--- description: "Discover the capabilities of our MCP, including analytics and reporting, vulnerability management, and security scanning, as well as the specialized prompts." keywords: "Ai tools, Fluid Attacks Mcp server, Mcp on Claude, Mcp on Cursor, Mcp on Vs Code, Fluid Attacks Ai integrations, get vulnerability information via chat, Fluid Attacks documentation" other: private: false title: Capabilities and use cases --- # Capabilities and use cases import { Image } from "@/components/image"; import { Callout } from "nextra/components"; Some of our MCP capabilities are available to everyone (no authentication required), while others are available only to authenticated users (API token required). **(a)** Start chats with a mention of Fluid Attacks' API (e.g., "Using Fluid Attacks' API, [...]"), **(b)** always specify whether your requests are at the group or the organization level, and **(c)** for requests at the group level, specify the name of the organization as well. ## Analytics and reporting ### Get organization analytics **Tool:** `get_organization_analytics` **What it does:** Shows security trends and metrics for your entire organization. **When to use:** - Monthly security reviews - Executive reporting - Tracking security improvement over time **Examples of requests:** - "Show me our ORGANIZATION_NAME's security risk trend for the last quarter." - "How has our vulnerability count changed over time in the group GROUP_NAME?" API token required. ### Get group analytics **Tool:** `get_group_analytics` **What it does:** Shows security trends and metrics for a specific group/project. **When to use:** - Project-specific security reviews - Sprint planning - Tracking remediation progress **Examples of requests:** - "Show the security trend for the group GROUP_NAME." - "How many vulnerabilities were fixed in the group GROUP_NAME this month?" - "What's the distribution of vulnerabilities in the group GROUP_NAME?" API token required. ## Vulnerability discovery and management ### Find weaknesses in a group **Tool:** `fetch_group_weaknesses` **What it does:** Lists types of security issues (e.g., SQL Injection, XSS) found in your projects. **When to use:** - Understanding what types of vulnerabilities you have - Planning targeted security training - Prioritizing remediation efforts **Examples of requests:** - "What types of vulnerabilities exist in the group GROUP_NAME?" - "Show me all critical security weaknesses in the group GROUP_NAME." - "List SQL injection findings across my groups." API token required. ### Find specific vulnerabilities **Tool:** `fetch_weakness_vulnerabilities` **What it does:** Lists exact instances of vulnerabilities with their locations in your code. **When to use:** - Assigning fixes to developers - Tracking specific security issues - Understanding where problems exist in your code **Examples of requests:** - "Show me all XSS vulnerabilities in the frontend code repo for the group GROUP_NAME." - "List untreated vulnerabilities by priority for the group GROUP_NAME." - "What vulnerabilities are in the authentication module of the group GROUP_NAME?" API token required. ### Get vulnerability details **Tool:** `get_vulnerability_details` **What it does:** Shows complete information about a specific vulnerability. **When to use:** - Investigating a security issue - Understanding how to fix a vulnerability - Reviewing a vulnerability before closing it **Examples of requests:** - "Show me details for vulnerability VULNERABILITY_UUID." - "What's the full information on the SQL injection in login.py for the group GROUP_NAME?" API token required. ### Get a vulnerability report **Tool:** `get_group_weaknesses_report` **What it does:** Creates a comprehensive report grouping vulnerabilities by type. **When to use:** - Security audits - Compliance reporting - Sprint planning meetings - Management presentations **Examples of requests:** - "Generate a vulnerability report for the ProductionAPI group." - "Show me a report of all open security issues in the group GROUP_NAME." - "Create a summary of vulnerabilities by severity in the group GROUP_NAME." API token required. ### Get a vulnerability overview **Tool:** `get_group_weaknesses_overview` **What it does:** Shows counts of vulnerabilities and weaknesses at a glance. **When to use:** - Quick daily status checks - Dashboard creation - Priority assessment **Examples of requests:** - "How many open vulnerabilities do we have in the group GROUP_NAME?" - "Give me a vulnerability count summary for the group GROUP_NAME." - "What's the current vulnerability status for the group GROUP_NAME?" API token required. ## Asset discovery (roots) ### View Git repositories **Tool:** `get_group_git_roots` **What it does:** Lists source code repositories being tested for security. **When to use:** - Verifying what code is being scanned - Finding specific repositories - Ensuring all code is covered **Examples of requests:** - "What Git repositories are we testing?" - "Show me all code repositories for the group GROUP_NAME." - "Is the frontend repository being scanned?" API token required. ### View IP addresses **Tool:** `get_group_ip_roots` **What it does:** Lists applications and services accessible via IP addresses being tested. **When to use:** - Black-box testing scope verification - Network security assessment - Infrastructure testing **Examples of requests:** - "What IP addresses are we scanning?" - "Show me all tested network endpoints." - "List IPs being tested for the WebApp group." API token required. ### View URLs **Tool:** `get_group_url_roots` **What it does:** Lists live websites and web applications being tested. **When to use:** - Verifying production testing scope - Web application security assessment - Ensuring all environments are covered **Examples of requests:** - "What websites are we testing?" - "Show me all URLs for the E-commerce project." - "List production environments being scanned." API token required. ### View vulnerabilities by root **Tool:** `fetch_group_root_vulnerabilities` **What it does:** Shows vulnerabilities found in a specific repository, IP, or URL. **When to use:** - Repository-specific security review - Assigning work to teams responsible for specific assets - Understanding security issues in one part of your infrastructure **Examples of requests:** - "What vulnerabilities are in the main-app repository?" - "Show me security issues for the production URL." - "List vulnerabilities found in the API server IP." API token required. ## Security scanning ### Run SCA scanner **Tool:** `run_sca_scanner` **What it does:** Provides instructions to scan your project dependencies for known vulnerabilities. **When to use:** - After adding new dependencies - Before releasing new versions - Regular security audits of libraries **Examples of requests:** - "How do I scan my dependencies?" - "Run an SCA scan on this project." - "Check my npm packages for vulnerabilities." **What it scans:** - Package.json and lock files - Requirements.txt and poetry files - Composer.json - pom.xml and gradle files - Any dependency management files ### Run SAST scanner **Tool:** `run_sast_scanner` **What it does:** Provides instructions to scan your source code for security vulnerabilities. **When to use:** - After writing new code - Before code reviews - Pre-deployment security checks **Examples of requests:** - "How do I scan my code for vulnerabilities?" - "Run a SAST scan on the authentication module." - "Check my Python code for security issues." **What it finds:** - SQL injection - Cross-site scripting (XSS) - Security misconfigurations - Hardcoded secrets - Insecure cryptography - And 100+ other vulnerability types ### Run both scanners **Tool:** `run_sca_and_sast_scanners` **What it does:** Provides instructions to run SAST and SCA scans together. **When to use:** - Comprehensive security assessment - Pre-production security gate - Weekly security checks **Examples of requests:** - "Run a complete security scan." - "Scan both my code and dependencies." - "Do a full security assessment." No authentication required. However, Docker is required to run the scanners. See "[Docker installation](https://docs.fluidattacks.com/integrations/mcp-server/docker-installation)" for more information. ## DevSecOps integration ### View CI/CD security results **Tool:** `get_devsecops_agent_executions` **What it does:** Shows results from automated security scans in your development pipeline. **When to use:** - Checking build status - Investigating failed security gates - Monitoring automation effectiveness **Examples of requests:** - "How many builds failed security checks this week for the group GROUP_NAME?" - "What was the result of the last Forces execution for the group GROUP_NAME?" API token required. ### View unsolved events **Tool:** `get_unsolved_events` **What it does:** Lists security incidents and situations requiring attention. **When to use:** - Daily incident review - Security event management - Prioritizing urgent issues **Examples of requests:** - "What security events need my attention?" - "Show me unsolved incidents." - "List open security events." API token required. ## Knowledge Base/Documentation ### Search articles **Tool:** `search_related_articles` **What it does:** Searches Fluid Attacks' security knowledge base for relevant information. **When to use:** - Learning about vulnerability types - Finding remediation guidance - Understanding security concepts **Examples of requests:** - "How to configure the SCA scanner to run on Azure DevOps?" - "What is cross-site scripting?" **Topics covered:** - Vulnerability explanations - Remediation guides - Security best practices - Platform usage instructions - Compliance guidance API token required. ## Specialized prompts The implementation of our MCP includes the following specialized prompts, which are designed to help AI agents perform security-related tasks: ### run_sca Pass the instructions to run the SCA scanner to the LLM. Usage: `/fluidattacks-mcp/run_sca` ### run_sast Pass the instructions to run the SAST scanner to the LLM. Usage: `/fluidattacks-mcp/run_sast` ### run_sca_and_sast Pass the instructions to run the SCA and SAST scanners to the LLM. Usage: `/fluidattacks-mcp/run_sca_and_sast` ### get_technology_based_remediation_strategy Pass the technology-specific remediation guidance to the LLM. Usage: `/fluidattacksmcp/get_technology_based_remediation_strategy` This is the only prompt that requires an API token. ### configure_github_sca_integration Pass the instructions to configure the SCA scanner to run on GitHub Actions to the LLM. Usage: `/fluidattacks-mcp/configure_github_sca_integration` ### configure_github_sast_integration Pass the instructions to configure the SAST scanner to run on GitHub Actions to the LLM. Usage: `/fluidattacks-mcp/configure_github_sast_integration` ### configure_agents_md Configure the AGENTS.md file in the project root directory. Usage: `/fluidattacks-mcp/config_agents_md` ### How to use these prompts To use Fluid Attacks MCP prompts, you start by typing the command name in the chat of your AI agent. For example, to configure the AGENTS.md file, you would type: `/fluidattacks-mcp/config_agents_md` Commands to use Fluid Attacks MCP prompts

Commands to use Fluid Attacks MCP prompts

Select the command you want to use and press Enter. Have an idea to simplify our architecture, or noticed docs that could use some love? Don't hesitate to [open an issue](https://gitlab.com/fluidattacks/universe/-/issues/new) or submit improvements.