You're viewing a demo portfolio

Join the waitlist
PRSM

query_cves

Active

Tool of Fillin

declared in 1.27.0

Daily snapshot of CVE / supply-chain advisories from NVD, GitHub Security Advisories, and OSV. Use before merging dependency updates, when triaging an alert, or when a user asks "is package X compromised". Each result row carries a structured `affected` list (one entry per affected package: ecosystem, name, vulnerable_range, patched_range) and a numeric `severity_score` (CVSS baseScore, nullable on OSV-only rows). A buyer can act on the returned row — pin to `patched_range` — without a second hop to NVD or GHSA.

Parameters schema

{
  "type": "object",
  "title": "query_cvesArguments",
  "required": [
    "query",
    "cutoff"
  ],
  "properties": {
    "k": {
      "type": "integer",
      "title": "K",
      "default": 5,
      "maximum": 20,
      "minimum": 1,
      "description": "1-20"
    },
    "query": {
      "type": "string",
      "title": "Query",
      "maxLength": 512,
      "minLength": 1,
      "description": "Vulnerability / supply-chain query."
    },
    "cutoff": {
      "type": "string",
      "title": "Cutoff",
      "pattern": "^\\d{4}-\\d{2}-\\d{2}(T.*)?$",
      "description": "Training cutoff as ISO-8601 date."
    },
    "min_severity": {
      "anyOf": [
        {
          "type": "number",
          "maximum": 10,
          "minimum": 0
        },
        {
          "type": "null"
        }
      ],
      "title": "Min Severity",
      "default": null,
      "description": "Optional CVSS baseScore floor (0.0-10.0). When set, rows with a populated severity_score below this value are dropped, and rows whose severity is unknown are skipped. Use 7.0 for high+critical only, 9.0 for critical only."
    }
  }
}

What this tool wraps· 0 endpoints

min confidence0.700.50

No endpoints wrapped at confidence ≥ 0.50.

Parent server

Fillin

1/7 registries
View full server →
query_cves — Fillin — PRSM MCP