Yes, Cyber Intel is free to use.

How do I install Cyber Intel?

Cyber Intel supports both local and remote installation. For local use, install it via the provided package manager and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

What AI apps work with Cyber Intel?

Cyber Intel uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Cyber Intel MCP Server

by FoundryNet

Developer ToolsUse Caution3.8MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

CVE search, vulnerability database, EPSS exploit prediction, KEV, IP reputation & threat feed.

About

CVE search, vulnerability database, EPSS exploit prediction, KEV, IP reputation & threat feed.

Remote endpoints: streamable-http: https://cyber-intel-mcp-production.up.railway.app/mcp

Security Report

3.8

Use Caution3.8High Risk

This cybersecurity threat intelligence MCP server implements a reasonable architecture with proper authentication gating via x402 payments and API keys. However, several code quality and security concerns reduce the score: missing input validation on several endpoints, broad exception handling that masks errors, potential for unhandled null/missing data in critical paths, and inadequate logging of security-relevant events. The server appropriately handles sensitive credentials via environment variables and implements payment verification correctly, but the lack of defensive validation against malformed requests and incomplete error handling present moderate risk. Supply chain analysis found 5 known vulnerabilities in dependencies (1 critical, 3 high severity).

7 files analyzed · 15 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

Cybersecurity Threat Intelligence MCP

Cybersecurity threat intelligence for AI agents — CVE search enriched with EPSS exploit-likelihood + CISA known-exploited (KEV) status, plus live IP/domain reputation and a real-time threat feed.

Part of the FoundryNet Data Network. Attest your agent's security analysis with MINT Protocol. See also: gov-contracts-mcp, brand-intel-mcp, patent-intel-mcp, financial-signals-mcp, weather-intel-mcp, compliance-mcp.

Live MCP endpoint (Streamable HTTP): https://cyber-intel-mcp-production.up.railway.app/mcp

Tools

Tool	Price	What it does
`search_cve`	$0.01	CVE search by severity, CVSS, EPSS, attack vector, KEV status
`cve_detail`	free	Full CVE — CVSS breakdown, EPSS, KEV, CWE, affected products, refs
`check_ip`	$0.01	IP reputation (AbuseIPDB + OTX) — abuse score, threat type, pulses
`check_domain`	$0.01	Domain threat indicators (OTX)
`vulnerability_scan`	$0.02	All CVEs for a product, sorted by EPSS — "should I worry about this dependency?"
`threat_feed`	$0.01	Recent threat indicators (IPs/domains/hashes/URLs)
`mint_info`	free	FoundryNet Data Network + MINT Protocol

Free tier: 25 paid-tool queries/day per agent. Then x402: the tool returns an HTTP-402 with a Solana USDC payment memo — pay it, re-call with the same args plus payment_tx=<signature>. An Authorization: Bearer fnet_… key bypasses the paywall.

The edge: EPSS-ranked vulnerabilities

Raw CVE counts are noise. Every vulnerability here carries its EPSS score (the probability it'll be exploited) and a CISA KEV flag (whether it's actively exploited). vulnerability_scan sorts a product's CVEs by exploit likelihood — so an agent triaging a dependency sees what actually matters first.

Sources

Every 6 hours: NVD (CVEs, keyless + throttled), EPSS (exploit probability), CISA KEV (known-exploited catalog), GitHub Advisories. Live on demand: AbuseIPDB (IP reputation) + AlienVault OTX (IP/domain/pulse indicators). Stored in a standalone Supabase project.

Connect

Smithery: @foundrynet/cyber-intel · MCP registry: io.github.FoundryNet/cyber-intel-mcp

{ "mcpServers": { "cyber-intel": { "url": "https://cyber-intel-mcp-production.up.railway.app/mcp" } } }

Built by FoundryNet · hello@foundrynet.io

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Cyber Intel MCP Server

About

Security Report

Findings (15)Action required

Permissions Required

How to Install & Connect

Documentation

Cybersecurity Threat Intelligence MCP

Tools

The edge: EPSS-ranked vulnerabilities

Sources

Connect

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent

mcp-creator-typescript