"Marking Linux terminal commands as safe or unsafe for local execution" matching MCP tools:

• wsdot_get_ferry_schedule

  wsdot-mcp-server

  Returns departure times for a specific WSF ferry route on a given date. Requires numeric terminal IDs — use wsdot_get_ferry_terminals to resolve terminal names to IDs. Set remainingOnly to true to show only future departures for today (useful for "next ferry" queries). For future dates, all sailings for that day are returned.

  Connector

• perspective_await_job

  Perspective AI

  Long-polls a perspective-design job (started by perspective_create, perspective_respond, or perspective_update) and returns either its terminal result or another "pending" envelope to keep polling. Behavior: - Read-only — observes a running design job. Safe to call repeatedly. - Errors with "Unknown job_id" if no such job exists, or "job_id does not belong to a perspective design workflow" if the id is for a different kind of job. Workspace and perspective access are re-checked on every call. - Each call blocks up to wait_ms (default 30s, min 1s, max 45s). On timeout, returns status "pending" with a progress_cursor — pass it back on the next call to skip already-seen progress events. - Terminal status is "ready" (outline generated; share_url/direct_url/preview_url populated) or "needs_input" (follow_up_question populated). Failures surface as "Design job failed: ..." with the underlying message. When to use this tool: - Immediately after perspective_create / perspective_respond / perspective_update returns a job_id. - Re-polling after a previous call returned status "pending" (pass the returned progress_cursor back). When NOT to use this tool: - You don't have a job_id yet — call perspective_create / perspective_respond / perspective_update first. - Inspecting a finished perspective's config — use perspective_get.

  Connector

• compute_dcf

  Valuein — SEC EDGAR Fundamentals & Smart-Money Data

  Forward discounted-cash-flow valuation (two-stage Gordon-growth model): caller provides growth + WACC + terminal assumptions, returns per-share intrinsic value (`value_per_share_cents`, cents USD) + 5×5 sensitivity grid. Pulls FCF base + net debt + shares from R2; caller can override any field. Definitions (consistent with `get_financial_ratios` / `get_capital_allocation_profile`): FCF base = operating_cash_flow − capex (absolute USD); net_debt = total_debt − (cash + short-term investments). Shares resolve via a fallback chain (valuation row → fact CommonSharesOutstanding → net_income/eps_diluted), reported as `result.shares_source`. The pulled inputs are echoed in `result.inputs_echo` with their source lineage so the valuation is reproducible and traceable. A null `value_per_share_cents` means the model is degenerate (e.g. WACC ≤ terminal growth, or FCF base ≤ 0) or a required input was unavailable — it is NOT a zero valuation; the `reason` field explains. Use the returned figures exactly. Use this when you want to drive the assumptions yourself; for the pipeline's pre-computed DCF/DDM value and inputs (no assumptions needed) use `get_valuation_metrics` instead. Does NOT persist a report — use `create_report` (report_type:'reverse_dcf') for that. Tier: sp500+.

  Connector

• deltasignal_thesis_readiness

  DeltaSignal ATLAS-7

  Use this read-only tool before paid ATLAS evidence evaluation to determine whether a user-written issuer thesis is monitorable. It scores issuer specificity, thesis clarity, evidence alignment, watch-condition quality, falsifiability, weakening criteria, materiality, provenance requirements, non-execution boundary, and monitoring readiness. Parameters: ticker and thesis_text are required; watch_conditions, evidence_surfaces, cadence, lookback_days, output_mode, and provenance_required are optional. Behavior: read-only and idempotent; it performs deterministic local validation only, has no destructive side effects, does not call DeltaSignal evidence routes, does not execute wallets or x402 settlement, and never returns buy, sell, hold, target-price, allocation, or order instructions. Use it as the free or low-cost thesis-structuring layer; use paid thesis baseline or evaluation only after readiness is monitor_ready or needs_cleanup.

  Connector

• prepare_upload

  mcp

  Returns the LOCAL shell commands to package your working directory and upload it for an upload-mode deploy (no git, no PAT). Run them in the user's terminal, capture `source_token` from the upload's JSON response, then call deploy_app with that source_token (omit repo). Needs a redu API key in $REDU_API_KEY (create one at console.redu.cloud/category/user/api-keys). Excludes node_modules/.git/.venv/build output and .env by default; honors .gitignore when is_git_repo=true.

  Connector

• remote_screenshot

  mcp

  Capture a screenshot of a remote desktop machine and return it as an image. The machine can be named by an AIC- session code (e.g. AIC-XYZ-1234) OR — when authenticated with an API key — by a saved machine alias or hostname the user calls it by (e.g. 'wearfits-m3'); pass that name as `code`. macOS/Windows desktop app only. Screen sharing is OFF by default and must be turned on by the machine's owner in the AI Commander tray ('Share Screen'); the grant lasts 24 hours and then auto-disables. If it is off or the machine is a headless Linux server, this tool returns a text message explaining that — check session_status first to avoid an unnecessary call.

  Connector

• search

  Melvea Local Honey Discovery

  Search the Melvea local honey directory by free-text query and return matching producers as a list of results (id, title, url). Designed for ChatGPT Deep Research and Company Knowledge. Use for any local-honey discovery query that names or implies a place; the tool parses place and varietal from the query. Returns an honest empty list when nothing matches — never fabricate. Pair with fetch to retrieve full producer detail.

  Connector

• lyra_cancel_gathering

  lyra-mcp-server

  Mark a gathering as cancelled. Works from any non-terminal state (draft, awaiting_responses, live, rescheduled). Records the cancellation reason in the audit log if provided. Already-issued invites stay in the database (audit trail) but the RSVP page will show the gathering as cancelled. Requires API key authentication.

  Connector

• scan_skill

  SecurityScan

  Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")

  Connector

• shippingrates_local_charges

  FreightGate MCP Server

  Get local charges at a port for a specific carrier — Terminal Handling Charges (THC), documentation fees (BL/DO), seal fees, and other port-specific charges. Use this when calculating total shipping costs at origin or destination. Combine with shippingrates_dd_calculate for a complete port cost picture, or use shippingrates_total_cost for an all-in-one landed cost estimate. PAID: $0.05/call via x402 (USDC on Base or Solana). Without payment, returns 402 with payment instructions. Returns: Array of { charge_type, charge_name, amount, currency, container_type, direction } for all applicable charges at the port.

  Connector

• product_load_context

  website-search

  Load Lenny Zeltser's product strategy context for local analysis. Returns expert strategic frameworks, principles, and guidance for evaluating or creating security product plans. Includes rating-sheet items (the lens taxonomy: structure, words, tone) as concrete reference points for grounded feedback on the plan's writing. This server never requests your plans and instructs your AI to keep them local. Use detail_level to control response size: "minimal" (~2k tokens), "standard" (~5k tokens), "compact" (~3-4k tokens, all sections but stripped), or "comprehensive" (~12k tokens). Use market_segment: "smb" for SMB-specific guidance. Use product_focus: "endpoint" for endpoint security viability assessment. Set include_template: true to include the fill-in-the-blank template in the response.

  Connector

• lexq_facts_action_metadata

  LexQ

  Retrieve runtime fact requirements per Action type. For each Action, shows which input facts must be present in the execution payload (e.g. MUTATE_FACT requires its refVar fact; INCREMENT_FACT always requires targetVar, plus refVar when method is PERCENTAGE). A required fact absent at runtime throws — the engine never defaults to 0. Facts are supplied as input or written by a prior action in the same rule; Actions never create a fact from nothing. Static data, safe to cache in-session.

  Connector

• workspace_list

  DialogBrain

  List every workspace the caller is a member of, with `is_current` marking the workspace this MCP key is currently routed to. Pair with `workspace.switch` to change the active workspace without reconnecting.

  Connector

• woet_classifier

  cpp-cpm-engine

  Worked-vs-On-time Execution Timeline (WOET) per-activity day-by-day classification of as-built execution against baseline. For each pairable activity (matched by ``task_code``), classifies execution into 4 day-states: - PROGRESS: work performed during the baseline-planned window - GAIN: work performed BEFORE the baseline window opened - EXTENDED: work performed AFTER the baseline window closed - VOID: baseline-window day where activity was NOT active This is a CPP-disclosed enhancement layered on top of AACE 29R-03 §3.3 Windows Analysis — a per-day execution classifier (Progress/Gain/Extended/Void) NOT itself AACE-defined. It is not a substitute for fragnet-based AACE 29R-03 §3.7 (TIA) modeling. It gives the trier-of-fact a calendar picture of how the project executed versus how it was supposed to execute, which is otherwise buried in finish-date deltas. Use this tool when you want a per-activity execution-quality picture (on-time %, count of activities with VOID days, etc.). Args: baseline_xer_path: server-side path to baseline XER (target dates). actual_xer_path: server-side path to as-built XER (act dates). baseline_xer_content: full text of baseline XER (alternative). actual_xer_content: full text of as-built XER (alternative). Supply EXACTLY ONE of path/content per pair. today: optional ISO date (YYYY-MM-DD) reference for in-progress activities. Defaults to actual XER's last_recalc_date if available, else today's date. Returns: { "method": "WOET", "standard": "AACE 29R-03 §3.3 Windows Analysis — per-day execution classification overlay (CPP-disclosed enhancement, not AACE-defined)", "today": "YYYY-MM-DD", "project_totals": {progress, gain, extended, void}, "per_activity": [{code, name, baseline_start, ...}, ...], "on_time_pct": float (0-100) }

  Connector

• workspace_list

  dialogbrain

  List every workspace the caller is a member of, with `is_current` marking the workspace this MCP key is currently routed to. Pair with `workspace.switch` to change the active workspace without reconnecting.

  Connector

• chieflab_boot

  ChiefLab

  Alias of chieflab_status. Use as the FIRST tool when an agent session starts on a workspace that already has activity — recovers all open business loops with literal user commands. Same response shape as chieflab_status, same handler. If the user asked to launch the current repo and a recovered open loop looks unrelated, do not blindly resume it; start a fresh launch for the current repo.

  Connector

• convert_content

  Botverse

  Convert a document inline — pass the content directly as a string (or base64 for binary inputs like .docx). PREFERRED route for documents, and the one to use in sandboxed agent environments (claude.ai, Claude Desktop, Cursor): it runs entirely server-side, so it never needs the S3 upload those sandboxes block. Limit: up to 4 MB of content — already huge (a 500-page book is ~1 MB of text). For anything larger, use convert_from_url with a public URL. Supported inputs: md, html, rst, txt (plain text), docx (base64). Supported outputs: docx (Word), pdf, html, txt, md, rst, xlsx. Returns a job_id — poll get_job_status until 'complete', then get_output_content (inline bytes, sandbox-safe) or get_download_url (S3 link). Flat fee $0.05 per file. TIP: if you have shell access and are NOT sandboxed (e.g. a local coding agent), the `botverse` CLI (`npx botverse convert <file> --to <fmt>`) is faster for local files — it streams from disk instead of re-emitting the content through the model.

  Connector

• abort_run

  mcp-coreclaw

  Abort an in-progress CoreClaw scraper run. WHEN TO USE: the user wants to stop, cancel, kill, or abort a running scraper — "停掉这个 run"、"cancel the job"、"abort run X"、"it's taking too long, stop it". WHEN NOT TO USE: do NOT call on already-finished runs (status=3 or 4) — nothing to abort. Do NOT use to pause (CoreClaw has no pause/resume — abort is terminal). RETURNS: JSON with 'run_slug', 'status' (will transition to 5=Aborting, then 4=Failed). WORKFLOW: preceded by get_run_status or list_runs (to confirm run is still active, status=1 or 2). Terminal call.

  Connector

• export_run_results

  mcp-coreclaw

  Export a CoreClaw scraper run's full result set as a downloadable CSV or JSON file. WHEN TO USE: the user wants to download, export, save, or get a file of run results — "导出成 CSV"、"download all results"、"give me a file"、"export as JSON". Preferred over get_run_results when dataset is large (>100 records) or user explicitly asks for a file. WHEN NOT TO USE: do NOT use for in-chat data preview (use get_run_results). Do NOT use for logs (use get_run_logs). The returned URL expires in ~30 minutes — do NOT cache it long-term. RETURNS: JSON with 'download_url' (temporary, valid ~30 min), 'format', 'record_count'. WORKFLOW: preceded by get_run_status (status=3). Terminal call — user typically downloads the file directly.

  Connector

• lorg_help

  lorg-mcp-server

  List every available Lorg tool with a plain-English description. Call this when the user says /help, /options, "what can you do", or "show me available commands".

  Connector