Skip to main content
Glama
127,309 tools. Last updated 2026-05-05 14:39

"MCP server for analyzing CVEs (Common Vulnerabilities and Exposures)" matching MCP tools:

  • strale_ping

    Strale - 290+ API capabilities for AI agents

    Checks that the Strale API is reachable and the MCP server is running. Call this before a series of capability executions to verify connectivity, or when troubleshooting connection issues. Returns server status, version, tool count, capability count, solution count, and a timestamp. No API key required.
    Connector

  • cwe_lookup

    ContrastAPI

    Look up MITRE CWE (Common Weakness Enumeration) catalog record from research view 1000. Default response is SLIM (first 3 mitigations, first 3 examples, no extended_description) — pass include='full' for the verbose record. Returns description, abstract type (Pillar/Class/Base/Variant/Compound), status (Stable/Draft/Incomplete/Deprecated), exploit likelihood, recommended mitigations, observed example CVEs, parent_cwe (walk up the hierarchy), child_cwes (drill down to more specific weaknesses), and cve_count (LOWER BOUND — counts only CVEs whose primary CWE matches; CVEs with multiple CWEs may not be counted). Use after cve_lookup or kev_detail to understand the underlying weakness category; chain with cve_search(cwe_id=...) to enumerate all matching CVEs. Returns 404 when the CWE is not in research view 1000. Free: 100/hr, Pro: 1000/hr. Returns {cwe_id, name, description, abstract_type, status, likelihood, mitigations (first 3 by default), total_mitigations, examples (first 3 by default), total_examples, parent_cwe, child_cwes, cve_count, updated_at, verdict, next_calls; +extended_description on include='full'}.
    Connector

  • tronsave_get_internal_account

    TronSave MCP Server

    Retrieve the Tronsave internal account profile for the current logged-in session (wallet/represent address, balances, deposit address). Requires a logged-in MCP session created by the `tronsave_login` tool: include `mcp-session-id: <sessionId>` returned by `tronsave_login` on subsequent MCP requests. Internal tools never accept API keys via tool arguments; the server forwards the API key cached in session to TronSave internal REST endpoints. Use when the user needs their linked address or balance. Read-only; does not submit orders or change chain state.
    Connector

  • kev_detail

    ContrastAPI

    Look up CISA KEV (Known Exploited Vulnerabilities) full record for a CVE. Returns federal patch deadline (due_date), CISA-specified required_action remediation, known ransomware association, vendor/product, the CISA-given common name (e.g. 'Log4Shell'), and CISA-reported CWE list. Returns 404 when the CVE is not in the KEV catalog — use cve_lookup for non-KEV CVEs. Best follow-up after cve_lookup or cve_search(kev=true) when an in_kev=true CVE is identified; chain with cwe_lookup on each returned CWE to investigate the weakness category. Free: 100/hr, Pro: 1000/hr. Returns {cve_id, vendor_project, product, vulnerability_name, date_added, due_date, required_action, known_ransomware_use, notes, cwes, verdict, next_calls}.
    Connector

  • switch_dannet_server

    dannet

    Switch between local and remote DanNet servers on the fly. This tool allows you to change the DanNet server endpoint during runtime without restarting the MCP server. Useful for switching between development (local) and production (remote) servers. Args: server: Server to switch to. Options: - "local": Use localhost:3456 (development server) - "remote": Use wordnet.dk (production server) - Custom URL: Any valid URL starting with http:// or https:// Returns: Dict with status information: - status: "success" or "error" - message: Description of the operation - previous_url: The URL that was previously active - current_url: The URL that is now active Example: # Switch to local development server result = switch_dannet_server("local") # Switch to production server result = switch_dannet_server("remote") # Switch to custom server result = switch_dannet_server("https://my-custom-dannet.example.com")
    Connector

  • search_mcp_servers

    Swarm Tips — Aggregated AI Agent Activities

    [READ] Search the Layer 3 curated directory of MCP servers and agent-work tools. The directory has 30 entries across three vetting tiers — `first-party` (operated by the swarm.tips DAO), `vetted` (third-party, we've used + verified), `discovered` (cataloged from public sources, not yet exercised). Filter by `query` (substring vs name/description/tags), `category` (substring), and `tier`. Results sort first-party → vetted → discovered. The same directory powers swarm.tips/discover; this tool exposes it programmatically. Use this when an agent needs to find an MCP server for a capability (DeFi, search, browser automation, etc.) instead of an opportunity (which `discover_opportunities` covers).
    Connector

Matching MCP Servers

Matching MCP Connectors

  • scan_skill

    SecurityScan

    Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")
    Connector

  • audit_stack

    Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

    Audit a technology stack for exploitable vulnerabilities. Accepts a comma-separated list of technologies (max 5) and searches for critical/ high severity CVEs with public exploits for each one, sorted by EPSS exploitation probability. Use this when a user describes their infrastructure and wants to know what to patch first. Example: technologies='nginx, postgresql, node.js' returns a risk-sorted list of exploitable CVEs grouped by technology. Rate-limit cost: each technology requires up to 2 API calls; 5 technologies counts as up to 10 calls toward your rate limit.
    Connector

  • tronsave_get_deposit_address

    TronSave MCP Server

    Fetches the specific deposit address for the TronSave internal account. Requires a logged-in MCP session created by the `tronsave_login` tool: include `mcp-session-id: <sessionId>` returned by `tronsave_login` on subsequent MCP requests. Internal tools never accept API keys via tool arguments; the server forwards the API key cached in session to TronSave internal REST endpoints. Trigger this tool if the user asks for a deposit address or needs to top up their TronSave TRX balance. Constraints: 1) TRX only; 2) Minimum deposit amount is 10 TRX; 3) Read-only operation.
    Connector

  • lz_list_chains

    Tenzro LayerZero V2 MCP

    List all 16 chains supported by this LayerZero MCP server with their Endpoint IDs (EIDs). Includes Ethereum, Arbitrum, Optimism, Polygon, BSC, Avalanche, Base, Solana, zkSync, Sei, Sonic, Berachain, Story, Monad, MegaETH, and Tron. EIDs are used in EndpointV2.quote() and EndpointV2.send() to identify destination chains.
    Connector

  • tronsave_internal_create_extend_request

    Tronsave MCP Testnet

    Submit an extension request for existing delegated resources on TronSave via authenticated REST `POST /v2/extend-request`. Requires a logged-in MCP session created by the `tronsave_login` tool: include `mcp-session-id: <sessionId>` returned by `tronsave_login` on subsequent MCP requests. Internal tools never accept API keys via tool arguments; the server forwards the API key cached in session to TronSave internal REST endpoints. Side effect: creates an extension order and may commit TRX from the internal account. `extendData` must follow the REST contract (see schema on each row). Populate it from TronSave outside this MCP—for example the authenticated `POST /v2/get-extendable-delegates` response field `extendData`, or another TronSave client. Do not copy rows blindly from `tronsave_list_extendable_delegates` (GraphQL); that payload shape differs and is for market discovery only.
    Connector

  • vf_health

    VoiceFlip

    Returns VoiceFlip MCP server health and version metadata. No authentication required. Use this first to verify the server is reachable from your MCP client.
    Connector

  • analyze_company

    Nordic Financial MCP

    AI-powered company analysis using semantic search over Nordic financial data. Orchestrates multiple searches internally and returns a synthesized narrative answer with source citations. Covers annual reports, quarterly reports, press releases and macroeconomic context for Nordic listed companies. Use this when you want a synthesized answer rather than raw search chunks. For raw data access, use search_filings or company_research instead. For a full due diligence report with AI-planned sections, use the Alfred MCP server: alfred.aidatanorge.no/mcp Args: company: Company name or ticker question: What you want to know about the company model: 'haiku' (default) or 'sonnet'
    Connector

  • tronsave_login

    Tronsave MCP Testnet

    Create an authenticated server session and return a `sessionId` for subsequent tool calls. Default mode is wallet signature login for platform tools; secondary mode is `apiKey` login for internal tools. For wallet login, ALWAYS call `tronsave_get_sign_message` first, sign that exact message client-side, then call `tronsave_login` with `signature_timestamp` in exact format `<signature>_<timestamp>` (signature and timestamp joined by `_`). Use returned `sessionId` as `mcp-session-id` on every subsequent request.
    Connector

  • list_starter_prompts

    Vocab Voyage

    Lists Vocab Voyage's MCP starter prompts (also exposed via the standard MCP prompts/list endpoint). Useful for hosts that don't yet support prompts/list.
    Connector

  • ping

    nara-tour

    Connectivity check — returns server version and current timestamp. Use to verify MCP server is reachable before calling other tools.
    Connector

  • tronsave_get_user_info

    Tronsave MCP Testnet

    Get the current authenticated user's profile and account settings. Requires a valid signature session from `tronsave_login` and `mcp-session-id` in request headers. Wallet signing always happens client-side; never send private keys to the server.
    Connector

  • status

    Quotewise

    Check server connectivity, authentication status, and database size. When to use: First tool call to verify MCP connection and auth state before collection operations. Examples: - `status()` - check if server is operational, see quote_count, and current auth state
    Connector

  • tronsave_get_deposit_address

    Tronsave MCP Testnet

    Fetches the specific deposit address for the TronSave internal account. Requires a logged-in MCP session created by the `tronsave_login` tool: include `mcp-session-id: <sessionId>` returned by `tronsave_login` on subsequent MCP requests. Internal tools never accept API keys via tool arguments; the server forwards the API key cached in session to TronSave internal REST endpoints. Trigger this tool if the user asks for a deposit address or needs to top up their TronSave TRX balance. Constraints: 1) TRX only; 2) Minimum deposit amount is 10 TRX; 3) Read-only operation.
    Connector