analyze_drift
ActiveTool of com.blackveilsecurity/dns
Measure whether a domain's DNS security posture improved or regressed by comparing the current state against a prior scan snapshot. Returns a drift classification (improving/stable/regressing/mixed), score delta, and lists of improvements and regressions. Use to answer "did our security score improve or regress since last time?" — distinct from compare_baseline which checks compliance against a fixed policy (not improvement over time).
Parameters schema
{
"type": "object",
"required": [
"domain",
"baseline"
],
"properties": {
"domain": {
"type": "string",
"maxLength": 253,
"minLength": 1,
"description": "Domain to analyze drift for"
},
"format": {
"enum": [
"full",
"compact"
],
"type": "string",
"description": "Output verbosity. Auto-detected if omitted."
},
"baseline": {
"type": "string",
"maxLength": 50000,
"minLength": 1,
"description": "Prior scan reference for drift-over-time analysis: a previous ScanScore JSON STRING, or the literal \"cached\" to reuse the last cached scan. NOT a policy/requirements object — for compliance enforcement against required controls, use compare_baseline instead."
},
"force_refresh": {
"type": "boolean",
"description": "Bypass cache and run a fresh check. Useful after DNS changes."
}
}
}No endpoints wrapped at confidence ≥ 0.50.
Parent server
com.blackveilsecurity/dns
https://github.com/MadaBurns/bv-mcp
2/7 registries