search
Pack: mitre-attck · Endpoint: https://gateway.pipeworx.io/mitre-attck/mcp
Substring search across the bundle.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
query | string | yes | |
type | string | no | attack-pattern | intrusion-set | tool | malware | x-mitre-tactic | course-of-action |
domain | string | no |
Example call
Arguments
{
"query": "phishing"
}
curl
curl -X POST https://gateway.pipeworx.io/mitre-attck/mcp \
-H 'Content-Type: application/json' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"search","arguments":{"query":"phishing"}}}'
TypeScript (@pipeworx/sdk)
import { Pipeworx } from '@pipeworx/sdk';
const pipeworx = new Pipeworx();
const result = await pipeworx.call('search', {
"query": "phishing"
});
More examples
{
"query": "ransomware",
"type": "malware"
}
Response shape
Always returns: domain, query, count, results
| Field | Type | Description |
|---|---|---|
domain | string | Domain searched |
query | string | Search query (lowercased) |
count | integer | Number of results found |
results | array | Matching STIX objects (max 200) |
Full JSON Schema
{
"type": "object",
"properties": {
"domain": {
"type": "string",
"description": "Domain searched"
},
"query": {
"type": "string",
"description": "Search query (lowercased)"
},
"count": {
"type": "integer",
"description": "Number of results found"
},
"results": {
"type": "array",
"description": "Matching STIX objects (max 200)",
"items": {
"type": "object"
}
}
},
"required": [
"domain",
"query",
"count",
"results"
]
}
Connect
Add this to your MCP client config, or use one-click install buttons:
{
"mcpServers": {
"mitre-attck": {
"url": "https://gateway.pipeworx.io/mitre-attck/mcp"
}
}
}
See Getting Started for client-specific install steps.