A robust Model Context Protocol (MCP) server built to empower LLMs with real-time cybersecurity intelligence. This agent interfaces with the CIRCL.lu API to fetch, analyze, and summarize Common Vulnerabilities and Exposures (CVEs) without requiring expensive API keys.
Designed with FastMCP, Pydantic validation, and asynchronous architecture.
- Intelligent Search: Drills down from Vendor -> Product -> Vulnerabilities (e.g., "Find bugs in Microsoft" -> "List Office bugs").
- CISO-Level Briefings: specialized prompts to generate executive summaries for specific CVEs.
- Real-time Intelligence: Fetches the latest published vulnerabilities globally.
- Robust Validation: Uses Pydantic to enforce valid CVE ID formats and sanitize inputs before API calls.
- Python 3.12+
- uv (Fast Python package installer)
- Google Gemini API Key (For the demo client)
Spin up the server instantly without installing Python dependencies locally.
docker compose up --buildThe server will start on http://0.0.0.0:8000.
Install Dependencies
pip install uv
uv syncStart the Server
uv run src/server/main.pyStart the Client (New Terminal) Make sure you export your API key first:
export GOOGLE_API_KEY="your-gemini-api-key"
uv run src/client/client.py💡 Example Usage
Once the client is running, you can interact with the agent using natural language:
- Deep Dive - "Act as a security researcher and analyze CVE-2021-44228."
- Discovery - "Does Microsoft Office have any recent vulnerabilities?"
- Monitoring - "What are the top 5 latest CVEs published today?"
- Validation - "Check CVE-2024-9999" (Agent will validate ID format)