DefectDojo MCP Server

Overview Inspect Schema Related Servers Score Discussions

update_finding_status

Modify the status of a vulnerability finding in DefectDojo to values like Active, Verified, or False Positive. This tool helps manage and track findings efficiently within the vulnerability management system.

Instructions

Update the status of a finding (Active, Verified, False Positive, Mitigated, Inactive)

Input Schema

TableJSON Schema

Name	Required	Description	Default
`finding_id`	Yes
`status`	Yes

Implementation Reference

src/defectdojo/findings_tools.py:90-148 (handler)
The main handler function that implements the tool logic: maps user-provided status strings to DefectDojo API fields, handles flag conflicts, calls the client to update the finding, and returns success/error response.
async def update_finding_status(finding_id: int, status: str) -> Dict[str, Any]: """Update the status of a finding. Args: finding_id: ID of the finding to update status: New status for the finding (Active, Verified, False Positive, Mitigated, Inactive) Returns: Dictionary with status and data/error """ data = {"active": True} # Default to active # Map common status values to API fields status_lower = status.lower() if status_lower == "false positive": data["false_p"] = True elif status_lower == "verified": data["verified"] = True elif status_lower == "mitigated": data["active"] = False data["mitigated"] = True # Assuming API uses 'mitigated' boolean field elif status_lower == "inactive": data["active"] = False elif status_lower != "active": # Check against API specific values if needed, or raise error for unsupported input return {"status": "error", "error": f"Unsupported status: {status}. Use Active, Verified, False Positive, Mitigated, or Inactive."} # Clear conflicting flags if setting a specific status if data.get("false_p"): data.pop("verified", None) data.pop("active", None) data.pop("mitigated", None) elif data.get("verified"): data.pop("false_p", None) # Verified implies active usually, but check API docs if explicit setting is needed data["active"] = True data.pop("mitigated", None) elif data.get("mitigated"): data.pop("false_p", None) data.pop("verified", None) data["active"] = False # Mitigated implies inactive elif not data.get("active", True): # Handling "Inactive" case data.pop("false_p", None) data.pop("verified", None) data.pop("mitigated", None) data["active"] = False else: # Handling "Active" case (default or explicit) data.pop("false_p", None) data.pop("verified", None) data.pop("mitigated", None) data["active"] = True client = get_client() result = await client.update_finding(finding_id, data) if "error" in result: return {"status": "error", "error": result["error"], "details": result.get("details", "")} return {"status": "success", "data": result}
src/defectdojo/tools.py:42-45 (registration)
Registers the update_finding_status handler function as an MCP tool with name and description.
mcp.tool( name="update_finding_status", description="Update the status of a finding (Active, Verified, False Positive, Mitigated, Inactive)" )(update_finding_status)

This server cannot be installed

Other Tools

Related Tools

create_finding
@jamiesonio/defectdojo-mcp
create_engagement
@jamiesonio/defectdojo-mcp
add_finding_note
@jamiesonio/defectdojo-mcp
get_findings
@jamiesonio/defectdojo-mcp
list_engagements
@jamiesonio/defectdojo-mcp
update_submission
@unstrike/BugcrowdMCP

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jamiesonio/defectdojo-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server