naftiko: 1.0.0-alpha2 info: label: Coalition Exploit Scoring System — Vulnerability Intelligence description: >- Coalition ESS capability covering 7 read-only operations against the public Coalition Exploit Scoring System API. Lead operation: List CVEs. Composes CVE search, single-CVE detail, ESS score history, ExploitDB and Metasploit exploit references, GitHub repository signals, and Twitter mention timelines into one self-contained vulnerability-intelligence capability. tags: - Coalition - Cybersecurity - Vulnerability - CVE - Threat Intelligence created: '2026-05-25' modified: '2026-05-25' binds: [] capability: consumes: - type: http namespace: exploit-scoring baseUri: https://ess-api.coalitioninc.com description: >- Coalition Exploit Scoring System read API. No authentication required; all operations are HTTP GET against a public production endpoint. resources: - name: cve path: /cve operations: - name: listcves method: GET description: List CVEs outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: search in: query type: string required: false - name: min_ess_score in: query type: number required: false - name: max_ess_score in: query type: number required: false - name: seen_on_cisa_kev in: query type: boolean required: false - name: page in: query type: integer required: false - name: page_size in: query type: integer required: false - name: cve-detail path: /cve/{cve_id} operations: - name: getcve method: GET description: Get CVE outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true - name: cve-history path: /cve/{cve_id}/history operations: - name: getessHistory method: GET description: Get CVE ESS History outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true - name: cve-exploitdb path: /cve/{cve_id}/exploits/exploitdb operations: - name: listexploitdb method: GET description: List ExploitDB Exploits For CVE outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true - name: cve-metasploit path: /cve/{cve_id}/exploits/metasploit operations: - name: listmetasploit method: GET description: List Metasploit Modules For CVE outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true - name: cve-twitter path: /cve/{cve_id}/mentions/twitter operations: - name: listtwitter method: GET description: List Twitter Mentions For CVE outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true - name: cve-github path: /cve/{cve_id}/repositories/github operations: - name: listgithub method: GET description: List GitHub Repositories Mentioning CVE outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cve_id in: path type: string required: true authentication: type: none exposes: - type: rest namespace: exploit-scoring-rest port: 8080 description: REST adapter for Coalition ESS. One resource per consumed operation, prefixed with /v1. resources: - path: /v1/cve name: cve operations: - method: GET name: listcves description: List CVEs call: exploit-scoring.listcves outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id} name: cve-detail operations: - method: GET name: getcve description: Get CVE call: exploit-scoring.getcve outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id}/history name: cve-history operations: - method: GET name: getessHistory description: Get CVE ESS History call: exploit-scoring.getessHistory outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id}/exploits/exploitdb name: cve-exploitdb operations: - method: GET name: listexploitdb description: List ExploitDB Exploits For CVE call: exploit-scoring.listexploitdb outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id}/exploits/metasploit name: cve-metasploit operations: - method: GET name: listmetasploit description: List Metasploit Modules For CVE call: exploit-scoring.listmetasploit outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id}/mentions/twitter name: cve-twitter operations: - method: GET name: listtwitter description: List Twitter Mentions For CVE call: exploit-scoring.listtwitter outputParameters: - type: object mapping: $. - path: /v1/cve/{cve_id}/repositories/github name: cve-github operations: - method: GET name: listgithub description: List GitHub Repositories Mentioning CVE call: exploit-scoring.listgithub outputParameters: - type: object mapping: $. - type: mcp namespace: exploit-scoring-mcp port: 9090 transport: http description: MCP adapter for Coalition ESS. One tool per consumed operation. tools: - name: list-cves description: List CVEs from Coalition Exploit Scoring System hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.listcves outputParameters: - type: object mapping: $. - name: get-cve description: Get a single CVE detail hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.getcve outputParameters: - type: object mapping: $. - name: get-cve-ess-history description: Get historical ESS score changes for a CVE hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.getessHistory outputParameters: - type: object mapping: $. - name: list-exploitdb-exploits-for-cve description: List ExploitDB exploits referencing a CVE hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.listexploitdb outputParameters: - type: object mapping: $. - name: list-metasploit-modules-for-cve description: List Metasploit modules referencing a CVE hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.listmetasploit outputParameters: - type: object mapping: $. - name: list-twitter-mentions-for-cve description: List Twitter mentions of a CVE hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.listtwitter outputParameters: - type: object mapping: $. - name: list-github-repositories-mentioning-cve description: List GitHub repositories mentioning a CVE hints: readOnly: true destructive: false idempotent: true call: exploit-scoring.listgithub outputParameters: - type: object mapping: $.