gov-cybersecurity

CVE vulnerability lookup via NIST NVD, CISA KEV, EPSS scores, and MITRE ATT&CK. 7 tools for real-time cybersecurity intelligence.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "gov-cybersecurity" with this command: npx skills add martc03/gov-cybersecurity

Government Cybersecurity Vulnerability Intel

Real-time vulnerability intelligence from 4 authoritative sources — no API keys required.

Setup

Connect to the remote MCP server:

mcporter add gov-cyber --url https://cybersecurity-vuln-mcp.apify.actor/mcp --transport streamable-http

Or add directly to your OpenClaw MCP config (~/.openclaw/mcp.json):

{
  "servers": {
    "gov-cyber": {
      "url": "https://cybersecurity-vuln-mcp.apify.actor/mcp",
      "transport": "streamable-http"
    }
  }
}

Available Tools

vuln_lookup_cve

Look up a CVE by ID and get enriched intelligence from all 4 sources in a single call — NVD details (CVSS score, description, references), CISA KEV active exploitation status, EPSS exploitation probability, and MITRE ATT&CK techniques.

Look up CVE-2021-44228

Example output: CRITICAL 10.0, EPSS 94.4%, KEV=YES, ATT&CK: T1190/T1203/T1595.002

vuln_search

Search the NIST National Vulnerability Database by keyword, severity, and date range.

Search NVD for "apache log4j" critical vulnerabilities

Parameters: keyword, severity (LOW/MEDIUM/HIGH/CRITICAL), pubStartDate, pubEndDate, limit

vuln_kev_latest

Get recently added entries from the CISA Known Exploited Vulnerabilities catalog — confirmed actively exploited in the wild.

Show KEV entries added in the last 7 days

Parameters: days (1-365, default 7), limit

vuln_kev_due_soon

Get CISA KEV vulnerabilities with upcoming remediation deadlines. Federal agencies must patch by the due date.

Show KEV vulnerabilities due within 14 days

Parameters: days (1-90, default 14), limit

vuln_epss_top

Get CVEs with the highest EPSS exploitation probability scores. A score of 0.9 = 90% chance of exploitation in the next 30 days.

Show CVEs with EPSS score above 0.9

Parameters: threshold (0-1, default 0.5), limit

vuln_trending

Get recently published critical and high severity CVEs. Stay on top of emerging threats.

Show trending critical CVEs from the last 3 days

Parameters: days (1-30, default 3), severity, limit

vuln_by_vendor

Search CVEs for a specific vendor/product with KEV cross-referencing for actively exploited vulns.

Show Microsoft Windows vulnerabilities

Parameters: vendor (required), product (optional), limit

Data Sources

  • NIST NVD 2.0 — National Vulnerability Database (CVE details, CVSS scores)
  • CISA KEV — Known Exploited Vulnerabilities catalog
  • FIRST.org EPSS — Exploitation Prediction Scoring System
  • MITRE ATT&CK — Adversary techniques and tactics (172 CVEs mapped to 42 techniques)

Use Cases

  • Vulnerability triage and prioritization
  • Compliance tracking (CISA KEV deadlines)
  • Vendor risk assessments
  • Threat intelligence briefings
  • Patch management decisions

All data from free US government APIs. Zero cost. No API keys required.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Auto Security Audit

一键自动化安全审计:nmap 端口扫描 + nuclei 12000+ CVE 漏洞检测(内外网双扫)+ SSL/TLS 检查 + SSH/防火墙/fail2ban 系统审计 + Markdown 报告生成。支持 cron 定时扫描 + 飞书推送。

Registry SourceRecently Updated
0159
nashbuaa-ops
Security

web-recon

Website vulnerability scanner and security audit toolkit. Scan any website for security issues: open ports (nmap), exposed secrets, subdomain enumeration, di...

Registry SourceRecently Updated
1262
Profile unavailable
Security

Trent OpenClaw Security

Audit your OpenClaw deployment for security risks using Trent AppSec Advisor

Registry SourceRecently Updated
0218
Profile unavailable