Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| ZEROPATH_ORG_ID | Yes | Your ZeroPath organization ID | |
| ZEROPATH_TOKEN_ID | Yes | Your ZeroPath API token ID generated from organization settings | |
| ZEROPATH_TOKEN_SECRET | Yes | Your ZeroPath API token secret generated from organization settings |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| search_vulnerabilities | Search for vulnerabilities using the Zeropath API with a simple search query. |
| get_issue | Get a specific vulnerability issue by its ID, including patch information if available.
Args:
issue_id (str): The ID of the issue to retrieve |
| approve_patch | Approve a patch for a specific vulnerability issue.
Args:
issue_id (str): The ID of the issue whose patch should be approved |
| mark_true_positive | Mark a security issue as a true positive (confirmed vulnerability).
Args:
issue_id: The ID of the issue to mark as true positive |
| mark_false_positive | Mark a security issue as a false positive (not a real vulnerability).
Args:
issue_id: The ID of the issue to mark as false positive |
| archive_issue | Archive a security issue to remove it from active view.
Args:
issue_id: The ID of the issue to archive |
| unarchive_issue | Unarchive a previously archived security issue to restore it to active view.
Args:
issue_id: The ID of the issue to unarchive |
| generate_patch | Generate an automated patch/fix for a security issue.
Args:
issue_id: The ID of the issue to generate a patch for |
| start_scan | Start a new security scan on one or more repositories.
Args:
repository_ids: List of repository IDs to scan |
| list_scans | List security scans with optional filtering and pagination.
Args:
search_query: Optional search term to filter scans
repository_ids: Optional list of repository IDs to filter by
scan_type: Optional scan type filter (FullScan, PrScan, SCAScan)
page: Page number (default: 1)
page_size: Number of results per page (default: 10) |
| list_repositories | List all repositories in the organization.
Args:
search_query: Optional search term to filter repositories |
| get_security_posture | Get the overall security posture metrics for the organization. Returns security score, vulnerability trends, and risk assessment. |
| get_issues_by_vuln_class | Get issue statistics grouped by vulnerability class/type. Shows distribution of vulnerabilities by category (XSS, SQLi, etc.). |
| get_summary_statistics | Get aggregated summary statistics across the organization. Includes total issues, patches, repositories, and key metrics. |
| list_sca_vulnerabilities | Search for SCA (Software Composition Analysis) vulnerabilities in dependencies.
Args:
search_query: Optional search term to filter vulnerabilities
repository_ids: Optional list of repository IDs to filter by
ecosystems: Optional list of ecosystems to filter (npm, pip, maven, etc.)
transitivity: Optional filter by dependency type (direct, transitive)
page: Page number (default: 1)
page_size: Number of results per page (default: 50) |
| get_sca_vulnerability | Get detailed information about a specific SCA vulnerability.
Args:
vulnerability_id: The ID of the vulnerability to retrieve |
| list_sca_repositories | List repositories with their aggregated dependency inventory information. Shows which repositories have been analyzed for dependencies. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |