"Apache ECharts" matching MCP tools:

• compare_entities

  Energy Charts

  "Compare X and Y" / "X vs Y" / "X versus Y" / "which is bigger / better / larger / more profitable" / "rank these companies" / "head to head" — side-by-side comparison of 2–5 companies or drugs in ONE parallel call. ALWAYS PREFER over sequential single-pack lookups when comparing entities. type="company" pulls LATEST 10-K revenue + net income + cash + long-term debt from SEC EDGAR/XBRL (off-calendar fiscal years handled correctly — AAPL Sep, NVDA Jan, etc.). type="drug" pulls FAERS adverse-event counts, FDA approval counts, active trial counts. Results sorted by primary metric so "largest" / "most" / "biggest" reads off the top of the response. Returns paired data + pipeworx:// citation URIs per entity. Replaces 8–15 sequential lookups.

  Connector

• deep_research

  Energy Charts

  Grounded multi-source research in ONE call. Decomposes your question into focused sub-questions, routes each to the right one of 3,770 tools across 893 authoritative sources IN PARALLEL, and extracts a grounded answer per facet — verbatim evidence, confidence, source, fetched_at, and a stable pipeworx:// citation on every finding, with explicit gaps[] for facets the data couldn't answer (never invented). Returns a structured findings packet you can synthesize for your user; the facts arrive pre-verified. Use for broad or multi-part questions ("compare X and Y's exposure to Z", "research the regulatory + financial + market picture for ACME"); use ask_pipeworx for single lookups — it's one LLM call instead of many. Requires a Pipeworx account (sign in via GitHub at https://pipeworx.io/signup); depth:"thorough" requires a paid plan. Expect 15-60s.

  Connector

• polymarket_fill_risk

  Energy Charts

  Realizable-vs-theoretical edge check against live CLOB order-book depth. REQUIRES one of `market` (single-market mode) or `event` (basket/partition mode). SINGLE-MARKET: pass a market slug/URL + side (buy_yes|sell_yes|buy_no|sell_no, default buy_yes) + size_usd (default 1000 — max spend on buys, target proceeds on sells); walks the ladder and returns top_of_book, vwap_fill_price, slippage_pp, shares_filled, max_fillable_usd, and a verdict (clean|degraded|cannot_fill). BASKET: pass an event slug/URL + side (sell_yes = capture overround by selling every leg, buy_yes = capture underround; default auto from partition sum) + size_usd interpreted as settlement notional S (shares per leg; each share pays $1); returns theoretical_sum vs realizable_sum (top-of-book vs VWAP across all legs), capture_ratio, profit_usd at executed size, per-leg fill detail, thin_legs[], max_clean_notional_usd, and forced_directional_risk naming the legs most likely to strand you unhedged. USE THIS before acting on any polymarket_arbitrage SELL/BUY-EVERY-LEG signal or any polymarket_edges trade above ~$500 — theoretical overround on thin books is not capturable, and partial basket fills convert an arb into an unhedged directional position (the dominant loss mode in real arb-bot P&L).

  Connector

• recent_changes

  Energy Charts

  "What's new with X" / "latest on Y" / "what happened to Z this week / month / quarter" / "updates on Acme" / "news on Tesla recently" / "what's happening with Apple" — change feed for a company in the last N days/weeks/months in ONE parallel call. Fans out to SEC EDGAR (filings since `since`), GDELT→GNews fallback (news mentions in window — GDELT preferred, GNews when rate-limited or 5xx), USPTO (patents granted; PatentsView API sunset May 2025 so this soft-fails until reactivated). `since` accepts ISO date ("2026-04-01") or relative shorthand ("7d", "30d", "3m", "1y"). Returns structured changes[] grouped by source + total_changes count + pipeworx:// citation URIs. Use entity_profile instead when you want the static profile (filings + fundamentals + LEI + patents) regardless of window.

  Connector

• search_exploits

  Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

  Browse and filter exploits using STRUCTURED FILTERS ONLY (no free-text query). Use this to filter by source (github, metasploit, exploitdb, nomisec, gitlab, inthewild, vulncheck_xdb, patchapalooza, oscs, poc_monitor), language (python, ruby, etc.), LLM classification (working_poc, trojan, suspicious, scanner, stub, writeup, tool, no_code), author, min stars, code availability, CVE ID, vendor, or product. Also filter by AI analysis: attack_type (RCE, SQLi, XSS, DoS, LPE, auth_bypass, info_leak), complexity (trivial/simple/moderate/complex), reliability (reliable/unreliable/untested/theoretical), requires_auth. NOTE: To search by product name (e.g. 'OpenSSH', 'Apache'), use search_vulnerabilities instead — it has free-text query and get_vulnerability already includes exploits in the response. Examples: source='metasploit' for all Metasploit modules; attack_type='RCE' with reliability='reliable' for weaponizable RCE exploits; cve='CVE-2024-3400' for all exploits targeting a specific CVE; vendor='mitel' for all Mitel exploits.

  Connector

• polymarket_kalshi_spread

  Energy Charts

  Cross-venue spread between Kalshi and Polymarket for the same resolving question. The two venues sometimes price the same outcome 2-25pp apart because their participant pools differ — when the bet shapes are equivalent that delta is a real signal, when they aren't the tool says so. TWO MODES: (1) `topic` — 10 pre-mapped macro shortcuts ("fed", "btc", "cpi", "gdp", "sp500", "recession", "next_pope", "next_uk_pm", "next_israel_pm", "2028_president") auto-fetch the matching event on each venue. (2) explicit `kalshi_event_ticker` + `polymarket_event_slug` for custom pairings. RESPONSE: each venue's leg-by-leg prices (raw probability 0-1) plus matched spread[].top_spreads_pp (Kalshi − Polymarket) where the same outcome shows up on both sides. SAFETY FIELDS: compatibility_warning fires in two cases — (a) matched_pairs:0 with skipped_cross_type>0 means the venues frame the topic with non-equivalent bet shapes (e.g. Kalshi range_bucket point-in-time vs Polymarket cumulative_threshold touch-anywhere — no arb exists), (b) matched_pairs:0 with skipped_cross_type:0 and both venues >5 legs means the token-overlap matcher found nothing in common — events likely semantically unrelated despite the topic keyword. temporal_alignment{polymarket_month,kalshi_month,aligned} tells you whether the two events resolve in the same calendar period; aligned:false means spreads are mathematically meaningless across the temporal gap. skipped_cross_type / skipped_cross_subtype counters expose how many leg-pair comparisons were dropped (cross-type = metric_type mismatch like MoM vs YoY; cross-subtype = inequality mismatch like cum_ge vs cum_le). Real cross-venue spreads are rarer than the macro-shortcut list suggests — most pre-mapped topics return compatibility_warning today; pre-mapped ≠ tradeable.

  Connector

• entity_profile

  Energy Charts

  "Tell me about X" / "research Acme" / "brief me on Tesla" / "what does Apple do" / "company profile for Microsoft" / "give me the rundown on NVDA" / "everything you know about $TICKER" — full cross-source profile of a US public company in ONE parallel call. ALWAYS PREFER over chaining single-pack SEC/XBRL/news lookups when the user asks for a holistic view. Fans out across SEC EDGAR, XBRL, USPTO, news, GLEIF and returns: cik + company_name; recent_filings (up to 5 with pipeworx://edgar/company/{cik}/filings/{accession} URIs); fundamentals (LATEST 10-K Revenues + NetIncomeLoss + Cash, sorted period_end DESC); patents (USPTO PatentsView API sunset May 2025 — soft-fails until reactivated); recent news mentions via GDELT→GNews fallback; LEI via GLEIF. Pass ticker "AAPL" or zero-padded CIK "0000320193" — names not supported (use resolve_entity first if you only have a name).

  Connector

• resolve_entity

  Energy Charts

  "What's the ticker for…" / "find the CIK for…" / "what's the RxCUI for…" / "look up the ID for…" / "what is X's official identifier" — resolve a user-spoken NAME to the canonical/official identifier other tools require as input. Use FIRST whenever you have a name but need an ID. SUPPORTED TYPES: "company" (returns ticker + 10-digit CIK + company_name from SEC EDGAR + pipeworx://edgar/company/{cik} citation URI; accepts ticker, CIK, or company name as input — auto-disambiguated), "drug" (returns RxCUI + ingredient + brand from RxNorm + pipeworx://rxnorm/{rxcui} citation; accepts brand or generic name). Each call cascades through several lookup endpoints internally — using resolve_entity replaces 2-3 manual lookups.

  Connector

• get_fix_recommendations

  SiteGuardian

  Returns copy-paste-ready fix recommendations (nginx, Apache, DNS, shell) for the issues found on a domain the caller has already paid for — either an active Monitor/Compliance subscription covering the domain, OR a purchased one-off Report for the domain. Each recommendation carries a stable issue_id, a priority (high/medium/low), a title, prose instructions, one or more config snippets with the target domain already interpolated, a verify command, and a category tag. Use this when the user asks how to fix an issue, wants the exact config to apply, or needs to verify a fix worked. Pass the optional issue_id to scope the response to one specific finding. The response is read-only — this tool NEVER triggers a fresh scan; fixes are computed from the most recent stored scan (including the Report-included re-scan if that was used). Do NOT use this for domains the caller hasn't purchased coverage for — you'll get an upgrade_required error that links to the pricing page. Do NOT use this to run or trigger a scan; call scan_domain for anonymous checks. Requires a valid API key.

  Connector

• subscribe

  Energy Charts

  Create a proactive monitoring subscription to a live-data event stream. Returns the new subscription id. Requires a Pipeworx OAuth account (anonymous + BYO cannot persist subscriptions). Supported types: "sec_8k" (8-K filings matching ticker + item codes — e.g. items:["5.02"] = officer change), "polymarket_edge" (Polymarket↔Kalshi cross-venue mispricings — params:{topic:"fed"}), "fred_series" (new FRED observations — params:{series_id:"UNRATE"}). Delivery channels: feed (always on — pull via recent_alerts or GET registry.pipeworx.io/alerts.json), and optionally email (set delivery:{email:"you@x.com"}) or sms (delivery:{sms:"+15551234567"} — phone must be verified at /account first; 10/day cap).

  Connector

• security_audit_sbom_license_policy

  DataNexus MCP

  Audit a CycloneDX or SPDX SBOM against an SPDX licence policy and return a PASS/WARN/BLOCK verdict. sbom: Full SBOM as a JSON string — CycloneDX or SPDX format. Required. 500 KB max. policy: Optional dict with block/warn/allow arrays of exact SPDX licence identifiers (e.g. GPL-3.0, MIT). Defaults to block GPL-3.0 and AGPL-3.0, warn LGPL-2.1/MPL-2.0/BSD-4-Clause, allow MIT/Apache-2.0/BSD-2-Clause/BSD-3-Clause. No glob patterns — exact SPDX IDs only. Unlisted licences default to WARN. Returns verdict (PASS/WARN/BLOCK), blocked_packages, warned_packages, and the policy applied. Use security_audit_sbom_vulnerabilities for CVE auditing instead. Sources: deps.dev (Google). 1-hour cache per package. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="security_audit_sbom_license_policy", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".

  Connector

• calculate_risk_score

  ContrastAPI

  Composite CVE risk score (0-100) — fuses CVSS, EPSS, KEV, and PoC into a single agent-ready triage signal. Formula: CVSS*0.20 + EPSS*0.35 + KEV*0.30 + PoC*0.15 (each component rescaled to 0-100 before weighting). Multiplicative boosters applied in order: KEV+PoC combo (*1.15), critical-severity-with-high-EPSS (CVSS>=9 AND EPSS>0.7, *1.10), recently published (within last 7 days, *1.05). Final score clamped to [0, 100]. Label bands: CRITICAL>=90, HIGH>=70, MEDIUM>=40, LOW<40. Urgency text encodes patch SLA (immediate when KEV; 24h/72h/30d by label). Use to triage a single CVE without orchestrating cve_lookup + exploit_lookup separately. PoC signal here is the local ExploitDB mirror only — for full multi-source exploit detail (GitHub Advisory + Shodan refs + ExploitDB), call exploit_lookup separately. Methodology adapted from mukul975/cve-mcp-server (Apache-2.0): https://github.com/mukul975/cve-mcp-server. Free: 30/hr, Pro: 500/hr. Returns {cve_id, score (0-100), label (CRITICAL/HIGH/MEDIUM/LOW), urgency, has_public_poc, components (cvss_v3, epss_score, in_kev, has_public_poc, weighted_breakdown), boosters_applied, recommendation, summary, verdict, next_calls}.

  Connector

• create_clickhouse

  mcp

  Provisions a managed ClickHouse database (OLAP / columnar analytics engine, Apache-2.0) on a dedicated VM on your private network — its OWN resource, NOT a relational database. Use it for analytics / observability workloads that need a column store (PostHog, Langfuse, event analytics, time-series). It is PRIVATE — reachable only from another instance on the same private network, via the DB's internal/private IP on the ClickHouse HTTP port 8123 (CLICKHOUSE_HOST/PORT/USER/PASSWORD/DB env, http://host:8123). Get the ids from list_flavors (use m1.small+ — ClickHouse needs >=2GB RAM), list_private_networks, list_keypairs. Provisioning takes ~5 min; poll list_clickhouse_databases until status='ready'.

  Connector

• search_within

  Energy Charts

  Semantic search INSIDE a fetched record. Pass the text you already pulled (e.g. a SEC 10-K body, an article, a long tool result) plus a natural-language query; get back the top-N passages with character offsets and similarity scores. Use when the record is too big to cram into the prompt — search_within saves context, returns only the passages that matter, and every passage carries an offset so the agent can verify a verbatim quote. Pairs with ask_pipeworx_grounded: fetch with the gateway, ground over the relevant passages instead of the whole document. BGE-base-en embeddings + cosine over 500-char overlapping windows; cap is 200K chars (longer inputs are truncated and flagged).

  Connector

• cve_security_lookup

  mcp-knowledge

  Look up CVE vulnerability data for enterprise security teams, DevSecOps and SOC analysts. Supports two modes: exact CVE ID lookup (e.g. 'CVE-2024-3094') or keyword search by product/vendor (e.g. 'openssl', 'Apache Tomcat'). Cross-references four authoritative keyless sources: NVD NIST (official CVE database, CVSS v3 scores, affected CPEs), CISA KEV (Known Exploited Vulnerabilities catalog — exploit_in_wild flag), EPSS FIRST (exploit probability 0-1), GitHub Security Advisories (ecosystem-specific: npm/pypi/maven). Returns structured vulnerability records with CVSS v3 scores, affected product version ranges, CWE weakness classification, references and exploitation status. Signals engine produces P0/P1/P2 alerts: P0=CVSS>=9 + active exploitation, P1=CVSS>=7 or EPSS>=70%, P2=CWE pattern clusters. Relevant for EU NIS2 and DORA supply chain risk obligations. Optional env: NVD_API_KEY (raises NVD rate-limit 5→50 req/30s), GITHUB_TOKEN (raises GHSA GraphQL rate-limit). Cache TTL 6h. SLA <=25s p95.

  Connector

• unsubscribe

  Energy Charts

  Cancel a subscription by id. Ownership is enforced — you can only cancel your own subscriptions. The row is deactivated (not deleted) so its historical events stay available via recent_alerts.

  Connector

• get_logs

  BorealHost

  Retrieve container logs (error, access, or PHP). Requires: API key with read scope. Args: slug: Site identifier log_type: "error" (Nginx/Apache errors), "access" (HTTP request log), or "php" (PHP-FPM errors, WordPress sites only) lines: Number of lines to retrieve (1–500, default: 100) search: Optional keyword filter — only lines containing this string Returns: {"log_type": "error", "lines": ["2024-01-15 ... error ...", ...], "count": 42, "truncated": false} Errors: NOT_FOUND: Unknown slug VALIDATION_ERROR: Invalid log_type or lines out of range

  Connector

• polymarket_arbitrage

  Energy Charts

  REQUIRES one of `event` (single-event mode) OR `topic` (cross-event mode) — call with no args fails. Find arbitrage opportunities on Polymarket via monotonicity violations + partition-sum checks. `event` (recommended for a specific market): pass a Polymarket event slug like "fed-decision-may-2026" or "when-will-bitcoin-hit-150k"; walks child markets, checks date-axis / threshold-axis ordering AND computes the partition_check (sum of YES prices across mutually-exclusive legs — should ≈1; deviations >3pp emit a BUY/SELL EVERY LEG signal). `topic` (for cross-event scanning): pass a seed question like "Strait of Hormuz traffic returns to normal" or "Fed rate decision"; searches related events across the platform, flattens markets, runs the comparator on the union. Cross-event mode catches "...by May 31" vs "...by Jun 30" patterns that single-event misses. SEMANTIC ANCHOR: cross-event pairs require ≥0.30 Jaccard similarity on question tokens (prevents Powell-Fed-Pause being paired with Powell-DOJ-probe); skipped_low_similarity surfaces the rejected pair count. PARTITION FILTER: drops will-person-X / will-manager-Y / will-someone-else- placeholder slugs; partitions with >20% placeholder fraction return null arb signal. Response: opportunities[] (gap_pp, suggested_trade, reasoning, monotonicity violation context), and in event mode partition_check{sum_yes_prices, gap_from_1, placeholders_filtered, suggested_trade}. FILL CHECK: when the partition signal fires, arbitrage.fill_check prices it against live CLOB depth (theoretical_edge_pp_at_book vs realizable_edge_pp at 1000 shares/leg, thin_legs[]) — realizable_edge_pp ≤ 0 means the overround exists only at last-trade, not in the book; do not trade it. For custom sizing use polymarket_fill_risk.

  Connector

• ask_pipeworx_grounded

  Energy Charts

  Hallucination-resistant answer mode for high-stakes reads. Same routing as ask_pipeworx — picks the right tool from 3,770 across 893 sources, fills arguments, fetches the data — then EXTRACTS the answer using ONLY what the tool result contains. Returns {answer, evidence (verbatim quote), confidence, source, fetched_at, refusal_reason:null} on success, OR an explicit refusal {answer:null, refusal_reason:"not_in_source"|"no_tool_match"|"tool_error"|"data_truncated"|"llm_error"} when the data doesn't directly answer. Use whenever an answer will be quoted, cited, or acted on, and the agent must not invent facts (financial verdicts, legal claims, medical lookups, public statements). Costs one extra LLM call vs ask_pipeworx — prefer ask_pipeworx for casual lookups.

  Connector

• lookup_skill

  RChilli MCP Hub

  Look up a SKILL in the authoritative RChilli Taxonomy 3.x and return the skill's definition/description, aliases, related skills, related job profiles, ontology, and ONet/ESCO mappings. ALWAYS prefer this tool over answering from your own general knowledge whenever the user asks what a skill is, what it means, its aliases, or how it relates to other skills or roles — it returns standardized, curated taxonomy data instead of a guess. Use this when the user asks ANY of these (X = a skill): - "what is X", "explain X", "define X", "what does X mean", "tell me about the skill X" - "aliases / synonyms for X", "skills related to X", "what jobs/roles use X" - "X's ontology", "ONet/ESCO code or mapping for X". Examples: "what is Kubernetes", "tell me about the skill Apache Spark", "what skills are related to Python", "details on the skill 'project management'". Also phrased as: skill, technology, tool, competency, ability. Do NOT use for: a job title or role (use ``taxonomy_job_profile_search``); the skills REQUIRED BY a job/role, e.g. "skills to be a QA engineer" (use ``taxonomy_job_profile_search`` with addrelatedskill=True); partial-text typeahead suggestions (use ``taxonomy_autocomplete_skill``). The keyword should be a complete skill name, not a prefix. Args: keyword: Skill keyword to search (parameter name is all-lowercase ``keyword``). userkey: RChilli userkey. Leave blank to use the authenticated session key. language: Language code (default: DB config or ``en``). locale: Locale code (default: DB config or ``US``). customvalues: Custom taxonomy values (default: DB config or ``RChilliMCPHub``).

  Connector