"Guidelines for Managing File Structures" matching MCP tools:

• firmaradar_start_aml_report

  Firmaradar

  Start generating an AML risk report ASYNCHRONOUSLY for a Norwegian company. Returns immediately with a report_id and status 'pending' — the report is built in the background. Poll `get_aml_report` with the report_id until status is 'done' (then read score/level/factors) or 'failed'. Use this instead of `get_aml_score` for large/complex ownership structures that may otherwise time out, or to start many screenings in parallel. Generates an auditable report stored for 60 months per Hvitvaskingsloven §35.

  Connector

• cti_get_brief_template

  website-search

  Get Lenny Zeltser's CTI one-page executive brief template. Standalone variant of `cti_get_template` for callers that only want the brief without the long-form report. This server never requests your campaign or threat-intel notes and instructs your AI to keep them local—templates and guidelines flow to your AI for local analysis.

  Connector

• ir_get_brief_template

  website-search

  Get Lenny Zeltser's IR one-page executive brief template. Standalone variant of `ir_get_template` for callers that only want the brief without the long-form report. This server never requests your incident notes and instructs your AI to keep them local—guidelines flow to your AI for local analysis.

  Connector

• read_file

  BorealHost

  Read the contents of a file from a site's container. Max file size: 512KB. Binary files are rejected — use the site's file manager or SSH for binary files. Requires: API key with read scope. Args: slug: Site identifier path: Relative path to the file Returns: {"path": "wp-config.php", "content": "<?php ...", "size": 1234, "encoding": "utf-8"} Errors: NOT_FOUND: File doesn't exist VALIDATION_ERROR: File is binary or exceeds 512KB

  Connector

• delete_file

  Sweeppea MCP

  DESTRUCTIVE — IRREVERSIBLE. Permanently delete a file from the user's Drive. Removes the file from S3 storage and the database. Storage quota is freed immediately. ALWAYS ask for explicit user confirmation before calling this tool. # delete_file ## When to use DESTRUCTIVE — IRREVERSIBLE. Permanently delete a file from the user's Drive. Removes the file from S3 storage and the database. Storage quota is freed immediately. ALWAYS ask for explicit user confirmation before calling this tool. ## Parameters to validate before calling - file_token (string, required) — The file token (UUID) of the file to delete. Get via fetch_files. ## Notes - DESTRUCTIVE — IRREVERSIBLE. Always confirm with the user before calling. Explain what will be lost.

  Connector

• malware_get_template

  website-search

  Get Lenny Zeltser's malware analysis report template. The report covers Executive Summary, Sample Snapshot, Malware Family Identification, Component Inventory, Runtime Requirements, Sources, Capabilities, Indicators of Compromise, Analysis Details, What We Don't Know, optional Infection Vector, optional Detection Engineering, About this Report, Appendix: Analysis Environment, and optional Appendix: Analysis Scripts. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• assessment_review_report

  website-search

  Get Lenny Zeltser's expert criteria for reviewing an existing security assessment report or brief. Surfaces the 17 info-assessment review items across five groups (Key Takeaways, Assessment Scope, Prioritized Findings, Remediation Suggestions, Assessment Methodology), cross-cutting criteria, the risk-adjusted severity model, anti-patterns, and a pointer to rating_score_writing for a numeric score. This server never requests your assessment notes or report and instructs your AI to keep them local—the templates and guidelines flow to your AI for local analysis.

  Connector

• echosaw_download_media

  mcp-server

  Generate a presigned download URL for the source media file associated with a completed analysis job. The URL is valid for 1 hour.

  Connector

• GetLEIDetail

  Fintel Discovery — Financial Intelligence for AI Agents

  Retrieve the full GLEIF LEI record for one legal entity using its 20-character LEI code. Returns legal name, registration status, legal address, headquarters address, managing LOU, and renewal dates. Use this tool when: - You have a LEI (from SearchLEI) and need full entity details - You want to verify the registration status and renewal date - You need the exact legal address and jurisdiction of an entity Source: GLEIF API (api.gleif.org). No API key required.

  Connector

• discovery_upload

  Disco

  Upload a dataset file and return a file reference for use with discovery_analyze. Call this before discovery_analyze. Pass the returned result directly to discovery_analyze as the file_ref argument. Provide exactly one of: file_url, file_path, or file_content. Args: file_url: A publicly accessible http/https URL. The server downloads it directly. Best option for remote datasets. file_path: Absolute path to a local file. Only works when running the MCP server locally (not the hosted version). Streams the file directly — no size limit. file_content: File contents, base64-encoded. For small files when a URL or path isn't available. Limited by the model's context window. file_name: Filename with extension (e.g. "data.csv"), for format detection. Only used with file_content. Default: "data.csv". api_key: Disco API key (disco_...). Optional if DISCOVERY_API_KEY env var is set.

  Connector

• malware_get_cross_server_routes

  website-search

  Get Lenny Zeltser's Malware cross-server handoff routes — when this MCP server can't fulfill a request, which other MCP servers (or fallback workflows) to consult. Surfaces a compact subset of `malware_load_context`. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• get_skill

  mcp

  ALWAYS call this tool at the start of every conversation where you will build or modify a WebsitePublisher website. Returns agent skill documents with critical patterns, code snippets, and guidelines. Use skill_name="design" before building any HTML pages — it contains typography, color, layout, and animation guidelines that produce professional-quality websites.

  Connector

• assessment_get_brief_template

  website-search

  Get Lenny Zeltser's Security Assessment one-page executive brief template. Standalone variant of `assessment_get_template` for callers that only want the brief without the long-form report. This server never requests your assessment notes or report and instructs your AI to keep them local—the templates and guidelines flow to your AI for local analysis.

  Connector

• cti_get_guidelines

  website-search

  Get Lenny Zeltser's expert CTI writing guidelines. Topics include tone, words, structure, executive_summary, voice, articles, summary, brief (one-page brief section guidance), handoffs (cross-server routing), methodology (the three subsections), fields (per-field guidance), and CTI-specific topics: attribution (full Six Signals prose), confidence (ICD-203 ladder), pyramid_of_pain, six_signals (signals table only), and anti_patterns. The general writing topics (tone/words/structure/executive_summary) now defer to `get_security_writing_guidelines` for the canonical Five Elements rules; CTI-specific content lives in the other topics. Pair the 'fields' topic with field_id for single-field guidance. This server never requests your campaign or threat-intel notes and instructs your AI to keep them local—templates and guidelines flow to your AI for local analysis.

  Connector

• assessment_get_cross_server_routes

  website-search

  Get Lenny Zeltser's Security Assessment cross-server handoff routes — when this MCP server can't fulfill a request, which other MCP servers (or fallback workflows) to consult. Surfaces a compact subset of `assessment_load_context`. This server never requests your assessment notes or report and instructs your AI to keep them local—the templates and guidelines flow to your AI for local analysis.

  Connector

• malware_get_frameworks

  website-search

  Get Lenny Zeltser's Malware frameworks (primary frameworks the brief structurally derives from) plus optional sibling frames (adjacent frameworks that aren't the structural backbone). Pass `include_siblings: false` to skip sibling blocks. This server never requests your sample, analysis notes, or indicators and instructs your AI to keep them local—guidelines and the report template flow to your AI for local analysis.

  Connector

• agents_update

  DialogBrain

  Update an existing AI agent's configuration. All parameters are optional — only provided fields will be updated. Use this to: - Enable or disable an agent - Change agent name or description - Assign or detach a prompt - Change default send mode - Replace knowledge collections - Update agent status - Change agent priority for trigger matching (lower number = higher priority) - Override which tools the agent can/can't call on triggered runs - Override which context sections (situation, communication style, job state, conversation history, thread summary) the agent receives - Opt into boilerplate prompt sections (safety guidelines, data confidentiality, factual accuracy) — all default OFF

  Connector

• create_powersource_docs

  Heista

  Build a complete creative intelligence profile from internal brand documents — creative briefs, brand guidelines, product specs, customer research, competitive analysis. Takes any mix of file_ids (from a previous upload), document_urls (public PDF/DOCX/TXT/MD links, up to 10), or documents_inline (base64-encoded files with filename), plus an optional context_url for layering live brand context (colors, fonts, current messaging) and optional idempotency_key. Returns a job_id; poll with get_powersource. Output shape is identical to create_powersource_url: identity, offer, selling points, voice, buyer profile, tensions, angles, emotional arcs, ctas, narrative. Use this when the user says "I have a brief", "here's my brand guidelines", "use this document", drops a PDF / DOCX / strategy deck, or when the truth lives in internal materials rather than the public website. The pipeline reads text only — convert PDFs to markdown before submitting via documents_inline when possible. Costs 100 credits. Do NOT use for URL-only scans — use create_powersource_url. For URL + docs combined (highest fidelity, triangulates public messaging against internal strategy), use create_powersource_full.

  Connector

• export_run_results

  mcp-coreclaw

  Export a CoreClaw scraper run's full result set as a downloadable CSV or JSON file. WHEN TO USE: the user wants to download, export, save, or get a file of run results — "导出成 CSV"、"download all results"、"give me a file"、"export as JSON". Preferred over get_run_results when dataset is large (>100 records) or user explicitly asks for a file. WHEN NOT TO USE: do NOT use for in-chat data preview (use get_run_results). Do NOT use for logs (use get_run_logs). The returned URL expires in ~30 minutes — do NOT cache it long-term. RETURNS: JSON with 'download_url' (temporary, valid ~30 min), 'format', 'record_count'. WORKFLOW: preceded by get_run_status (status=3). Terminal call — user typically downloads the file directly.

  Connector

• import_data

  mcp

  Import data into a Cloud SQL instance. If the file doesn't start with `gs://`, then the assumption is that the file is stored locally. If the file is local, then the file must be uploaded to Cloud Storage before you can make the actual `import_data` call. To upload the file to Cloud Storage, you can use the `gcloud` or `gsutil` commands. Before you upload the file to Cloud Storage, consider whether you want to use an existing bucket or create a new bucket in the provided project. After the file is uploaded to Cloud Storage, the instance service account must have sufficient permissions to read the uploaded file from the Cloud Storage bucket. This can be accomplished as follows: 1. Use the `get_instance` tool to get the email address of the instance service account. From the output of the tool, get the value of the `serviceAccountEmailAddress` field. 2. Grant the instance service account the `storage.objectAdmin` role on the provided Cloud Storage bucket. Use a command like `gcloud storage buckets add-iam-policy-binding` or a request to the Cloud Storage API. It can take from two to up to seven minutes or more for the role to be granted and the permissions to be propagated to the service account in Cloud Storage. If you encounter a permissions error after updatingthe IAM policy, then wait a few minutes and try again. After permissions are granted, you can import the data. We recommend that you leave optional parameters empty and use the system defaults. The file type can typically be determined by the file extension. For example, if the file is a SQL file, `.sql` or `.csv` for CSV file. The following is a sample SQL `importContext` for MySQL. ``` { "uri": "gs://sample-gcs-bucket/sample-file.sql", "kind": "sql#importContext", "fileType": "SQL" } ``` There is no `database` parameter present for MySQL since the database name is expected to be present in the SQL file. Specify only one URI. No other fields are required outside of `importContext`. For PostgreSQL, the `database` field is required. The following is a sample PostgreSQL `importContext` with the `database` field specified. ``` { "uri": "gs://sample-gcs-bucket/sample-file.sql", "kind": "sql#importContext", "fileType": "SQL", "database": "sample-db" } ``` The `import_data` tool returns a long-running operation. Use the `get_operation` tool to poll its status until the operation completes.

  Connector