Platform
Platform Overview Maps Memory Shadow Mode Widget Governance Actions Integrations
Developers
Overview Catalog Guardrails Dry Run Idempotency Credentials Audit Trail API Reference
Company
About Blog Contact Book a Demo
MCP Integrations Knowfirst
MCP & AI Agent Integration

Knowfirst
automation.

11 AI agent actions for Knowfirst — callable from any MCP-compatible runtime, Claude, Cursor, or Cerebral OS workflow. Use Knowfirst to automate business processes and connect tools in your stack. Full governance, audit trail, and dry-run safety on every execution.

Connect Knowfirst free Browse all integrations →
No credit card required
Live in production environments
<200ms median execution
Dry-run before production
Execution trace
live
11
actions
100%
governed
<200ms
latency
11
AI agent actions
7
Read operations
4
Write operations
1
High-risk actions (approval gated)
Business Tools Knowfirst is a Business Tools integration — use it to automate business operations and workflow automation from any AI agent or MCP-compatible runtime.
Actions

What you can do
with Knowfirst.

Every action below is available as an MCP tool and a verb in Cerebral OS — callable from any AI agent, Claude, Cursor, Windsurf, or your own runtime via the BYOA API. All executions are governed, audited, and dry-run safe.

Get Alert
knowfirst:get_alert
Fetch a single alert by ID with full details including risk score and indicators.
Read Low risk
Get Threat Intel
knowfirst:get_threat_intel
Fetch a single threat intelligence report by ID with indicators and analysis.
Read Low risk
Get Watchlist
knowfirst:get_watchlist
Fetch a single watchlist by ID with all indicators and recent alerts.
Read Low risk
List Alerts
knowfirst:list_alerts
List alerts with optional filtering by severity, status, category, and date range.
Read Low risk
List Threat Intel
knowfirst:list_threat_intel
List threat intelligence reports with filtering and search capabilities.
Read Low risk
List Watchlists
knowfirst:list_watchlists
List all watchlists with optional filtering by status, severity, and search.
Read Low risk
Search Indicators
knowfirst:search_indicators
Search for threat indicators by value with confidence scoring and context.
Read Low risk
Create Watchlist
knowfirst:create_watchlist
Create a new watchlist to monitor specific indicators and generate alerts.
Write Medium risk
Delete Watchlist
knowfirst:delete_watchlist
Permanently delete a watchlist and all its indicators. This action cannot be undone.
Write High risk
Update Alert
knowfirst:update_alert
Update an alert's status, assignee, notes, or tags.
Write Medium risk
Update Watchlist
knowfirst:update_watchlist
Update a watchlist's configuration, status, or metadata.
Write Medium risk
MCP & Runtime API

Call Knowfirst
from any AI agent.

Any AI agent — Claude, Cursor, LangChain, AutoGen, or your own — can call Knowfirst actions through the Cerebral OS Runtime API. Governance, credentials, and audit trail fire automatically.

knowfirst:get_alert READ
# Call via Runtime API
curl
-X POST \
  "https://api.cerebralos.com/v1/runtime/actions/run"
  -H "X-API-Key: YOUR_KEY" \
  -d '{
    "verb": "knowfirst:get_alert",
    "args": {},
    "execution_id": "agent-001"
  }'
knowfirst:create_watchlist WRITE
# Dry-run first — no production risk
curl
-X POST \
  "https://api.cerebralos.com/v1/runtime/actions/run"
  -H "X-API-Key: YOUR_KEY" \
  -d '{
    "verb": "knowfirst:create_watchlist",
    "args": {},
    "execution_id": "agent-001",
    "metadata": {"dryRun": true}
  }'
Get your Runtime API key at app.cerebralos.com/signup — 1,000 free executions, no credit card required.
AI agent examples

What your AI agent
can do with Knowfirst.

Real patterns your AI agent can execute via MCP or the Runtime API. Every action governed, dry-run safe, and fully audited.

Trigger
AI agent needs Knowfirst data
Call knowfirst:get_alert via MCP or Runtime API
AI processes result and takes next action
Full execution logged to audit trail automatically
Trigger
Workflow needs to write to Knowfirst
Dry-run validates knowfirst:create_watchlist before execution
Approval gate fires if risk level is high
Action executes with full governance — logged, audited, reversible
Trigger
Event in Knowfirst
Process with AI agent
Take governed action
Log to audit trail
How it works

Every Knowfirst action
governed end-to-end.

Cerebral OS isn't a connector. It's the execution layer that sits in front of Knowfirst — adding governance, dry-run safety, and a full audit trail to every operation.

Governance first
Every verb carries a risk classification. High-risk writes require explicit approval gates before they execute in production.
Dry-run safe
Simulate any Knowfirst action before it touches production. See exactly what would happen before a single real call is made.
Immutable audit trail
Every Knowfirst action is logged — what ran, what changed, who approved it, when it happened. Full history on every verb, forever.
Connect with

Knowfirst works best
alongside these.

Build multi-step workflows that connect Knowfirst to the rest of your stack. All governed. All audited.

Slack Gmail Hubspot Google Sheets Notion
Knowfirst integration

Start free.
No credit card required.

Start free with 1,000 runs — no credit card required. Connect Knowfirst in minutes, dry-run every action before it touches production, full audit trail on everything.

Start free — 1,000 runs Browse all integrations →