{"name":"threat-intel-api","version":"1.0.0","runtime":"cloudflare-workers","description":"Threat Intelligence API — IP reputation scoring, domain safety analysis, and CVE vulnerability lookup.","endpoints":["GET  /threat-intel/health                    — Health check","POST /threat-intel/api/v1/ip-reputation      — IP reputation & threat scoring","POST /threat-intel/api/v1/domain-check       — Domain safety analysis","POST /threat-intel/api/v1/cve-lookup         — CVE vulnerability lookup","POST /threat-intel/mcp                       — MCP JSON-RPC 2.0 endpoint"],"documentation":{"ip_reputation":{"method":"POST","body":"{ \"ip\": \"8.8.8.8\" }","description":"Classifies IP as private/bogon/public, computes threat score 0-100, detects spoofing indicators."},"domain_check":{"method":"POST","body":"{ \"domain\": \"example.com\" }","description":"Analyzes domain for suspicious TLDs, homograph attacks, brand impersonation, phishing patterns."},"cve_lookup":{"method":"POST","body":"{ \"cve_id\": \"CVE-2021-44228\" }","description":"Looks up CVE by ID. Returns severity, CVSS, affected software, and references. 8 major CVEs in local DB."}}}