Cybersecurity threat intelligence for AI agents — CVE search, EPSS exploit prediction, CISA KEV, IP reputation, threat feed. MCP + x402.
claude mcp add cyber-intel-mcp -- uvx cyber-intel-mcp{
"mcpServers": {
"cyber-intel-mcp": {
"command": "uvx",
"args": ["cyber-intel-mcp"]
}
}
}MCP Servers overview
# Cybersecurity Threat Intelligence MCP
**Cybersecurity threat intelligence for AI agents** — CVE search enriched with
EPSS exploit-likelihood + CISA known-exploited (KEV) status, plus live IP/domain
reputation and a real-time threat feed.
> Part of the **FoundryNet Data Network**. Attest your agent's security analysis
> with [MINT Protocol](https://mint-mcp-production.up.railway.app/mcp). See also:
> **gov-contracts-mcp**, **brand-intel-mcp**, **patent-intel-mcp**,
> **financial-signals-mcp**, **weather-intel-mcp**, **compliance-mcp**.
Live MCP endpoint (Streamable HTTP):
`https://cyber-intel-mcp-production.up.railway.app/mcp`
## Tools
| Tool | Price | What it does |
|---|---|---|
| `search_cve` | $0.01 | CVE search by severity, CVSS, **EPSS**, attack vector, KEV status |
| `cve_detail` | **free** | Full CVE — CVSS breakdown, EPSS, KEV, CWE, affected products, refs |
| `check_ip` | $0.01 | IP reputation (AbuseIPDB + OTX) — abuse score, threat type, pulses |
| `check_domain` | $0.01 | Domain threat indicators (OTX) |
| `vulnerability_scan` | $0.02 | All CVEs for a product, **sorted by EPSS** — "should I worry about this dependency?" |
| `threat_feed` | $0.01 | Recent threat indicators (IPs/domains/hashes/URLs) |
| `mint_info` | **free** | FoundryNet Data Network + MINT Protocol |
**Free tier:** 25 paid-tool queries/day per agent. Then x402: the tool returns an
HTTP-402 with a Solana USDC payment memo — pay it, re-call with the same args plus
`payment_tx=<signature>`. An `Authorization: Bearer fnet_…` key bypasses the paywall.
## The edge: EPSS-ranked vulnerabilities
Raw CVE counts are noise. Every vulnerability here carries its **EPSS score** (the
probability it'll be exploited) and a **CISA KEV** flag (whether it's *actively*
exploited). `vulnerability_scan` sorts a product's CVEs by exploit likelihood — so
an agent triaging a dependency sees what actually matters first.
## Sources
Every 6 hours: **NVD** (CVEs, keyless + throttled), **EPSS** (exploit probability),
**CISA KEV** (known-exploited catalog), **GitHub Advisories**. Live on demand:
**AbuseIPDB** (IP reputation) + **AlienVault OTX** (IP/domain/pulse indicators).
Stored in a standalone Supabase project.
## Connect
Smithery: `@foundrynet/cyber-intel` · MCP registry: `io.github.FoundryNet/cyber-intel-mcp`
```json
{ "mcpServers": { "cyber-intel": { "url": "https://cyber-intel-mcp-production.up.railway.app/mcp" } } }
```
Built by [FoundryNet](https://foundrynet.io) · hello@foundrynet.io
What people ask about cyber-intel-mcp
What is FoundryNet/cyber-intel-mcp?
+
FoundryNet/cyber-intel-mcp is mcp servers for the Claude AI ecosystem. Cybersecurity threat intelligence for AI agents — CVE search, EPSS exploit prediction, CISA KEV, IP reputation, threat feed. MCP + x402. It has 0 GitHub stars and was last updated today.
How do I install cyber-intel-mcp?
+
You can install cyber-intel-mcp by cloning the repository (https://github.com/FoundryNet/cyber-intel-mcp) or following the README instructions on GitHub. ClaudeWave also provides quick install blocks on this page.
Is FoundryNet/cyber-intel-mcp safe to use?
+
FoundryNet/cyber-intel-mcp has not been audited yet by our security agent. Review the original repository on GitHub before using it in production.
Who maintains FoundryNet/cyber-intel-mcp?
+
FoundryNet/cyber-intel-mcp is maintained by FoundryNet. The last recorded GitHub activity is from today, with 0 open issues.
Are there alternatives to cyber-intel-mcp?
+
Yes. On ClaudeWave you can browse similar mcp servers at /categories/mcp, sorted by popularity or recent activity.
Deploy cyber-intel-mcp to your cloud
Ship this repo to production in minutes. Each platform spins up its own environment with editable env vars.
Maintain this repo? Add a badge to your README
Drop the badge into your GitHub README to show it's tracked on ClaudeWave. Each badge links back to this page and reflects the live Trust Score.
[](https://claudewave.com/repo/foundrynet-cyber-intel-mcp)<a href="https://claudewave.com/repo/foundrynet-cyber-intel-mcp"><img src="https://claudewave.com/api/badge/foundrynet-cyber-intel-mcp" alt="Featured on ClaudeWave: FoundryNet/cyber-intel-mcp" width="320" height="64" /></a>More MCP Servers
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
An open-source AI agent that brings the power of Gemini directly into your terminal.
The fastest path to AI-powered full stack observability, even for lean teams.
🕷️ An adaptive Web Scraping framework that handles everything from a single request to a full-scale crawl!
⭐AI-driven public opinion & trend monitor with multi-platform aggregation, RSS, and smart alerts.🎯 告别信息过载,你的 AI 舆情监控助手与热点筛选工具!聚合多平台热点 + RSS 订阅,支持关键词精准筛选。AI 智能筛选新闻 + AI 翻译 + AI 分析简报直推手机,也支持接入 MCP 架构,赋能 AI 自然语言对话分析、情感洞察与趋势预测等。支持 Docker ,数据本地/云端自持。集成微信/飞书/钉钉/Telegram/邮件/ntfy/bark/slack 等渠道智能推送。