Connect Abuseipdb to AI agents

Connect Abuseipdb to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

bulk_report

Bulk Report IPs

Submit multiple IP abuse reports at once by uploading CSV data. The CSV should contain rows with IP address, categories, and optional comment/timestamp fields. Returns the number of successfully saved reports and details about any invalid entries.

get_ip_reports

Get IP Reports

Retrieve detailed, paginated abuse reports for a specific IP address. Each report includes the reporter's information, abuse categories, comments, and timestamps. Use this for in-depth investigation of abuse activity against a specific IP.

check_subnet

Check Subnet

Check an entire subnet (CIDR notation) for IP addresses that have been reported for abuse. Returns network details and a list of reported addresses within the block with their abuse scores. Use this to assess the reputation of a network range.

get_blacklist

Get Blacklist

Download a list of the most reported IP addresses, ordered by abuse confidence score. Can be filtered by minimum confidence score, country, and IP version. Use this to populate firewall blocklists or analyze global threat trends.

check_ip

Check IP Reputation

Look up the abuse reputation of an IP address (IPv4 or IPv6). Returns the abuse confidence score (0–100), geographic and network information, and optionally individual abuse reports in verbose mode. Use this to assess whether an IP address has been involved in malicious activity.

clear_ip_reports

Clear IP Reports

Delete all abuse reports that **your account** has previously submitted for a specific IP address. This does not affect reports submitted by other users. Use this to retract mistaken or outdated reports for an IP address.

report_ip

Report Abusive IP

Submit an abuse report for a malicious IP address. Specify the IP, one or more abuse category IDs, and an optional comment describing the attack. **Abuse category IDs:** - 1: DNS Compromise — 2: DNS Poisoning — 3: Fraud Orders — 4: DDoS Attack - 5: FTP Brute-Force — 6: Ping of Death — 7: Phishing — 8: Fraud VoIP - 9: Open Proxy — 10: Web Spam — 11: Email Spam — 12: Blog Spam - 13: VPN IP — 14: Port Scan — 15: Hacking — 16: SQL Injection - 17: Spoofing — 18: Brute Force — 19: Bad Web Bot — 20: Exploited Host - 21: Web App Attack — 22: SSH — 23: IoT Targeted

More integrations teams use with Abuseipdb

GitHub

Manage repositories, issues, and pull requests. Create and configure branches, star repositories, review code, and merge changes. Automate CI/CD workflows with GitHub Actions, manage workflow runs, secrets, and artifacts. Track issues with labels, milestones, and assignees. Search across code, repositories, issues, and users. Manage organizations, teams, and memberships. Create and manage projects, gists, packages, deployments, and environments. Access security alerts including code scanning, secret scanning, and Dependabot alerts. Read and write file contents in repositories. Manage webhooks, notifications, and codespaces.

Sharepoint

Manage SharePoint sites, document libraries, lists, and files. Create, read, update, and delete lists and list items with custom columns. Upload, download, move, copy, and version files in document libraries. Search across sites, files, folders, lists, and list items using Microsoft Search. Manage permissions at site, list, and item levels with granular access control. Define and manage content types and site columns. Subscribe to webhooks for list and library change notifications. Retrieve site properties and search for sites across Microsoft 365.

Salesforce

Manage CRM data including Accounts, Contacts, Leads, Opportunities, Cases, and custom objects. Create, read, update, and delete records. Query data using SOQL and search across objects using SOSL. Perform bulk data operations for large-scale imports, exports, and migrations. Execute composite requests to batch multiple operations in a single API call. Access analytics, reports, and dashboards. Manage files and attachments associated with records. Interact with Chatter feeds, posts, and groups for social collaboration. Subscribe to real-time change events via Change Data Capture and Platform Events. Manage org metadata including custom objects, fields, layouts, and workflows. Query data using GraphQL for precise data retrieval across related objects.

Airtable

Create, read, update, and delete records in Airtable bases and tables. Manage base schemas including creating tables and fields. Filter records using formulas, sort by fields, and scope queries to specific views. Upsert records to find, create, or update in a single call. Upload attachments to records, read and write record comments, list accessible bases, and receive real-time base change events through webhooks.

Bitbucket

Manage Git repositories, pull requests, and CI/CD pipelines on Bitbucket Cloud. Create, fork, and configure repositories within workspaces and projects. Create, review, approve, merge, and decline pull requests with inline code comments. Browse source code, list commits, and manage branches and tags. Track issues with the built-in issue tracker. Trigger, monitor, and manage Bitbucket Pipelines. List workspace members, configure repository default reviewers and branch restrictions, create and manage repository webhooks, and search code across repositories.

Heroku

Deploy, manage, and scale applications on Heroku's cloud platform. Create and configure apps, scale dynos, provision add-ons (databases, caching, etc.), manage configuration variables, build and release code, add custom domains and SSL certificates, manage collaborators and team permissions, configure pipelines for continuous delivery, set up log drains, and sync data with Salesforce via Heroku Connect. Subscribe to webhooks for real-time notifications on app changes, builds, releases, dyno lifecycle events, and more.

Technical notes for Abuseipdb

Check IP address reputation and abuse confidence scores. Report malicious IP addresses with categorized abuse types. Retrieve detailed abuse reports for IPs and subnets. Download blacklists of known malicious IPs for firewall import. Bulk-report abusive IPs via CSV upload. Clear your own submitted reports for an IP address.

Connect Abuseipdb to production AI agents

See how Metorial gives Abuseipdb access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Abuseipdb to AI agents with Metorial.

  1. Can Metorial connect Abuseipdb to AI agents?
    Yes. Metorial connects AI agents to Abuseipdb through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.