VulneraMCP

Instructions

Implementation Reference

• src/tools/database.ts:58-81 (handler)

  Registration and handler function for the 'db.get_findings' tool. Defines the input schema, description, and the async handler that calls getFindings from postgres integration to retrieve findings filtered by target and limited, then formats the ToolResult.
  server.tool( 'db.get_findings', { description: 'Retrieve bug findings from the database', inputSchema: { type: 'object', properties: { target: { type: 'string', description: 'Filter by target' }, limit: { type: 'number', description: 'Maximum number of results', default: 100 }, }, }, }, async ({ target, limit = 100 }: any): Promise<ToolResult> => { try { const findings = await getFindings(target, limit); return formatToolResult(true, { findings, count: findings.length, }); } catch (error: any) { return formatToolResult(false, null, error.message); } } );
• src/integrations/postgres.ts:119-151 (helper)

  Supporting helper function getFindings that executes the SQL query to fetch findings from the 'findings' table in PostgreSQL, optionally filtered by target, ordered by timestamp DESC, limited, and maps rows to Finding objects.
  export async function getFindings( target?: string, limit: number = 100 ): Promise<Finding[]> { const client = await initPostgres().connect(); try { let query = 'SELECT * FROM findings'; const params: any[] = []; if (target) { query += ' WHERE target = $1'; params.push(target); } query += ' ORDER BY timestamp DESC LIMIT $' + (params.length + 1); params.push(limit); const result: QueryResult = await client.query(query, params); return result.rows.map((row: any) => ({ id: row.id.toString(), target: row.target, type: row.type, severity: row.severity, description: row.description, payload: row.payload, response: row.response, timestamp: row.timestamp, score: row.score, })); } finally { client.release(); } }