Can I use CISA KEV as a CLI?

Yes. KosmoKrator exposes a CISA KEV CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose CISA KEV through MCP?

Yes. The KosmoKrator MCP gateway can expose selected CISA KEV tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are CISA KEV credentials stored?

CISA KEV credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for CISA KEV MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

data

CISA KEV CLI for AI Agents

Use the CISA KEV CLI from KosmoKrator to call CISA KEV tools headlessly, return JSON, inspect schemas, and automate workflows from coding agents, scripts, and CI.

CISA KEV CLI Setup

CISA KEV can be configured headlessly with `kosmokrator integrations:configure cisa-kev`.

Install, configure, and verify

# Install KosmoKrator first if it is not available on PATH.
curl -fsSL https://raw.githubusercontent.com/OpenCompanyApp/kosmokrator/main/install.sh | bash

# Configure and verify this integration.
kosmokrator integrations:configure cisa-kev --enable --read allow --write ask --json
kosmokrator integrations:doctor cisa-kev --json
kosmokrator integrations:status --json

Credentials

Authentication type: No credentials none. Configure credentials once, then reuse the same stored profile from scripts, coding CLIs, Lua, and MCP.

No credentials are required.

Command Patterns

The generic command is stable across every integration. The provider shortcut is shorter for humans.

Generic CLI call

kosmo integrations:call cisa-kev.cisa_kev_catalog '{}' --json

Provider shortcut

kosmo integrations:cisa-kev cisa_kev_catalog '{}' --json

Discovery

These commands return structured output for coding agents that need to inspect capabilities before choosing a function.

Discovery commands

kosmo integrations:docs cisa-kev --json
kosmo integrations:docs cisa-kev.cisa_kev_catalog --json
kosmo integrations:schema cisa-kev.cisa_kev_catalog --json
kosmo integrations:search "CISA KEV" --json
kosmo integrations:list --json

Automation Contexts

The same configured command surface works in these environments. The command does not change unless the host wrapper, credentials, or permissions change.

CI Run integration calls from CI jobs with JSON output, explicit credentials, and predictable exit status. Cron Jobs Schedule repeatable integration workflows from cron while keeping credentials in KosmoKrator config. Shell Scripts Call integration functions from shell scripts with stable JSON input and output. Headless Automation Use KosmoKrator as a non-interactive integration runtime for local automations and wrappers. Coding Agents Let coding agents discover schemas and execute integration functions through CLI commands or MCP.

CLI Functions

Every function below can be called headlessly. Commands are highlighted, copyable, and scroll horizontally when payloads are long.

`cisa-kev.cisa_kev_catalog`

Retrieve the full CISA KEV JSON catalog.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_catalog '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_catalog '{}' --json

`cisa-kev.cisa_kev_search`

Search and filter CISA KEV vulnerabilities client-side.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_search '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_search '{}' --json

`cisa-kev.cisa_kev_get_vulnerability`

Retrieve one KEV catalog entry by CVE ID.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_get_vulnerability '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_get_vulnerability '{}' --json

`cisa-kev.cisa_kev_recent`

List recently added KEV catalog entries.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_recent '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_recent '{}' --json

`cisa-kev.cisa_kev_schema`

Retrieve the official CISA KEV JSON schema.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_schema '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_schema '{}' --json

`cisa-kev.cisa_kev_csv`

Retrieve the official CISA KEV CSV export.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_csv '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_csv '{}' --json

`cisa-kev.cisa_kev_license`

Retrieve the CISA KEV feed license text.

Read read

Parameters: none

Generic call

kosmo integrations:call cisa-kev.cisa_kev_license '{}' --json

Shortcut

kosmo integrations:cisa-kev cisa_kev_license '{}' --json

Function Schemas

Use these parameter tables when building CLI payloads without calling integrations:schema first.

cisa-kev.cisa_kev_catalog 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_catalog --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_search 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_search --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_get_vulnerability 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_get_vulnerability --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_recent 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_recent --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_schema 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_schema --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_csv 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_csv --json

Parameter	Type	Required	Description
No parameters.

cisa-kev.cisa_kev_license 0 parameters

Schema command

kosmo integrations:schema cisa-kev.cisa_kev_license --json

Parameter	Type	Required	Description
No parameters.

Permissions

Headless calls still follow the integration read/write permission policy. Configure read/write defaults with integrations:configure. Add --force only for trusted automation that should bypass that policy.