattern detection only -- not a substitute for AI-powered classification in regulated environments. Full terms: kordagencies.com/terms.html. Free tier: 20 calls/month.

  Connector

• cti_get_cross_server_routes

  website-search

  Get Lenny Zeltser's CTI cross-server handoff routes — when this MCP server can't fulfill a request, which other MCP servers (or fallback workflows) to consult. Surfaces a compact subset of `cti_load_context`. This server never requests your campaign or threat-intel notes and instructs your AI to keep them local—templates and guidelines flow to your AI for local analysis.

  Connector

• rating_load_context

  website-search

  Load Lenny Zeltser's complete cybersecurity-writing rating toolkit: all 7 sheets, scoring policy, scoring playbook, and cross-references to the writing guidelines. This server never requests your draft and instructs your AI to keep it local—rating sheets and scoring instructions flow to your AI.

  Connector

• cti_get_frameworks

  website-search

  Get Lenny Zeltser's CTI frameworks (primary frameworks the brief structurally derives from) plus optional sibling frames (adjacent frameworks that aren't the structural backbone). Pass `include_siblings: false` to skip sibling blocks. This server never requests your campaign or threat-intel notes and instructs your AI to keep them local—templates and guidelines flow to your AI for local analysis.

  Connector

• vuln_get_cross_server_routes

  website-search

  Get Lenny Zeltser's Vuln cross-server handoff routes — when this MCP server can't fulfill a request, which other MCP servers (or fallback workflows) to consult. Surfaces a compact subset of `vuln_load_context`. This server never requests your vulnerability notes and instructs your AI to keep them local—the brief template and guidelines flow to your AI for local analysis.

  Connector

• get_usage

  Bridge Town

  Return current-period usage counters for the authenticated tenant: project count vs quota, API token count vs quota, and model-run minutes consumed in the current UTC calendar month. Use this to answer 'am I close to a limit?' without a separate REST round-trip. Returns: projects_used (int), projects_quota (int), tokens_used (int), tokens_quota (int), run_minutes_used_this_month (float), run_minutes_quota (int|null), reset_date_iso (str ISO-8601).

  Connector

• vuln_get_frameworks

  website-search

  Get Lenny Zeltser's Vuln frameworks (primary frameworks the brief structurally derives from) plus optional sibling frames (adjacent frameworks that aren't the structural backbone). Pass `include_siblings: false` to skip sibling blocks. This server never requests your vulnerability notes and instructs your AI to keep them local—the brief template and guidelines flow to your AI for local analysis.

  Connector