@pipeworx/mitre-cwe
Connect: https://gateway.pipeworx.io/mitre-cwe/mcp · Install: one-click buttons
Tools: 7
MITRE Common Weakness Enumeration (CWE) MCP — software/hardware weakness taxonomy. Wraps the CWE API. Keyless.
Tools
weakness(id, view?)— CWE record by id (e.g.79,CWE-79)category(id)— category recordview(id)— view record (e.g.1003)children(id)— children of a weakness/category/viewparents(id)— parent relationshipsdescendants(id)— full subtreerelationship(source_id, target_id)— relationship details between two CWEs
Data source
https://cwe-api.mitre.org/api/v1/
Tools
- weakness — “What is CWE-[N]” / “look up CWE [name]” / “details on [weakness]” / “explain XSS / SQL injection / buffer overflow” / “what kind of security flaw is [X]” — fetch a single MITRE CWE (Common Weakness E
- category — “What CWEs fall under [category]” / “list weaknesses in the [X] family” / “memory safety weaknesses” / “input validation weaknesses” — fetch a CWE category record (a thematic grouping of related CWEs
- view — “Top 25 most dangerous software weaknesses” / “OWASP Top 10 CWE mapping” / “CWE view [N]” — fetch a curated CWE view (a published, opinionated selection of weaknesses). View 1003 = simplified mapping
- children — “CWEs derived from / under [N]” / “child weaknesses of [CWE]” / “more specific variants of [X]” — list immediate children of a CWE in the relationship tree. CWE is hierarchical; e.g. children of CWE-1
- parents — “What’s the parent CWE of [N]” / “broader weakness category for [X]” / “where does [CWE] sit in the taxonomy” — list immediate parents of a CWE in the relationship tree. Use to walk up to a more gener
- descendants — “All weaknesses derived from [CWE]” / “full subtree below [N]” / “every variant of [X]” — full transitive descendants (children, grandchildren, …) of a CWE. Use for exhaustive coverage analysis — e.g.
- relationship — “How is [CWE-A] related to [CWE-B]” / “relationship between two weaknesses” — fetch the directional relationship (parent/child/peer/precedes/can-precede) between two specific CWE IDs. Specialty tool;
Tools
-
category— What CWEs fall under [category] / list weaknesses in the [X] family / memory safety weaknesses / input validation weaknesses — fetch a CWE category record (a thematic grouping of related CWEs like Mem -
children— CWEs derived from / under [N] / child weaknesses of [CWE] / more specific variants of [X] — list immediate children of a CWE in the relationship tree. CWE is hierarchical; e.g. children of CWE-119 (me -
descendants— All weaknesses derived from [CWE] / full subtree below [N] / every variant of [X] — full transitive descendants (children, grandchildren, …) of a CWE. Use for exhaustive coverage analysis — e.g. every -
parents— What's the parent CWE of [N] / broader weakness category for [X] / where does [CWE] sit in the taxonomy — list immediate parents of a CWE in the relationship tree. Use to walk up to a more general wea -
relationship— How is [CWE-A] related to [CWE-B] / relationship between two weaknesses — fetch the directional relationship (parent/child/peer/precedes/can-precede) between two specific CWE IDs. Specialty tool; most -
view— Top 25 most dangerous software weaknesses / OWASP Top 10 CWE mapping / CWE view [N] — fetch a curated CWE view (a published, opinionated selection of weaknesses). View 1003 = simplified mapping (NVD u -
weakness— What is CWE-[N] / look up CWE [name] / details on [weakness] / explain XSS / SQL injection / buffer overflow / what kind of security flaw is [X] — fetch a single MITRE CWE (Common Weakness Enumeration