"Pivotal Tracker" matching MCP tools:

• list_domains

  TunnelMind Data API

  Returns a paginated list of domains from the tracker database. Results are ordered alphabetically by domain name and support cursor-based pagination for full traversal. Filtering by category and minimum score allows targeted data extraction. Use this tool when: - You want to enumerate all known ad-tech or analytics domains above a risk threshold. - You need a dataset of tracker domains for offline analysis. - You are paginating through a category to build a block list. Do NOT use this tool when: - You need data for a specific domain — use `get_domain` instead. - You are searching by keyword — use `search` instead. - You want domains belonging to a specific company — use `get_entity` instead. Inputs: - `category` (query, optional): Filter by surveillance category. One of: `ad_tech`, `analytics`, `social`, `fingerprinting`, `content`, `cdn`, `other`. - `min_score` (query, optional): Integer 0-100. Exclude domains scoring below this value. - `limit` (query, optional): Number of results per page. Max 100 (paid), 20 (free). Default 50. - `cursor` (query, optional): Pagination cursor from the previous response's `next_cursor` field. Returns: - Array of domain list items (domain, category, score, prevalence, entity summary). - `meta.has_more`: true if more pages exist. - `meta.next_cursor`: pass as `cursor` to get the next page. - `meta.count`: number of results in this page. Cost: - Free tier: up to 20 results/page, 50 req/day. Pro/enterprise: up to 100 results/page. Latency: - Typical: <200ms, p99: <500ms.

  Connector

• generate_receipt

  TunnelMind Data API

  Looks up each submitted domain in the TunnelMind tracker database, aggregates risk metrics (avg score, max score, fingerprinters, high-risk domains, entity ownership), and issues a signed surveillance receipt. The receipt is stored in the public registry and can be verified at `/verify/{receipt_id}`. Use this tool when: - You want a verifiable record of which trackers were observed in a context (page, app, session). - You need a signed evidence artifact for a privacy audit or compliance report. - You want to know the overall surveillance exposure level for a set of domains. - You are generating a receipt to share with a user as evidence of tracker presence. Do NOT use this tool when: - You want full tracker details per domain — use `get_domain` instead. - You want to look up an existing receipt — use `get_receipt` instead. - You need live probes (HTTP headers, stack detection) — use `/v1/intel/*` instead. Inputs: - `domains` (body, required): Array of 1–50 fully qualified domain names. Duplicates are deduplicated. URLs are stripped to host component. - `domain` (body, alternative): Single domain string (shorthand for `domains: [domain]`). Returns: - `receipt_id`: Unique receipt ID (e.g. `rcpt_01JXYZ...`). - `receipt`: Full receipt document including domains submitted, tracker findings, high-risk domains, fingerprinters, unique entities, and exposure metrics. - `content_hash`: SHA-256 of the canonical receipt JSON. - `signature`: Base64 Ed25519 signature (empty string if signing key not configured). - `signed`: Boolean — true if the receipt is cryptographically signed. - `verify_url`: Path to retrieve this receipt from the public registry. Exposure levels: `minimal` / `moderate` / `high` / `critical` Based on average tracker score and proportion of high-risk domains (score ≥ 70). Cost: - Counts as one request against the daily limit regardless of domain count. Latency: - Typical: <100ms (pure D1 lookup, no outbound probing). p99: <300ms.

  Connector

• get_entity

  TunnelMind Data API

  Returns an entity record for a surveillance company or data broker, including its industry, estimated annual data value per user (in USD), categories of personal data collected, and the full list of domains it controls. Free tier returns 5 domains, paid returns up to 200. Use this tool when: - You want to understand what corporate entity owns or controls a tracker domain. - You need to assess the total surveillance footprint of a company (e.g., Alphabet, Meta, Oracle). - You are building a corporate surveillance graph and need domain-to-entity mapping. Do NOT use this tool when: - You have a domain and need its category — use `get_domain` instead. - You want to browse entities by industry — use `list_entities` instead. - You are searching for an entity by name — use `search` instead. Inputs: - `slug` (path, required): URL-safe entity identifier (lowercase, hyphens). Examples: `alphabet`, `meta`, `oracle-data-cloud`, `the-trade-desk`. Returns: - Full `EntityRecord` with data categories, estimated data cost, and associated domains. - `domains`: array of top-scoring domains (5 for free tier, 200 for paid). - Pro/enterprise additionally return `website` and `description` fields. Cost: - Free tier: included in 50 req/day limit. Pro/enterprise: included in plan. Latency: - Typical: <150ms, p99: <400ms.

  Connector

• health_check

  TunnelMind Data API

  Returns a minimal status object confirming the API is alive. Use this to verify connectivity before chaining other calls, or as a liveness check in a workflow. Use this tool when: - You need to verify the API is reachable before starting a multi-step investigation. - A prior call failed with a 503 or 504 and you want to confirm the service recovered. - You are debugging connectivity from a new environment. Do NOT use this tool when: - You want actual tracker data — use `get_domain` or `search` instead. - You want to check a specific domain — this returns nothing domain-specific. Inputs: - None. Returns: - `ok`: always true if the API is up. - `ts`: ISO 8601 timestamp of the server's current time. Cost: - Free. No API key required. Not rate-limited. Latency: - Typical: <50ms, p99: <200ms.

  Connector

• get_domain

  TunnelMind Data API

  Returns the complete surveillance intelligence record for a domain name. If the domain is in TunnelMind's tracker database (80,000+ entries), the response includes tracker category, risk score, fingerprinting data, cookie persistence, IAB TCF purposes, and the owning corporate entity. If the domain is not in the database, a live probe is automatically run: RDAP registration data, DNS records (MX, SPF, TXT verification tokens), HTTP headers, and CSP third-party actors are fetched fresh from the edge and returned. Use this tool when: - You need to know whether a specific domain tracks users, and how aggressively. - You are researching who owns a domain and what corporate entity controls it. - You want to check HTTP security headers and third-party services embedded in a site. - You are building a risk score for a domain before routing traffic through it. Do NOT use this tool when: - You want to search by keyword or category — use `search` instead. - You want all domains for an entity — use `get_entity` instead. Inputs: - `domain` (path, required): Domain name. Strip `www.` prefix — it is removed automatically. Subdomains are resolved to the parent: `ads.doubleclick.net` → `doubleclick.net`. Examples: `doubleclick.net`, `google-analytics.com`, `intercom.io`. Returns: - Full `DomainRecord`. Free tier returns the domain, category, score, prevalence, and entity name. Pro/enterprise additionally return `tcf_vendor_id`, `tcf_purposes`, `tcf_features`, and `disconnect_cats`. - If the domain is not in the tracker database, `live_lookup: true` is set and RDAP/DNS/HTTP probe results are returned instead of tracker fields. - 404 if the domain cannot be found via live probe either (unknown TLD, unreachable). Cost: - Free tier: included in 50 req/day limit. Pro/enterprise: included in plan. Latency: - Database hit: typical <100ms, p99 <300ms. - Live probe: typical 2-5s, p99 10s (external DNS/HTTP calls).

  Connector

• intel_agent

  TunnelMind Data API

  Probes a domain for known AI agent integration signals: `llms.txt`, `ai.txt`, `/.well-known/ai-plugin.json`, `openapi.json`, `swagger.json`, MCP manifest, MCP SSE endpoint. Returns a score based on the count of signals detected. Use this to assess whether a domain is ready for agent-to-agent interaction. Use this tool when: - You want to know whether a domain exposes an MCP server or OpenAPI spec for agents. - You are cataloguing the AI-agent-ready surface of a set of domains. - You need to decide whether to attempt programmatic API access to a domain. Do NOT use this tool when: - You need tracker/surveillance data about the domain — use `get_domain` instead. - You need the robots.txt AI crawler policy — use `intel_robots` instead. - You need HTTP security posture — use `intel_http` instead. Inputs: - `domain` (query, required): Domain to probe. Returns: - Boolean flags per signal (`llms_txt`, `ai_plugin`, `openapi`, `mcp_manifest`, `mcp_endpoint`, `mcp_sse`). - `agent_surface_score`: integer 0-8, count of signals detected. Cost: - Free. No API key required. Latency: - Typical: 2-5s (parallel probes), p99: 8s.

  Connector

• profile_entity

  TunnelMind Data API

  Call this before routing traffic, bidding on inventory, or trusting a counterparty. It fuses ALL THREE TunnelMind lenses for one subject — Scry (attacker intelligence + threat feeds + open ports), Sigil (ad-supply-chain position + trust score + ATAP witness count), and Tracker (DDG/IAB catalog + prevalence + categories) — into a single confidence-scored profile plus a signed P38 receipt. The `cross_lens.hits` field tells you if the same infrastructure appears in attack data AND supply-chain data — that's your highest-confidence signal, and the one no siloed competitor can give you. `cross_lens.flags` surfaces the actionable highlights (`cross_lens_overlap:scry+sigil`, `in_threat_intel:...`, `high_prevalence_tracker`, `corroborated_by_N_lenses`). Confidence weighting: each lens contributes a base score; a 1.5× multiplier applies when ≥2 lenses corroborate the same subject; and the Scry contribution is weighted by the attestation tier of the sensors that observed it (silicon_root 1.0 → self_asserted 0.5). Bounded [0,1] and carried into the receipt. Unlike `cross_lens_verify` (one node → one verdict) and `cross_lens_lookup` (one node → raw three-lens view), profile_entity takes the SUBJECT as any combination of ip / domain / entity and returns the richest fused detail for a pre-transaction decision. At least one of ip / domain / entity is required.

  Connector

• gpi_status_codes

  banking-intelligence

  Explain SWIFT GPI tracking status codes and provide stuck-payment investigation guidance. USE THIS TOOL FIRST whenever the user reports a payment that is stuck, delayed, not arriving, held, pending, rejected, or otherwise not behaving as expected. It is the primary diagnostic entrypoint for payment investigation — calling with a specific code returns a full investigation playbook (common delay causes, recommended actions, GPI SLA timeframes, escalation steps). Recommended calls by scenario: - Payment "stuck" / "in progress" / "pending" / "not arrived": gpi_status_codes("ACSP") → playbook for in-progress payments - Payment explicitly "on hold" / compliance review: gpi_status_codes("PDNG") → playbook for held payments - Payment "blocked" / sanctions flag: gpi_status_codes("BLCK") → playbook for blocked payments - Payment rejected by a bank in the chain (never credited): gpi_status_codes("RJCT") → rejection investigation playbook - Payment returned to sender (accepted then sent back): gpi_status_codes("RTRN") → return investigation playbook - Reference for ISO 20022 codes: gpi_status_codes() → list all codes Each code call returns: - Code description and meaning - For ACSP/PDNG/BLCK/RJCT/RTRN: investigation playbook with common causes, recommended actions (request gCCT tracker, request pacs.002/pacs.004 reason code, verify beneficiary details, escalate via MT199, etc.), and common ISO 20022 reason codes (AC01, AC04, AG01, RR01-RR04, etc.) when applicable - Child reason codes (e.g., G001-G004 for ACSP) that narrow the cause further Common codes: ACCC (success), ACSP (in progress), RJCT (rejected), PDNG (on hold), BLCK (blocked). GPI reason codes (G000-G004) qualify ACSP with more detail (e.g. G001 = cover payment sent, G002 = forwarded to next agent). Examples: gpi_status_codes("ACSP") # stuck-payment diagnostic playbook gpi_status_codes("G001") # detail on a specific reason code gpi_status_codes() # full reference list

  Connector

• sigil_verify_ads_txt

  TunnelMind Data API

  Confirms whether an SSP/exchange is authorized to sell a publisher's inventory according to that publisher's ads.txt. This is a cache lookup against ads.txt files crawled daily across the top 10,000 publisher domains — it does NOT fetch the publisher's ads.txt live, so it is fast and adds no latency to a real-time bidding decision. Use this tool when: - You are an ad-buying agent and want to confirm, pre-bid, that a supply path (publisher → exchange → seller_id) is legitimate. - You are detecting domain spoofing or unauthorized resale in a bid stream. - You want to check whether a seller is listed DIRECT or RESELLER. Do NOT use this tool when: - You want a full supply-path trust score — that endpoint is Sigil P31. - You want surveillance tracker data for the domain — use `get_domain`. Inputs: - `publisher_domain` (body, required): Publisher domain, e.g. `nytimes.com`. A `www.` prefix and scheme/path are stripped automatically. - `exchange_domain` (body, required): The exchange/SSP domain as it appears in ads.txt, e.g. `google.com`, `amazon-adsystem.com`. - `seller_id` (body, required): The publisher's seller/account ID at that exchange, e.g. `pub-4177862836555934`. Matched exactly. - `seller_type` (body, optional): `DIRECT` or `RESELLER`. When supplied it is checked against the ads.txt entry; a mismatch is reported as a warning. - `resolve_chain` (body, optional): When true, a matched RESELLER entry is cross-checked against the exchange's sellers.json (one authoritative hop). Returns: - `verified`: true (entry found), false (confidently not listed), or null (ads.txt could not be retrieved — indeterminate). - `confidence`: `high` | `degraded` | `low` | `unknown`. - `seller_entry`: the matched ads.txt line (line number, raw text, parsed fields) when `verified` is true; otherwise null. - `ads_txt_parse_status`, `ads_txt_last_parsed`, `stale`: provenance of the cached crawl this answer is derived from. - `reseller_chain`: empty unless `resolve_chain: true` and the matched entry is RESELLER — then it carries the sellers.json cross-check for the seller. - `warnings`: actionable flags, e.g. `publisher_not_in_corpus`, `publisher_has_no_ads_txt`, `seller_type_mismatch`, `ads_txt_cache_stale`. Cost: - Counts as one request against the daily rate limit. Latency: - Typical: <50ms (single cache lookup, no outbound fetch). p99: <120ms.

  Connector

• get_api_key

  TunnelMind Data API

  Returns the tier, label, masked owner email, creation date, last-used timestamp, today's request count, and daily request limit for the API key used in this request. Useful for agents that need to monitor their own quota consumption. Use this tool when: - You want to check how many requests your key has used today. - You need to know your current tier or daily limit. - You want to confirm that your API key is active. Do NOT use this tool when: - You want to manage multiple keys — this endpoint only reflects the calling key. - You need tracker data — use the tracker endpoints instead. Inputs: - No body or query parameters. Auth is from the `Authorization: Bearer` header. Returns: - `tier`: free, supporter, pro, or enterprise. - `requests_today`: integer count from KV (best-effort; resets at UTC midnight). - `limit_per_day`: null for enterprise (unlimited). - `last_used`: ISO 8601 timestamp, may be null if never used. Cost: - Free. Does not count against the daily request limit. Latency: - Typical: <150ms, p99: <400ms.

  Connector

• phishing_check

  ContrastAPI

  Query URLhaus for a specific URL and its host. is_malicious is True only when there is ACTIVE evidence — exact URL match with url_status='online' (or unknown) OR host has urls_online > 0. URLhaus retains historical records forever, so a host can have url_count > 0 with urls_online == 0; in that case is_malicious=False, is_stale=True, threat_level='low'. Use for URL-level threat assessment; use threat_intel for domain-level checks. Companion threat-investigation tools: ioc_lookup (multi-source IOC: ThreatFox + URLhaus + Feodo Tracker, auto-detect type), hash_lookup (file-hash malware family, MalwareBazaar), threat_intel (domain-level URLhaus only). Free: 30/hr, Pro: 500/hr. Returns {url, host, is_malicious, is_stale, urlhaus_host:{found,urls_online,url_count}, urlhaus_url:{found,threat,tags,status}, threat_level, summary}.

  Connector

• ioc_lookup

  ContrastAPI

  Enrich Indicator of Compromise (IP/domain/URL/hash) by auto-detecting type and querying abuse.ch feeds. Per-type source coverage: hash → ThreatFox only (Feodo and URLhaus do not index hashes); IP → ThreatFox + Feodo Tracker + URLhaus; domain / URL → ThreatFox + URLhaus. verdict.sources_queried lists what actually ran; verdict.sources_unavailable lists what failed (timeout / upstream error). Use as primary IOC triage tool when type unknown; use threat_intel for domain-only, hash_lookup for richer MalwareBazaar hash data. Free: 30/hr, Pro: 500/hr. Returns {indicator, type, threat_level, sources, summary, verdict}.

  Connector

• intel_inject

  TunnelMind Data API

  Fetches a domain's homepage and checks for content patterns that could constitute prompt injection attacks against AI agents that visit and ingest the page. Signals include hidden text, invisible divs, `<!-- AI: ignore -->` style comments, and known injection patterns. Use this tool when: - You are vetting a domain before feeding its content into an LLM context. - You want to assess the prompt injection risk of a URL before browsing it with an agent. - You are auditing a set of domains for adversarial AI content. Do NOT use this tool when: - You want tracker surveillance data — use `get_domain` instead. - You want AI training opt-out signals — use `intel_optout` instead. - You want the agent surface (MCP/OpenAPI) — use `intel_agent` instead. Inputs: - `domain` (query, required): Domain to scan. Returns: - `injection_signals`: list of signal types detected (e.g., `hidden_text`, `ai_instruction_comment`, `invisible_div`). - `risk_level`: `none`, `low`, `medium`, or `high` based on signal count and type. Cost: - Free. No API key required. Latency: - Typical: 2-4s (HTML fetch), p99: 7s.

  Connector

• tracker_add

  FoundRole — AI Job Search & Application Tracker MCP for Claude & ChatGPT

  Tracks a job from jobs_search results in the user's job tracker, identified by its job_id. For a job found elsewhere on the open web (with a URL but no jobs_search job_id), tracker_add_external is the right tool instead. Fields: - `job_id`: the job ID from jobs_search results (required) - `status`: initial status (saved, applied, interviewing, offered, archived); defaults to "saved" - `sub_status`: sub-status within the main status - `notes`: notes about the job Returns the tracked job with its details, or an error if it is already tracked. A job that was previously removed from the tracker is restored with its earlier status and notes.

  Connector

• job_alert_subscribe

  FoundRole — AI Job Search & Application Tracker MCP for Claude & ChatGPT

  Subscribes the authenticated user to job alerts for a specific saved job search. **Input:** - `job_search_id`: The job search identifier to subscribe to (required). Accepts either the job search UUID or the composite job ID returned by `jobs_search` / `jobs_details` (format: "seo_id--job_search_id"). - `frequency`: Alert frequency — one of daily, weekly, monthly (optional, defaults to "weekly") **Output:** Returns the created or updated job alert with id, status, and frequency. Idempotent: calling this tool for an already-subscribed search updates the existing alert without creating a duplicate.

  Connector

• intel_http

  TunnelMind Data API

  Makes a live HEAD request to the target domain from the Cloudflare edge, follows up to 5 redirects, and returns the full redirect chain, final HTTP status, key response headers, a security header score, and any third-party surveillance actors referenced in the Content-Security-Policy header. Use this tool when: - You want to verify whether a site enforces HTTPS and HSTS. - You need to inspect what third-party scripts a site loads via its CSP header. - You are assessing a domain's security posture before trusting it. - You want to detect surveillance actors embedded in a site's CSP. Do NOT use this tool when: - You need tracker database data (category, score, entity) — use `get_domain` instead. - You need the technology stack (CMS, framework) — use `intel_stack` instead. - You need robots.txt AI crawler policy — use `intel_robots` instead. Inputs: - `domain` (query, required): Domain to probe. Can include or omit `https://`. Examples: `nytimes.com`, `https://example.com`. Returns: - `reachable`: false if the domain did not respond within 6 seconds. - `redirect_chain`: each hop with URL, status code, and Location header. - `security_headers.score`: 0-100 based on presence of HSTS, CSP, X-Content-Type, X-Frame-Options, Referrer-Policy. - `security_headers.missing`: list of headers absent. - `csp_actors`: known surveillance actors detected in the CSP header. - `error`: set if the connection failed. Cost: - Free. No API key required. Latency: - Typical: 1-3s (outbound fetch), p99: 6s (timeout). Plan for async if chaining calls.

  Connector

• get_help

  mcp-server

  Searches the official Quanti documentation (docs.quanti.io) to answer questions about using the platform. **When to use this tool:** - When the user asks "how to do X in Quanti?", "what is a connector?", "how to configure BigQuery?" - When the user needs help configuring or using a connector (Google Ads, Meta, Piano, etc.) - To explain Quanti concepts: projects, connectors, prebuilds, data warehouse, tag tracker, transformations - When the user asks about the Quanti MCP (setup, overview, semantic layer) **This tool does NOT replace:** - get_schema_context: to get the actual BigQuery schema for a client project - list_prebuilds: to list pre-configured reports for a connector - get_use_cases: to find reusable analyses - execute_query: to execute SQL **Available topic filters:** connectors, data-warehouses, data-management, tag-tracker, mcp-server, transformations

  Connector

• intel_stack

  TunnelMind Data API

  Fetches up to 32KB of the domain's HTML and response headers from the edge, then fingerprints the content for known CMS platforms, JavaScript frameworks, CDN providers, and analytics tools. Detection is based on meta generator tags, script src patterns, response headers, and cookie names. Use this tool when: - You need to know what CMS (WordPress, Drupal, Shopify) a site runs. - You are assessing a domain's infrastructure before a security review. - You want to identify analytics or marketing tools a site embeds. Do NOT use this tool when: - You want HTTP headers and security posture — use `intel_http` instead. - You want tracker database classification — use `get_domain` instead. - You need robots.txt AI policy — use `intel_robots` instead. Inputs: - `domain` (query, required): Domain to fingerprint. Returns: - `cms`: detected content management system, or null. - `frameworks`: JavaScript/backend frameworks detected. - `cdn`: CDN provider detected, or null. - `analytics`: analytics and tracking tools detected. - `meta_generators`: raw meta generator tag values. Cost: - Free. No API key required. Latency: - Typical: 2-4s (HTML fetch), p99: 7s.

  Connector

• get_hbm_qualification

  Silicon Analysts

  Sourced HBM qualification tracker: which memory vendor (SK Hynix, Samsung, Micron) passed which AI-accelerator customer's qualification (NVIDIA Vera Rubin/GB300/B300/H200, AMD MI350/MI325X, Broadcom), by generation (HBM3/HBM3E/HBM4) and stack height. Returns `matrix` (current status per vendor×customer×generation, each row dated + source URL + confidence) and `timelines` (per-relationship status-change history back to 2022, e.g. sampling → in_qualification → qualified → volume_shipping). Refreshed daily; status changes human-reviewed. USE THIS for: "who supplies HBM4 for Vera Rubin?", "did Samsung pass NVIDIA qualification?", "Micron HBM4 status", qualification timeline/history questions, HBM supply-eligibility analysis. DO NOT USE for: HBM pricing/market share (use get_hbm_market_data); per-chip HBM cost (use get_accelerator_costs). Filters: vendor (enum), customer (substring), generation (enum), include_timelines (boolean). Anonymous callers may receive timelines truncated to the latest event per relationship — full history with a free API key (https://siliconanalysts.com/developers). Cite as "Silicon Analysts — HBM Qualification Tracker".

  Connector

• intel_optout

  TunnelMind Data API

  Checks a domain for all known AI training data opt-out mechanisms beyond robots.txt: TDM (Text and Data Mining) reservation headers, `<meta name="ai">` tags, Creative Commons NonCommercial licenses, and other machine-readable opt-out signals. Use this tool when: - You need to determine whether a domain has opted out of AI training data collection. - You are checking compliance before using a domain's content in a training dataset. - You want a comprehensive opt-out status (robots.txt + TDM + meta tags combined). Do NOT use this tool when: - You only need robots.txt crawler policy — use `intel_robots` instead (faster). - You need tracker data — use `get_domain` instead. - You want injection risk assessment — use `intel_inject` instead. Inputs: - `domain` (query, required): Domain to probe. Returns: - `tdm_reservation`: true if the domain sends a `TDM-Reservation: 1` header. - `noai_meta`: true if the HTML contains `<meta name="robots" content="noai">`. - `license_detected`: string if a CC NonCommercial or similar license is detected, otherwise null. - `opted_out`: true if any opt-out signal is present. Cost: - Free. No API key required. Latency: - Typical: 2-4s, p99: 7s.

  Connector