search_vulnerabilities
Scan and identify vulnerabilities by keyword across systems using the Nessus MCP Server, enabling targeted security assessments and threat mitigation.
Instructions
Search for vulnerabilities by keyword
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| keyword | Yes | Keyword to search for in vulnerability names and descriptions |
Implementation Reference
- src/tools/vulnerabilities.ts:139-208 (handler)The main handler function implementing the search_vulnerabilities tool. Validates keyword input, searches through mock vulnerabilities data by name or description, formats and returns matching results or error messages.export const searchVulnerabilitiesToolHandler = async (args: Record<string, unknown>) => { try { // Validate arguments if (!args.keyword || typeof args.keyword !== 'string') { return { content: [ { type: 'text', text: 'Error: Keyword is required and must be a string' } ], isError: true }; } const keyword = args.keyword.toLowerCase(); // Import vulnerabilities from mock-data const { vulnerabilities } = await import('../mock-data.js'); // Search for vulnerabilities matching the keyword const matches = vulnerabilities.filter(vuln => vuln.name.toLowerCase().includes(keyword) || vuln.description.toLowerCase().includes(keyword) ); if (matches.length === 0) { return { content: [ { type: 'text', text: `No vulnerabilities found matching "${args.keyword}"` } ] }; } // Format the search results let results = `# Vulnerability Search Results for "${args.keyword}"\n\n`; results += `Found ${matches.length} matching vulnerabilities:\n\n`; matches.forEach((vuln, index) => { results += `## ${index + 1}. ${vuln.name} (${vuln.id})\n\n`; results += `**Severity:** ${vuln.severity.toUpperCase()}\n`; results += `**CVSS Score:** ${vuln.cvss_score}\n\n`; results += `${vuln.description}\n\n`; results += `To get full details, use the \`get_vulnerability_details\` tool with vulnerability_id: ${vuln.id}\n\n`; }); return { content: [ { type: 'text', text: results } ] }; } catch (error) { const mcpError = handleNessusApiError(error); return { content: [ { type: 'text', text: `Error: ${mcpError.message}` } ], isError: true }; } };
- src/tools/vulnerabilities.ts:124-137 (schema)Defines the input schema for the search_vulnerabilities tool, specifying a required 'keyword' string parameter.export const searchVulnerabilitiesToolSchema = { name: 'search_vulnerabilities', description: 'Search for vulnerabilities by keyword', inputSchema: { type: 'object', properties: { keyword: { type: 'string', description: 'Keyword to search for in vulnerability names and descriptions' } }, required: ['keyword'] } };
- src/index.ts:71-86 (registration)Registers the search_vulnerabilities tool schema in the ListToolsRequest handler, making it discoverable.server.setRequestHandler( ListToolsRequestSchema, async () => { return { tools: [ listScanTemplatesToolSchema, startScanToolSchema, getScanStatusToolSchema, getScanResultsToolSchema, listScansToolSchema, getVulnerabilityDetailsToolSchema, searchVulnerabilitiesToolSchema ] }; } );
- src/index.ts:109-110 (registration)Dispatches calls to the 'search_vulnerabilities' tool by invoking its handler in the CallToolRequest switch statement.case 'search_vulnerabilities': return await searchVulnerabilitiesToolHandler(args);
- src/index.ts:33-37 (registration)Imports the schema and handler for search_vulnerabilities from vulnerabilities.ts for use in the main server.getVulnerabilityDetailsToolSchema, getVulnerabilityDetailsToolHandler, searchVulnerabilitiesToolSchema, searchVulnerabilitiesToolHandler } from './tools/vulnerabilities.js';