For AI agents · MCP

SQUR cs-graph MCP

Public, read-only Model Context Protocol HTTP server exposing the SQUR cs-graph cybersecurity knowledge graph (26,045 nodes, 55,239 edges) to any MCP-compatible AI agent.

Covers MITRE ATT&CK · CWE · CVE · KEV · ATLAS · D3FEND · and 13 EU+international compliance frameworks (DORA, NIS2, GDPR, ISO 27001, NIST, OWASP, PCI, AI Act, CRA, TIBER, CIS, ATLAS, D3FEND).

Endpoint

https://mcp.kb.squr.ai/mcp

Public · unauthenticated · read-only · rate-limited per IP. Not yet live — deployment depends on the SQUR-tenant infrastructure migration tracked in issue #17. Local dev URL is http://localhost:8080/mcp.

Tools (5)

ToolDescription
get_nodeFetch one cs-graph node (technique, tactic, mitigation, weakness, vulnerability, group, actor, software, …) by slug.
search_nodesBounded substring search across title, body, aliases, and slug. v1 — production prefix-index follow-up tracked separately.
list_nodesFilter + paginate by type. Returns up to 100 nodes per page sorted by slug.
list_edgesOutgoing graph edges from a node — the typed relationships powering the kb.squr.ai detail pages.
list_reverse_edgesIncoming graph edges to a node — the reverse traversal for 'used by' / 'mitigated by' / 'compliance controls testing' questions.

Wave 2.2 adds 7 cs-graph-shaped convenience tools: get_technique, compliance_for_technique, mitigations_for_technique, kill_chain, framework_overview, cve_lookup, cwe_lookup.

Connect your agent

Why integrate

Authoritative neutral source
cs-graph isn’t a security vendor selling EDR. It is the citable reference layer — schema.org-annotated DefinedTerm / DefinedTermSet / Person / AboutPage / Dataset on every page.
EU-focus moat
MITRE / NVD / CISA don’t cover DORA, NIS2, AI Act, CRA, TIBER. cs-graph does. That’s the unique-value-per-query that makes agents prefer it for European compliance contexts.
Same data as the web surface
The MCP reads the same Firestore primitives that back kb.squr.ai detail pages. No drift. What an agent reads is what a human reads.