delete_vulnerability
Remove vulnerabilities from penetration testing reports by specifying their unique ID to maintain accurate security assessment documentation.
Instructions
Delete a vulnerability by ID
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| bearerToken | No | Bearer token for authentication (optional if REPORTS_JWT_TOKEN env var is set) | |
| vulnerabilityId | Yes | The ID of the vulnerability to delete (24-character MongoDB ObjectId) |
Implementation Reference
- server.js:519-584 (handler)The handler function deleteVulnerability that executes the tool logic: validates input, makes DELETE API call to delete the vulnerability, handles responses and errors appropriately.
async function deleteVulnerability(providedToken, vulnerabilityId) { try { const bearerToken = getBearerToken(providedToken); // Validate vulnerabilityId format (should be MongoDB ObjectId) if (!vulnerabilityId || !vulnerabilityId.match(/^[0-9a-fA-F]{24}$/)) { throw new McpError( ErrorCode.InvalidParams, 'Invalid vulnerabilityId format. Must be a valid MongoDB ObjectId (24 characters)' ); } const response = await axios.delete(`${VULNERABILITY_ENDPOINT}/${vulnerabilityId}`, { headers: { 'Authorization': `Bearer ${bearerToken}`, 'Content-Type': 'application/json', }, timeout: 10000, }); return { content: [ { type: 'text', text: JSON.stringify({ success: true, status: response.status, data: response.data, timestamp: new Date().toISOString(), message: `Successfully deleted vulnerability ${vulnerabilityId}`, }, null, 2), }, ], }; } catch (error) { if (error instanceof McpError) { throw error; } if (error.response) { return { content: [ { type: 'text', text: JSON.stringify({ success: false, status: error.response.status, error: error.response.data || error.message, timestamp: new Date().toISOString(), }, null, 2), }, ], }; } else if (error.request) { throw new McpError( ErrorCode.InternalError, `Network error: Unable to reach the API at ${VULNERABILITY_ENDPOINT}/${vulnerabilityId}` ); } else { throw new McpError( ErrorCode.InternalError, `Request setup error: ${error.message}` ); } } } - server.js:976-988 (schema)The input schema definition for the 'delete_vulnerability' tool, specifying parameters bearerToken (optional) and vulnerabilityId (required).
inputSchema: { type: 'object', properties: { bearerToken: { type: 'string', description: 'Bearer token for authentication (optional if REPORTS_JWT_TOKEN env var is set)', }, vulnerabilityId: { type: 'string', description: 'The ID of the vulnerability to delete (24-character MongoDB ObjectId)', }, }, required: ['vulnerabilityId'], - server.js:1192-1200 (registration)The registration/dispatch case in the CallToolRequestSchema handler's switch statement that calls the deleteVulnerability handler.
case 'delete_vulnerability': if (!args.vulnerabilityId) { throw new McpError( ErrorCode.InvalidParams, 'Vulnerability ID is required' ); } return await deleteVulnerability(args.bearerToken, args.vulnerabilityId); - server.js:973-989 (registration)The tool definition in the tools list returned by ListToolsRequestSchema, including name, description, and schema.
{ name: 'delete_vulnerability', description: 'Delete a vulnerability by ID', inputSchema: { type: 'object', properties: { bearerToken: { type: 'string', description: 'Bearer token for authentication (optional if REPORTS_JWT_TOKEN env var is set)', }, vulnerabilityId: { type: 'string', description: 'The ID of the vulnerability to delete (24-character MongoDB ObjectId)', }, }, required: ['vulnerabilityId'], },