"Trending GitHub repositories" matching MCP tools:

• ateam_build_and_run

  ateam-mcp

  DEPLOY THE CURRENT MAIN BRANCH TO A-TEAM CORE. ⚠️ HEAVIEST OPERATION (60-180s): validates solution+skills → deploys all connectors+skills to Core (regenerates MCP servers) → health-checks → optionally runs a warm test → auto-pushes to GitHub. 🌳 DEV/PROD WORKFLOW: 1. Edit files → ateam_github_patch (writes to `dev` branch by default) 2. (Optional) Preview what's about to ship → ateam_github_diff 3. Ship dev → main → ateam_github_promote (merges + auto-tags `prod-YYYY-MM-DD-NNN`) 4. Deploy main to Core → ateam_build_and_run This tool ALWAYS deploys the `main` branch — there is no `ref` parameter. To deploy in-progress dev work, first promote it. AUTO-DETECTS GitHub repo: if you omit mcp_store and a repo exists, connector code is pulled from main automatically. First deploy requires mcp_store. After that, edit via ateam_github_patch + promote, then build_and_run. For small changes prefer ateam_patch (faster, incremental). Requires authentication.

  Connector

• query_cves

  Fillin

  Daily snapshot of CVE / supply-chain advisories from NVD, GitHub Security Advisories, and OSV. Use before merging dependency updates, when triaging an alert, or when a user asks "is package X compromised". Each result row carries a structured `affected` list (one entry per affected package: ecosystem, name, vulnerable_range, patched_range) and a numeric `severity_score` (CVSS baseScore, nullable on OSV-only rows). A buyer can act on the returned row — pin to `patched_range` — without a second hop to NVD or GHSA.

  Connector

• secret_scan

  AgentSec MCP

  Scan text content for hardcoded secrets, API keys, and credentials using 20 pre-compiled patterns. Privacy guarantee: Input text is NEVER logged, cached, stored, or forwarded. Only findings_count and finding offsets (not matched values) are returned. Detected pattern types include: AWS keys, GitHub/GitLab PATs, OpenAI/Anthropic keys, Stripe secrets, Slack tokens, PEM private keys, JWT tokens, and 13 more. Per-call rate limit: 100/min. Payment: $0.05 USDC per scan.

  Connector

• find_examples

  Senzing

  Find working SOURCE CODE examples from 37 indexed Senzing GitHub repositories. REQUIRED: either `query` (string, for search) or `repo` with `file_path` or `list_files=true` — the call WILL FAIL without one. Three modes: (1) Search: pass `query` to find examples across all repos, (2) File listing: pass `repo` + `list_files=true`, (3) File retrieval: pass `repo` + `file_path`. Indexes source code (.py, .java, .cs, .rs) and READMEs — NOT build/data files. For sample data, use get_sample_data. Covers Python, Java, C#, Rust SDK patterns: initialization, ingestion, search, redo, configuration, message queues, REST APIs. Use max_lines to limit large files. Returns GitHub raw URLs for file retrieval.

  Connector

• getMarketOverview

  qubitsok — Quantum Computing Jobs, Papers & Researchers

  Get a snapshot of the quantum computing landscape — no parameters needed. Use when the user asks broad questions like "how's the quantum job market?", "what are trending topics?", or wants an overview of the quantum computing industry. Returns: total active jobs, top hiring companies, jobs by role type, papers published this week, total researchers tracked, and trending technology tags. For specific job/paper/researcher searches, use the dedicated search tools instead.

  Connector

• scan_skill

  SecurityScan

  Scan a GitHub repository or skill URL for security vulnerabilities. This tool performs static analysis and AI-powered detection to identify: - Hardcoded credentials and API keys - Remote code execution patterns - Data exfiltration attempts - Privilege escalation risks - OWASP LLM Top 10 vulnerabilities Requires a valid X-API-Key header. Cached results (24h) do not consume credits. Args: skill_url: GitHub repository URL (e.g., https://github.com/owner/repo) or raw file URL to scan Returns: ScanResult with security score (0-100), recommendation, and detected issues. Score >= 80 is SAFE, 50-79 is CAUTION, < 50 is DANGEROUS. Example: scan_skill("https://github.com/anthropics/anthropic-sdk-python")

  Connector

• book_flight

  BoostedTravel

  Book an unlocked flight. Creates a real airline PNR with e-ticket. REQUIREMENTS: 1. Offer must be unlocked first (call unlock_flight_offer) 2. Use passenger_id from search results 3. Use REAL passenger details — airline sends e-ticket to the email provided Requires GitHub star verification.

  Connector

• setup_payment

  BoostedTravel

  Attach a payment card. Required before booking. For testing: {"token": "tok_visa"} For production: {"payment_method_id": "pm_xxx"} from Stripe.js One-time setup — all future charges are automatic. Requires GitHub star verification.

  Connector

• ateam_upload_connector

  ateam-mcp

  Upload connector code to Core and restart — WITHOUT redeploying skills. Use this to update connector source code (server.js, UI assets, plugins) quickly. Set github=true to pull files from the solution's GitHub repo, or pass files directly. Much faster than ateam_build_and_run for connector-only changes.

  Connector

• generate_scaffold

  Senzing

  Generate SDK scaffold code for common workflows. Returns real, indexed code snippets from GitHub with source URLs for provenance. Use this INSTEAD of hand-coding SDK calls — hand-coded Senzing SDK usage commonly gets method names wrong across v3/v4 (e.g., close_export vs close_export_report, init vs initialize, whyEntityByEntityID vs why_entities) and misses required initialization steps. Languages: python, java, csharp, rust. Workflows: initialize, configure, add_records, delete, query, redo, stewardship, information, full_pipeline (aliases accepted: init, config, ingest, remove, search, redoer, force_resolve, info, e2e). V3 supports Python and Java only. Returns GitHub raw URLs — fetch each snippet to read the source code.

  Connector

• crypto_trending

  livedatalink

  See what's trending and hot in cryptocurrency right now. Returns the top trending coins on CoinGecko based on search activity and interest. Use this for 'what's trending in crypto?', 'hot cryptocurrencies', 'trending coins', 'what crypto is popular right now?', 'crypto buzz', 'what tokens are people looking at?', or any question about current crypto market interest and momentum.

  Connector

• detect_pii

  Toolora MCP Server

  Sweep a text for personally-identifying information and leaked secrets: email addresses, US/international phone numbers, SSNs, Luhn-validated credit-card numbers, OpenAI keys (sk-...), Anthropic keys (sk-ant-...), GitHub PATs (ghp_/gho_/...), AWS access keys (AKIA...), Stripe keys, JWTs, and IPv4 addresses. Returns hit count + redacted samples per category, plus a high-severity blocker verdict. Use this on anything an agent is about to send, post, or commit. Critical for autonomous agents that may have ingested secrets from their context.

  Connector

• RUBE_FIND_RECIPE

  rube

  Find recipes using natural language search. Use this tool when: - User refers to a recipe by partial name, description, or keywords (e.g., "run my GitHub PR recipe", "the slack notification one") - User wants to find a recipe but doesn't know the exact name or ID - You need to find a recipe_id before executing it with RUBE_EXECUTE_RECIPE The tool uses semantic matching to find the most relevant recipes based on the user's query. Input: - query (required): Natural language search query (e.g., "GitHub PRs to Slack", "daily email summary") - limit (optional, default: 5): Maximum number of recipes to return (1-20) - include_details (optional, default: false): Include full details like description, toolkits, tools, and default params Output: - successful: Whether the search completed successfully - recipes: Array of matching recipes sorted by relevance score, each containing: - recipe_id: Use this with RUBE_EXECUTE_RECIPE - name: Recipe name - description: What the recipe does - relevance_score: 0-100 match score - match_reason: Why this recipe matched - toolkits: Apps used (e.g., github, slack) - recipe_url: Link to view/edit - default_params: Default input parameters - total_recipes_searched: How many recipes were searched - query_interpretation: How the search query was understood - error: Error message if search failed Example flow: User: "Run my recipe that sends GitHub PRs to Slack" 1. Call RUBE_FIND_RECIPE with query: "GitHub PRs to Slack" 2. Get matching recipe with recipe_id 3. Call RUBE_EXECUTE_RECIPE with that recipe_id

  Connector

• exploit_lookup

  ContrastAPI

  Search public exploits/PoC for a specific CVE across three sources: (1) GitHub Advisory Database (sources.github.advisories[]), (2) Shodan CVEDB references (sources.shodan_refs.results[] — packetstorm/seclists/vendor URLs cited by Shodan; results capped at SHODAN_REFS_LIMIT default 200, truncated=true when capped, count is the honest upstream total), (3) ExploitDB CSV mirror (exploits[] array, with edb_id + author + verified flag — these are the actual ExploitDB entries). Use to assess if a vulnerability has weaponized exploits in the wild; run after cve_lookup to evaluate real-world risk. When the CVE is also in CISA KEV (kev.in_kev=true on cve_lookup), pair with kev_detail for federal patch deadline; pair with cwe_lookup on cwe_id for the underlying weakness category and mitigations. Response carries next_calls — single cve_lookup pivot for full context (KEV status, CWE chain, CVSS, EPSS); cve_lookup's own next_calls then surface kev_detail and cwe_lookup automatically (this endpoint has no in_kev/cwe_id schema, so blind emission of those pivots is intentionally avoided). Free: 30/hr, Pro: 500/hr. Returns {cve_id, exploits_found, has_public_exploit, sources: {github, shodan_refs: {found, count, truncated, results}}, exploits: [{edb_id, cve_id, date_published, author, type, platform, url, verified, description}], summary, verdict, next_calls}.

  Connector

• audit_github_repo

  Commit — Supply Chain Risk Scoring

  Audit the supply chain risk of a GitHub repository's dependencies. Fetches the repo's package.json and/or requirements.txt from GitHub and runs behavioral commitment scoring on every dependency. This is the fastest way to audit a project — just provide the GitHub URL or owner/repo slug, and get a full risk table in seconds. Risk flags: - CRITICAL: single publisher/maintainer/owner + >10M weekly downloads (publish-access concentration risk) - HIGH: sole publisher/maintainer + >1M/wk downloads, OR new package (<1yr) with high adoption - WARN: no release in 12+ months (potential abandonware) Examples: - "vercel/next.js" — audit Next.js dependencies - "https://github.com/langchain-ai/langchainjs" — audit LangChain JS - "facebook/react" — audit React's dependency tree - "anthropics/anthropic-sdk-python" — audit Anthropic Python SDK Use this when someone asks "is my project at risk?" or "audit this repo's dependencies".

  Connector

• get_session_trends

  Vocab Voyage

  Auth-only. Personal study trends over a window (default 14 days, max 90): session count, total minutes, accuracy trend (up/down/flat), and top-missed words. Use after a user asks 'how am I trending / am I improving / which words keep tripping me up'.

  Connector

• username_lookup

  ContrastAPI

  Search for username across 15+ social/dev platforms (GitHub, Reddit, X/Twitter, LinkedIn, Instagram, TikTok, Discord, YouTube, Keybase, HackerOne, etc.). Use for OSINT investigations and identity verification. Free: 30/hr, Pro: 500/hr. Returns {username, total_found, platforms: [{name, exists, url, status_code}]}.

  Connector

• sdk_guide

  Senzing

  Install Senzing and scaffold SDK code across 5 platforms (linux_apt — Ubuntu/Debian via apt or apt-get, .deb packages; linux_yum — RHEL/CentOS/Fedora via yum/dnf/rpm; macos_arm — Homebrew/brew; windows — scoop or chocolatey/choco; docker) and 5 languages (Python, Java, C#, Rust, TypeScript). Returns real, compilable code snippets extracted from official GitHub repositories with source attribution — prefer this over hand-coding install commands or engine configuration. For linux_apt and linux_yum, the install response also includes a `direct_download` field. In HTTP mode the package `url` is hosted on this MCP server (mcp.senzing.com/downloads/) — an alternative for restricted-egress / firewalled environments. In stdio mode the package `url` is a local `sz-mcp-coworker extract` command that pulls the .deb from the binary's embedded bundle. Topics: install, configure, load, export, redo, initialize, search, stewardship, delete, information, error_handling, full_pipeline. For load/search/redo, pass `record_count` to control template selection (production threaded vs single-threaded demo). Export redirects to reporting_guide. Asset IDs are not stable across versions. If a previously-known ID fails to extract, call this tool again to obtain the current ID.

  Connector

• lookup_go_module

  Commit — Supply Chain Risk Scoring

  Get a behavioral commitment profile for any Go module on proxy.golang.org. Takes a full module path (e.g., "github.com/gin-gonic/gin", "golang.org/x/net", "k8s.io/client-go", "gopkg.in/yaml.v3") and returns real signals: module age, version count, publish cadence, GitHub contributors (the closest equivalent to "publishers" since Go has no centralized publisher concept — git push access is the publish equivalent), GitHub stars, OpenSSF Scorecard score. The Go ecosystem has no centralized download counter, so this profile is GitHub-primary — the linked source repository's activity, contributor count, and Scorecard carry more weight than for npm/PyPI/Cargo. Stars are used as the popularity proxy. Useful for: vetting Go dependencies before adding to go.mod, identifying abandonware, supply chain risk assessment. Examples: "github.com/gin-gonic/gin", "golang.org/x/crypto", "github.com/spf13/cobra", "k8s.io/api"

  Connector

• get_npm_package

  developer-tools-mcp-server

  Look up Node.js package information from NPM registry. Returns latest version, download statistics (weekly/monthly), dependency list, package description, license, and GitHub link. Use for evaluating JavaScript libraries, checking maintenance status, or reviewing package popularity.

  Connector