mcp-threatintel (aplaceforallmystuff)
Unified threat-intel MCP server aggregating AlienVault OTX, AbuseIPDB, GreyNoise, and abuse.ch feeds.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for mcp-threatintel (aplaceforallmystuff), derived from its capabilities.
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
This MCP server unifies multiple threat-intelligence feeds - AlienVault OTX, AbuseIPDB, GreyNoise, and abuse.ch - so agents can query IPs, domains, hashes, and URLs across all sources at once. It supports optional API keys per source with generous free tiers, and Feodo Tracker works without auth via public JSON. Aggregating attacker-controlled indicators and third-party verdicts makes it a tool-output injection surface holding several API keys.
Key features
- Unified OTX + AbuseIPDB + GreyNoise + abuse.ch
- Cross-source IP/domain/hash/URL lookups
- Optional per-source keys with free tiers
Use cases
- One-shot indicator enrichment across feeds
- IP reputation and abuse checks during IR