"Python Code for Data Analysis" matching MCP tools:

• search_exploits

  Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

  Browse and filter exploits using STRUCTURED FILTERS ONLY (no free-text query). Use this to filter by source (github, metasploit, exploitdb, nomisec, gitlab, inthewild, vulncheck_xdb, patchapalooza, oscs, poc_monitor), language (python, ruby, etc.), LLM classification (working_poc, trojan, suspicious, scanner, stub, writeup, tool, no_code), author, min stars, code availability, CVE ID, vendor, or product. Also filter by AI analysis: attack_type (RCE, SQLi, XSS, DoS, LPE, auth_bypass, info_leak), complexity (trivial/simple/moderate/complex), reliability (reliable/unreliable/untested/theoretical), requires_auth. NOTE: To search by product name (e.g. 'OpenSSH', 'Apache'), use search_vulnerabilities instead — it has free-text query and get_vulnerability already includes exploits in the response. Examples: source='metasploit' for all Metasploit modules; attack_type='RCE' with reliability='reliable' for weaponizable RCE exploits; cve='CVE-2024-3400' for all exploits targeting a specific CVE; vendor='mitel' for all Mitel exploits.

  Connector

• ateam_redeploy

  ateam-mcp

  Re-deploy skills WITHOUT changing any definitions. ⚠️ HEAVY OPERATION: regenerates MCP servers (Python code) for every skill, pushes each to A-Team Core, restarts connectors, and verifies tool discovery. Takes 30-120s depending on skill count. Use after connector restarts, Core hiccups, or stale state. For incremental changes, prefer ateam_patch (which updates + redeploys in one step).

  Connector

• check_injection

  ContrastAPI

  Scan source code for injection vulnerabilities: SQL injection, command injection, path traversal via unsafe string concatenation/unsanitized input. Supports Python, JavaScript, TypeScript, Java, Go, Ruby, Shell, Bash. Use to detect input-handling bugs; for secrets use check_secrets. Companion code-security tools: check_secrets (hard-coded credential detection), check_dependencies (known-CVE vulnerability audit), check_headers (live HTTP security-header validation), scan_headers (live HTTP scan via domain). Free: 30/hr, Pro: 500/hr. Returns {total, by_severity, findings}. No data stored.

  Connector

• get_strategy_code

  quantifyme

  Get the actual Python code behind a community leaderboard strategy. Use after `browse_community`: pass an entry's `id` here to read its real `feature_engineering()` + `strategy_config()` source so the user can inspect or tweak it. To deploy it unchanged, pass the same id to `one_shot` as `community_id`. Read-only, no signup needed. Args: community_id: The `id` of a community entry (from `browse_community`). Returns: dict with: id, title, username, description, symbol, timeframe, metrics {total_ret, win_rate, profit_factor, n_trades, mdd, sharpe_strat}, and `code` (the full Python source). SHOW the code to the user, and offer to deploy it via one_shot(community_id=...) or tweak it first.

  Connector

• get_compute_ready_stream

  Valuein — SEC EDGAR Fundamentals & Smart-Money Data

  STATUS: pending — direct R2 Parquet access is in private beta (ETA 2026-Q3). Calls return 501 FEATURE_NOT_AVAILABLE today. When live: returns a pre-signed Cloudflare R2 URL for bulk Parquet access that can be piped into Python/DuckDB/Polars for high-throughput computation that exceeds the MCP context window. Datasets: fact (per-entity partition — requires ticker), ratio (all computed ratios), valuation (DCF inputs), filing (SEC filing metadata), references (company universe), index_membership (historical index composition). URL would expire in 15 minutes. TODAY use the Python SDK (`pip install valuein-sdk`) for the same data via DuckDB.

  Connector

• get_template

  Gitignore

  Fetch the raw .gitignore content for the named template (case-sensitive, e.g. "Node", "Python", "macOS").

  Connector

• scan_skill

  SecurityScan

  Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")

  Connector

• find_examples

  Senzing

  Find working SOURCE CODE examples from 37 indexed Senzing GitHub repositories. REQUIRED: either `query` (string, for search) or `repo` with `file_path` or `list_files=true` — the call WILL FAIL without one. Three modes: (1) Search: pass `query` to find examples across all repos, (2) File listing: pass `repo` + `list_files=true`, (3) File retrieval: pass `repo` + `file_path`. Indexes source code (.py, .java, .cs, .rs) and READMEs — NOT build/data files. For sample data, use get_sample_data. Covers Python, Java, C#, Rust SDK patterns: initialization, ingestion, search, redo, configuration, message queues, REST APIs. Use max_lines to limit large files. Returns GitHub raw URLs for file retrieval.

  Connector

• generate_wallet

  Solentic

  Returns runnable code that creates a Solana keypair. Solentic cannot generate the keypair for you and never sees the private key — generation must happen wherever you run code (the agent process, a code-interpreter tool, a Python/Node sandbox, the user's shell). The response includes the snippet ready to execute. After running it, fund the resulting publicKey and call the `stake` tool with {walletAddress, secretKey, amountSol} to stake in one call.

  Connector

• fda_device_class

  FDA Data MCP

  Lookup FDA device classification details by product code. Returns device name, device class (I/II/III), medical specialty, regulation number, review panel, submission type, and definition. Requires: product code (3-letter code from 510(k), PMA, or device product listings). Related: fda_product_code_lookup (cross-reference across 510(k) and PMA), fda_search_510k (clearances for this product code), fda_search_pma (PMA approvals for this product code).

  Connector

• generate_wallet

  Blueprint Agentic Staking (Solentic)

  Returns runnable code that creates a Solana keypair. Solentic cannot generate the keypair for you and never sees the private key — generation must happen wherever you run code (the agent process, a code-interpreter tool, a Python/Node sandbox, the user's shell). The response includes the snippet ready to execute. After running it, fund the resulting publicKey and call the `stake` tool with {walletAddress, secretKey, amountSol} to stake in one call.

  Connector

• x711_code_sandbox

  x711 — Universal Agent Gas Station

  Execute JavaScript or Python code in an isolated sandbox. Use for: data processing, math, CSV parsing, JSON transformation, crypto calculations, algorithm testing. Secure — no filesystem access, no network. Returns: { output: string, runtime_ms: number, language: string }. Requires API key.

  Connector

• get_signup_link

  Gonka Network Pricing

  Get Gonka Network signup link with referral bonus (12M nGNK free tokens). Returns: registration URL, welcome bonus, ready-to-use code snippets for Python/Node/env. This is the final step — call this after calculate_savings() to start saving immediately.

  Connector

• get_document_pipeline

  civilquants

  Obtain the CivilQuants customer-side document pipeline — the toolkit the document-heavy skills (tender review, geotechnical / geo-environmental interpretation) use to chunk a tender pack and render a Word pack on the user's machine. Returns the self-unpacking chunking package, the pipeline discipline, and the python-docx render helpers. Universal (free + paid). NOTE: running the pipeline over real documents requires a code-execution client (Claude Code / Codex / VS Code) — a chat connector can read the toolkit but cannot execute it. The full kit is large (~60 KB); pass component='chunking'|'discipline'|'render' for one part (~20 KB each), or omit it for the whole kit.

  Connector

• mcp_health

  ca-rate-filings

  Diagnostic snapshot of the deployed MCP server: build identifier, server_version (1.0.<PR> tag), boot time, advertised tool names, a hash of the tool surface, and corpus_updated_at (freshest watermark across the filings pipeline). Call this first when you suspect the connector is showing a stale tool list or you want to detect whether code or data has changed since your last call — compare tools_advertised against what your client lists, server_version for code, corpus_updated_at for data.

  Connector

• __unlock_blockchain_analysis__

  mcp-server

  Mandatory initialization step for any session against the Blockscout MCP server. Returns server reference data plus the `blockscout-analysis` skill pointer and URI resolution rule. MANDATORY FOR AI AGENTS: Call this tool first in every session. The returned payload identifies where the operating rules and analysis framework live and how to read referenced skill files before executing further tool calls.

  Connector

• generate_scaffold

  Senzing

  Generate SDK scaffold code for common workflows. Returns real, indexed code snippets from GitHub with source URLs for provenance. Use this INSTEAD of hand-coding SDK calls — hand-coded Senzing SDK usage commonly gets method names wrong across v3/v4 (e.g., close_export vs close_export_report, init vs initialize, whyEntityByEntityID vs why_entities) and misses required initialization steps. Languages: python, java, csharp, rust. Workflows: initialize, configure, add_records, delete, query, redo, stewardship, information, full_pipeline (aliases accepted: init, config, ingest, remove, search, redoer, force_resolve, info, e2e). V3 supports Python and Java only. Returns GitHub raw URLs — fetch each snippet to read the source code.

  Connector

• __unlock_blockchain_analysis__

  blockscout-mcp-server

  Mandatory initialization step for any session against the Blockscout MCP server. Returns server reference data plus the `blockscout-analysis` skill pointer and URI resolution rule. MANDATORY FOR AI AGENTS: Call this tool first in every session. The returned payload identifies where the operating rules and analysis framework live and how to read referenced skill files before executing further tool calls.

  Connector

• get_mortgage_data

  HMDA Mortgage Data

  Get Home Mortgage Disclosure Act (HMDA) loan-level data. Returns mortgage application and origination records reported by financial institutions under HMDA. At least one geographic filter (state or county_fips) is recommended to limit results. Args: state: Two-letter US state abbreviation (e.g. 'CA', 'TX'). county_fips: Five-digit county FIPS code (e.g. '06037' for LA County). year: Data year (e.g. 2022). Defaults to 2022 if not specified. action_taken: Loan action code: '1' (originated), '2' (approved not accepted), '3' (denied), '4' (withdrawn), '5' (incomplete). loan_type: Loan type code: '1' (conventional), '2' (FHA-insured), '3' (VA-guaranteed), '4' (USDA/RHS). limit: Maximum number of records to return (default 100, max 1000).

  Connector

• check_secrets

  ContrastAPI

  Scan source code (or snippet) for hardcoded secrets — cloud provider keys, API tokens, connection strings, private keys, passwords. Supports Python, JavaScript, TypeScript, Java, Go, Ruby, Shell, Bash. Use to detect leaked credentials before commit; for injection detection use check_injection. Free: 30/hr, Pro: 500/hr. Returns {total, by_severity, findings}. No data stored. The generic password-assignment rule is suppressed when a more-specific credential rule fires on the same line — one targeted finding per leaked secret, not two.

  Connector