{"ok":true,"host":"telesint-api.onrender.com","status":"failed","manifest":{"positioning":"Telesint is a Telegram-sourced cyber threat intelligence (CTI) API serving security analysts and automated triage agents that need structured, bulk feeds of actor profiles, IOCs, and breach reports. It is distinct in that all intelligence is derived from Telegram CTI channels, making it useful for monitoring threat actor communities and underground reporting. It does not offer identity-level breach checks, real-time streaming, or specific IOC value lookups.","host_overview":"telesint-api.onrender.com provides three paginated threat intelligence feeds sourced from Telegram CTI channels, covering threat actors, indicators of compromise (IOCs) with MITRE ATT&CK mappings, and breach/cyber-incident reports. Each feed returns structured metadata including severity, TLP classification, confidence scores, and actor attribution. All endpoints are single-shot bulk queries with no real-time streaming or point-lookup capability.","routing_guidance":"Use this host when an agent needs bulk, structured CTI feeds derived from Telegram channels — specifically for actor profiling, IOC triage with ATT&CK context, or breach incident monitoring. Do not use it for point-lookup queries against a specific IOC value, email address, or credential; use dedicated threat intelligence platforms (e.g., VirusTotal, HaveIBeenPwned) for those. Do not use it for real-time or streaming threat feeds; all endpoints are single-shot paginated queries. If MITRE ATT&CK coverage beyond what is embedded in the IOC feed is needed, a dedicated ATT&CK API would be more appropriate.","capability_clusters":[{"skill_names":["fetch-actor-threat-intel"],"cluster_name":"Threat Actor Intelligence","cluster_summary":"Provides structured profiles of threat actors including aliases, motivation, nation-state attribution, targeted sectors and countries, confidence scores, severity, and TLP classification sourced from Telegram CTI channels."},{"skill_names":["fetch-ioc-intel-feed"],"cluster_name":"IOC and TTP Feed","cluster_summary":"Delivers a bulk feed of recent indicators of compromise (URLs, CVEs, hashes) with associated MITRE ATT&CK technique mappings, actor motivation, severity, confidence, and TLP classification for detection and triage workflows."},{"skill_names":["fetch-breach-intel-feed"],"cluster_name":"Breach and Incident Intelligence","cluster_summary":"Returns a paginated feed of recent breach and cyber-incident reports covering ransomware, defacements, network intrusions, and fraud, with structured IOCs, target sectors, severity, and TLP metadata."}],"cross_skill_workflows":[{"steps":[{"skill_name":"fetch-actor-threat-intel","description":"Retrieve current threat actor profiles including attribution, motivation, and targeted sectors to establish the actor landscape."},{"skill_name":"fetch-ioc-intel-feed","description":"Pull the current IOC feed to identify active indicators and ATT&CK techniques associated with ongoing campaigns."},{"skill_name":"fetch-breach-intel-feed","description":"Fetch recent breach and incident reports to correlate actor activity and IOCs with confirmed real-world incidents."}],"when_to_use":"Use when an agent needs a broad, correlated picture of the current threat environment by combining actor profiles, active IOCs, and recent breach incidents from Telegram-sourced CTI feeds.","workflow_name":"Threat Landscape Aggregation"}]},"model":"claude-sonnet-4-6","version_no":3,"generated_at":"2026-05-28T07:43:27.452Z","provenance":"ai_authored_unreviewed","ai_authored":true,"merchant_reviewed":false,"merchant_edited":false,"merchant_reviewed_at":null,"merchant_edited_at":null,"skill_md_url":"https://x402gle.com/servers/telesint-api.onrender.com/SKILL.md","skills_url":"https://x402gle.com/servers/telesint-api.onrender.com/skills.json"}