"How to connect through SSL" matching MCP tools:

• pentest_encode

  pentest-mcp-server

  Transform a payload string through one or more encoding layers for bypass research during authorized testing. Accepts a chain of encodings applied in order (e.g., ["unicode", "url", "base64"] applies Unicode → URL-encode → base64). Returns the transformed payload with a step-by-step decoding explanation: how a WAF or server would decode each layer, and why the combined encoding might bypass a specific filter. Use to understand filter bypass mechanics in an authorized engagement and to confirm that a target's decoding pipeline matches an expected bypass path. Payloads are transformed mathematically — no live probing occurs.

  Connector

• devops_check_certs

  devops-status-mcp-server

  Inspect SSL/TLS certificate health for one or more domains by performing a real TLS handshake. Works for any internet-accessible domain — no vendor registry required. Reports days to expiry (flagged at < 30 days warning and < 7 days critical), certificate subject and SANs, issuer, chain depth, TLS protocol version negotiated (flags TLS 1.0/1.1 as insecure), cipher suite, and HSTS presence.

  Connector

• credawait

  InsideOut (Riley)

  Wait for the user to securely connect their cloud account and subscribe to Luther Systems. Polls until credentials appear on the session. 🎯 USE THIS TOOL WHEN: tfdeploy returns an 'auth_required', 'no_credentials', or 'credentials_expired' error. The user needs to visit the connect URL to: 1. Connect their cloud credentials (AWS or GCP) 2. Sign up and subscribe to a Luther Systems plan (required for deployment) This secure connection allows InsideOut to deploy and manage infrastructure in the user's cloud account on their behalf. Credentials are handled securely and only used for deployment and management sessions. WORKFLOW: 1. FIRST: Present the connect URL and explanation to the user (from the tfdeploy error response) 2. THEN: Call this tool to begin polling for credentials 3. The user opens the URL in their browser to subscribe and add credentials 4. When credentials are found, inform the user and call tfdeploy to deploy IMPORTANT: Do NOT call this tool without first showing the connect URL to the user. The user needs to see the URL to complete the process. REQUIRES: session_id from convoopen response (format: sess_v2_...). OPTIONAL: cloud ('aws' or 'gcp'), timeout (integer, seconds to wait, default 300, max 600).

  Connector

• lyra_connect_calendar

  lyra-mcp-server

  Returns a URL the user should open in their browser to connect a calendar. Google Calendar is supported today; Microsoft and Apple are planned. The user must be signed in to checklyra.com first. Once they grant consent, Lyra stores an encrypted refresh token and the connection becomes available to other Convene tools. Requires API key authentication for the calling agent (so we know which user is asking).

  Connector

• connect_onboard

  bookstore4agents

  Start (or resume) Stripe Connect onboarding so this account can RECEIVE author royalties. Returns a one-time onboarding_url the human author must open in a browser to complete KYC. Required before a book can be published: an author with no payouts-enabled Connect account can save drafts but their books stay in draft until onboarding finishes. Payouts stay disabled until Stripe verifies the details — poll connect_status afterward.

  Connector

• request_payout

  bookstore4agents

  Immediately withdraw this account's FULL pending royalty balance via Stripe Connect, bypassing the monthly batch and its minimum threshold. This MOVES MONEY and the recipient bears the transfer fee. This is a TERMINAL ACTION: only call it when the author has EXPLICITLY asked to withdraw / cash out now. Do NOT call it just to check the balance — use payout_balance for that. Fails if Connect onboarding isn't complete or there's no pending balance.

  Connector

• credawait

  InsideOut (Riley)

  Wait for the user to securely connect their cloud account and subscribe to Luther Systems. Polls until credentials appear on the session. 🎯 USE THIS TOOL WHEN: tfdeploy returns an 'auth_required', 'no_credentials', or 'credentials_expired' error. The user needs to visit the connect URL to: 1. Connect their cloud credentials (AWS or GCP) 2. Sign up and subscribe to a Luther Systems plan (required for deployment) This secure connection allows InsideOut to deploy and manage infrastructure in the user's cloud account on their behalf. Credentials are handled securely and only used for deployment and management sessions. WORKFLOW: 1. FIRST: Present the connect URL and explanation to the user (from the tfdeploy error response) 2. THEN: Call this tool to begin polling for credentials 3. The user opens the URL in their browser to subscribe and add credentials 4. When credentials are found, inform the user and call tfdeploy to deploy IMPORTANT: Do NOT call this tool without first showing the connect URL to the user. The user needs to see the URL to complete the process. REQUIRES: session_id from convoopen response (format: sess_v2_...). OPTIONAL: cloud ('aws' or 'gcp'), timeout (integer, seconds to wait, default 300, max 600).

  Connector

• usaspending_get_federal_account

  usaspending-mcp-server

  Fetch a federal account's budget data: total obligations, gross outlays, and budgetary resources. Federal accounts connect appropriations law to actual agency spending. Account codes appear in usaspending_get_award account_obligations_by_defc field and are formatted as AGENCY-MAIN (e.g., 097-0100 for DoD Operation and Maintenance). Returns account metadata and current fiscal year financial totals.

  Connector

• connect_status

  bookstore4agents

  Check this account's Stripe Connect onboarding / payout-eligibility state. Returns whether payouts are enabled, whether details have been submitted, and any outstanding requirements. Use this to tell the author whether they can publish and receive money yet.

  Connector

• domain_report

  ContrastAPI

  Query DNS, WHOIS, SSL, subdomains, and threat intel for a domain in one call. By default dns.txt is filtered to security-relevant entries (SPF, DMARC, DKIM, MTA-STS, TLS-RPT) and dns.total_txt_records reports the honest pre-filter count; pass include_all_txt=true for the raw TXT list. Use as a starting point for domain investigations; use audit_domain for live headers + tech stack. Response carries next_calls — chain with subdomain_enum (always emitted), ssl_check + tech_fingerprint (when an A record resolves) for the standard recon depth without re-prompting. Free: 30/hr, Pro: 500/hr. Returns domain report with DNS records, WHOIS data, SSL cert, risk score, email config, threat status, recommendation, and next_calls.

  Connector

• get_whatsapp_connection_status

  FavCRM

  Check whether WhatsApp Business is connected for this company, including WABA/phone metadata and the latest agentic connect session state.

  Connector

• remove-domain

  mcp

  Remove a custom domain from a sota.io project. This removes the domain mapping and its SSL certificate. The DNS records at your registrar are NOT automatically removed — clean those up manually. This action is immediate and irreversible.

  Connector

• ateam_get_workflows

  ateam-mcp

  Get the builder workflows — step-by-step state machines for building skills and solutions. Use this to guide users through the entire build process conversationally. Returns phases, what to ask, what to build, exit criteria, and tips for each stage.

  Connector

• link_domain

  BorealHost

  Link a domain to a hosted site. Attaches the domain to the specified site and triggers automatic DNS configuration and SSL provisioning. Requires: API key with write scope. Args: domain_name: Full domain name (e.g. "example.com") site_slug: Site identifier to link the domain to Returns: {"success": true, "domain": "example.com", "linked_site": "my-site", "message": "Domain linked"} Errors: NOT_FOUND: Domain or site not found VALIDATION_ERROR: Domain already linked to another site

  Connector

• extract_to_markdown

  Frenchie

  Extract structured documents (.docx, .xlsx, .csv, .tsv, .pptx) into Markdown through Frenchie. stdio mode auto-saves the result to .frenchie/<name>/result.md; HTTP mode returns inline Markdown.

  Connector

• quote_relations

  Quotewise

  Get relations for a quote, grouped by type and direction. Returns translations, variants, and other related quotes with provenance info. Use to explore how quotes connect to each other (translations, variants, attributions). Examples: - `quote_relations("abc123")` - all relations for a quote - `quote_relations("abc123", relation_type="intra_translation")` - only translations - `quote_relations("abc123", direction="outgoing")` - only outgoing relations

  Connector

• check_business

  is-real-biz

  Verify whether a domain belongs to a real business. Returns a verdict (real/likely_real/uncertain/likely_fake/fake), a 0-100 score, confidence, and underlying signals (WHOIS age, SSL, homepage LLM judgment, contact info, social presence). Costs 5 cents per fresh call; cached results are free for 24h.

  Connector

• annotation_earnings

  bookstore4agents

  Break down this account's annotation-pool earnings per annotation: which annotations earned how much, how much is already paid vs still pending, and the annotation's current score. If connect_required is true, you have pending earnings but must finish Stripe Connect onboarding (connect_onboard) before they can be paid out.

  Connector

• cloudflare_set_proxy

  BorealHost

  Enable or disable Cloudflare CDN proxy for a site. When enabled (orange cloud): traffic goes through Cloudflare's CDN, gets caching, DDoS protection, and SSL termination at the edge. When disabled (grey cloud): traffic goes directly to origin server. Requires: API key with write scope. Args: slug: Site identifier proxied: true to enable CDN proxy, false to disable Returns: {"domain": "my-site.borealhost.ai", "proxied": true, "ip": "1.2.3.4"}

  Connector

• get-domain

  mcp

  Get details of a custom domain including its current status and DNS setup instructions. Domain statuses: pending (DNS not yet configured), verified (DNS confirmed, SSL provisioning), active (live with HTTPS). If status is 'pending', configure the DNS record as shown in the instructions.

  Connector