naftiko: 1.0.0-alpha2 info: label: NIST NVD CVE API description: 'NIST NVD CVE API. 2 operations. Lead operation: Retrieve CVE change history. Self-contained Naftiko capability covering one Nist business surface.' tags: - Nist - NIST NVD CVE API created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: NIST_API_KEY: NIST_API_KEY capability: consumes: - type: http namespace: nvd-cve baseUri: https://services.nvd.nist.gov/rest/json description: NIST NVD CVE API business capability. Self-contained, no shared references. resources: - name: cvehistory-2.0 path: /cvehistory/2.0 operations: - name: getcvehistory method: GET description: Retrieve CVE change history outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cveId in: query type: string description: Returns the change history for a single CVE. - name: changeStartDate in: query type: string description: Filter changes that occurred on or after this date (ISO 8601). - name: changeEndDate in: query type: string description: Filter changes that occurred on or before this date (ISO 8601). - name: resultsPerPage in: query type: integer description: Number of change records to return per page (max 5000). - name: startIndex in: query type: integer description: Zero-based offset into the result set. - name: cves-2.0 path: /cves/2.0 operations: - name: getcves method: GET description: Search CVE records outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: cveId in: query type: string description: Returns a single CVE record by its CVE identifier. - name: cpeName in: query type: string description: Returns CVE records associated with the supplied CPE 2.3 name. - name: cvssV3Severity in: query type: string description: Filter results by CVSS v3 qualitative severity rating. - name: keywordSearch in: query type: string description: Returns CVE records where the description contains the keyword. - name: pubStartDate in: query type: string description: Filter by CVE publish start date (ISO 8601). - name: pubEndDate in: query type: string description: Filter by CVE publish end date (ISO 8601). - name: lastModStartDate in: query type: string description: Filter by last modified start date (ISO 8601). - name: lastModEndDate in: query type: string description: Filter by last modified end date (ISO 8601). - name: resultsPerPage in: query type: integer description: Number of CVE records to return per page (max 2000). - name: startIndex in: query type: integer description: Zero-based offset into the result set. authentication: type: apikey key: apiKey value: '{{env.NIST_API_KEY}}' placement: header exposes: - type: rest namespace: nvd-cve-rest port: 8080 description: REST adapter for NIST NVD CVE API. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/cvehistory/2-0 name: cvehistory-2-0 description: REST surface for cvehistory-2.0. operations: - method: GET name: getcvehistory description: Retrieve CVE change history call: nvd-cve.getcvehistory with: cveId: rest.cveId changeStartDate: rest.changeStartDate changeEndDate: rest.changeEndDate resultsPerPage: rest.resultsPerPage startIndex: rest.startIndex outputParameters: - type: object mapping: $. - path: /v1/cves/2-0 name: cves-2-0 description: REST surface for cves-2.0. operations: - method: GET name: getcves description: Search CVE records call: nvd-cve.getcves with: cveId: rest.cveId cpeName: rest.cpeName cvssV3Severity: rest.cvssV3Severity keywordSearch: rest.keywordSearch pubStartDate: rest.pubStartDate pubEndDate: rest.pubEndDate lastModStartDate: rest.lastModStartDate lastModEndDate: rest.lastModEndDate resultsPerPage: rest.resultsPerPage startIndex: rest.startIndex outputParameters: - type: object mapping: $. - type: mcp namespace: nvd-cve-mcp port: 9090 transport: http description: MCP adapter for NIST NVD CVE API. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: retrieve-cve-change-history description: Retrieve CVE change history hints: readOnly: true destructive: false idempotent: true call: nvd-cve.getcvehistory with: cveId: tools.cveId changeStartDate: tools.changeStartDate changeEndDate: tools.changeEndDate resultsPerPage: tools.resultsPerPage startIndex: tools.startIndex outputParameters: - type: object mapping: $. - name: search-cve-records description: Search CVE records hints: readOnly: true destructive: false idempotent: true call: nvd-cve.getcves with: cveId: tools.cveId cpeName: tools.cpeName cvssV3Severity: tools.cvssV3Severity keywordSearch: tools.keywordSearch pubStartDate: tools.pubStartDate pubEndDate: tools.pubEndDate lastModStartDate: tools.lastModStartDate lastModEndDate: tools.lastModEndDate resultsPerPage: tools.resultsPerPage startIndex: tools.startIndex outputParameters: - type: object mapping: $.