← Developers

MCP (Model Context Protocol)

FirmIntel exposes its vulnerability-intel corpus as MCP tools so any agent or chat client that speaks MCP-over-HTTP can call it natively. Mint a key in the console (role agent or developer), then drop the snippets below into your client configuration.

Endpoint

POST https://api.firmintel.example/mcp     # JSON-RPC 2.0
GET  https://api.firmintel.example/mcp/info # introspection

Tools

• search_vulns(query, limit, kev_only) — hybrid search
• get_vuln(canonical_id) · lookup_cve(cve_id)
• list_recent_kev(limit) · recent_exploits(limit)
• explain_vuln(canonical_id) — LLM explanation w/ citations

Claude Desktop / VS Code Copilot

{
  "mcpServers": {
    "firmintel": {
      "transport": "http",
      "url": "https://api.firmintel.example/mcp",
      "headers": {
        "Authorization": "Bearer fmi_YOUR_KEY_HERE"
      }
    }
  }
}

Hermes

# ~/.hermes/mcp.toml
[[mcp_servers]]
name = "firmintel"
transport = "http"
url = "https://api.firmintel.example/mcp"
auth_header = "Authorization: Bearer fmi_YOUR_KEY_HERE"
timeout_ms = 30000

# Recommended tools to expose:
# search_vulns, lookup_cve, list_recent_kev, recent_exploits, explain_vuln

Smoke test

# Sanity-check your key with a JSON-RPC ping:
curl -s -X POST https://api.firmintel.example/mcp \
  -H "Authorization: Bearer fmi_YOUR_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'