3 posts tagged with "Security"

You paste an MCP server URL into a security analyzer. It spits out a number. You ask the obvious question: what does that number actually mean?

Most MCP scanners can't answer it. They run a bunch of regex, run a bunch of LLM prompts, and produce a verdict. If you push on the verdict, you find ad-hoc heuristics with no published source — and worse, you find marketing claims about "AI-powered security analysis" that nobody can audit.

We built MCPBundles' analyzer the other way around. Every rule cites a published taxonomy entry. If we can't cite an entry, the rule doesn't ship. The catalog is small, deliberate, and live: www.mcpbundles.com/learn/mcp-security.

This post is the "show your work" version of that page.

If you run vendor onboarding, finance operations, marketplace trust, logistics compliance, or diligence research, sanctions screening is often one step inside a bigger decision. The team is not asking for a database. They are asking whether a counterparty can move forward.

The question sounds simple: "Is this company or person on a sanctions list?" Then reality gets in the way. Which list? Which alias? Is this a close match or just a similar name? Do we need to record the source list, the country, the identifier, and the reason for the match? Is this a vendor review, a customer onboarding step, or a shipping workflow where denied-party screening is only one part of the decision?

That is what the Global Sanctions & Watchlists MCP server is built for. It gives an agent a normalized sanctions search surface so the lookup can happen inside the workflow that needs the answer.

Your vulnerability scanner dumps 200 CVEs. You sort by CVSS score. The CVSS 9.8 at the top gets your attention. You patch it first.

Meanwhile, a CVSS 5.0 three pages down is in active ransomware campaigns. CISA added it to the Known Exploited Vulnerabilities catalog last week. EPSS gives it an 80% exploitation probability. Nobody looked at it because it was page three.

CVSS tells you how bad a vulnerability could be. It says nothing about whether anyone is actually exploiting it. For that, you need two more data sources — and nobody combines all three in one place.

Until now. vulnerability-intelligence-mcp is an open-source MCP server that pulls from NIST NVD, CISA KEV, and FIRST.org EPSS, computes a composite risk score, and gives your AI 30 tools for CVE analysis, watchlist tracking, and scanner triage.