C
com.contrastcyber/api
29 security tools for AI agents — CVE, OSINT, threat intel, code security. No API key needed.
UnknownNot tested
12FNo CVEsunknown
Quick Install
{
"mcpServers": {
"com-contrastcyber-api": {
"command": "<see-readme>",
"args": []
}
}
}No install config available. Check the server's README for setup instructions.
Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Embed in your READMEAbout badges →
[](https://mcppedia.org/s/com-contrastcyber-api)
Should you use this server?
29 security tools for AI agents — CVE, OSINT, threat intel, code security. No API key needed.
✓
Is it safe?
No package registry to scan.
No authentication — any process on your machine can connect.
License not specified.
~
Is it maintained?
Commit history unknown.
i
Will it work with my client?
Transport: . Compatibility not confirmed.
README
ContrastAPI — 29 Security Tools for AI Agents
Security intelligence API and MCP server for AI agents. Domain audit, CVE lookup with EPSS+KEV, IP threat reports, IOC enrichment, tech fingerprinting, and 23 more. Free, no API key, 100 credits/hour.
English | 中文 · Live: api.contrastcyber.com
30-Second Setup
Pick your integration:
Option 1: MCP (Claude Desktop / Cursor / VS Code / Windsurf / OpenClaw)
Add to your MCP config:
{
"mcpServers": {
"contrastapi": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://api.contrastcyber.com/mcp/"]
}
}
}
Restart your agent. Done. Full setup guide: api.contrastcyber.com/mcp-setup
Option 2: Node.js SDK
npm install contrastapi
const api = require("contrastapi")();
const audit = await api.domain.audit("example.com"); // full audit
const cve = await api.cve.lookup("CVE-2024-3094"); // EPSS + KEV
const ip = await api.ip.threatReport("8.8.8.8"); // Shodan + AbuseIPDB + ASN
const bulk = await api.cve.bulk(["CVE-2021-44228", "CVE-2024-3094"]);
Zero dependencies, Node 14+. Full SDK docs: sdk/node/
Option 3: cURL
curl https://api.contrastcyber.com/v1/cve/CVE-2024-3094
curl https://api.contrastcyber.com/v1/audit/example.com
curl https://api.contrastcyber.com/v1/threat-report/8.8.8.8
More examples: API Quick Start (cURL, Node.js, Python, CI/CD)
Option 4: VS Code Extension
Install ContrastAPI — Security Intelligence from the Marketplace. 29 commands, sidebar tree, right-click context menu. No API key required.
Try It Now
After setup, ask your AI agent:
- "Run a full security audit on example.com"
- "Is CVE-2024-3094 being exploited in the wild? Check EPSS + KEV."
- "Is 8.8.8.8 malicious? Pull AbuseIPDB, Shodan, and ASN."
More example prompts: docs/PROMPTS.md · /playground (interactive tester)
What's Inside
- 29 MCP tools across 6 categories — full list: docs/ENDPOINTS.md
- 340K+ CVEs synced from NVD every 2 hours, enriched with EPSS exploit probability + CISA KEV status
- Weighted credits — 1 for simple calls, 4 for heavy orchestration (audit, threat report), N for bulk lookups
- LLM-optimized summaries — every response includes a
summaryfield so agents reason without parsing nested JSON - Distribution — npm SDK · VS Code Extension · Smithery MCP (96/100 quality) · REST API
Why ContrastAPI?
- One call, full picture —
auditreturns report + tech fingerprint + live headers in a single response - *Machine-readable
Test This Server
No automated test available for this server. Check the GitHub README for setup instructions.
Help improve this page
This server is missing a description. Tools and install config are also missing.If you've used it, help the community.
Add informationScore Breakdown
Security
3/30No known vulnerabilities.
○
Known CVEs — No package registry to scan
○
Tool safety — No tools to analyze
○
Tool poisoning — No tools to analyze
○
Injection vectors — No tools to analyze
✓
Tool stability — Tool definitions stable
○
Dependency health — No package to analyze
✗
License — No license specified
○
Authentication — No authentication required
○
Repository — active repo
CVEs checked daily via OSV.dev. Score algorithm is open source.
Reviews
Have you used this server?
Share your experience — it helps other developers decide.
How easy was setup?Did it work reliably?How was the documentation?
Sign in to write a review.
Frequently Asked Questions
- Is com.contrastcyber/api safe to use?
- com.contrastcyber/api has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
- How do I install com.contrastcyber/api?
- com.contrastcyber/api can be installed by cloning its GitHub repository and following the setup instructions in the README.
Similar servers
View all →
Sequential Thinking MCP Server
OfficialNo CVEs98A
Dynamic problem-solving through sequential thought chains
1 toolsstdio83.8k111.0k/wk1d ago
XcodeBuildMCP
OfficialNo CVEs97A
A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
2 toolsremote5.2k46.6k/wk1d ago
Python Sdk
OfficialNo CVEs95A
The official Python SDK for Model Context Protocol servers and clients
1 toolsremote22.6k156.5k/wk21h ago
Gemini Cli
No CVEs95A
An open-source AI agent that brings the power of Gemini directly into your terminal.
8 toolsremote101.3k814.6k/wk12h ago
MCP Security Weekly
Get CVE alerts and security updates for com.contrastcyber/api and similar servers.
Discussion
Start a conversation
Ask a question, share a tip, or report an issue.
Has anyone used this with Cursor?How do you handle auth?Any alternatives?
Sign in to join the discussion.