Skip to main content
Glama
telmon95

VulneraMCP

by telmon95
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

zap.get_alerts

Retrieve security alerts from ZAP vulnerability scans to identify potential risks and prioritize remediation efforts.

Instructions

Get all security alerts from ZAP

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
baseURLNoFilter alerts by base URL (optional)
startNoStart index for pagination (optional)
countNoNumber of alerts to return (optional)
riskIdNoFilter by risk level: 0=Informational, 1=Low, 2=Medium, 3=High, 4=Critical (optional)

Implementation Reference

  • src/tools/zap.ts:227-234 (handler)
    The MCP tool handler function for 'zap.get_alerts'. Validates ZAP client availability and delegates to ZAPClient.getAlerts, formatting the result using formatToolResult.
    async ({ baseURL, start, count, riskId }: any): Promise<ToolResult> => { const client = getZAPClient(); if (!client) { return formatToolResult(false, null, 'ZAP client not initialized'); } const result = await client.getAlerts(baseURL, start, count, riskId); return formatToolResult(result.success, result.data, result.error); }
  • src/tools/zap.ts:203-225 (schema)
    Input schema for the zap.get_alerts tool, defining optional parameters for filtering and pagination.
    { description: 'Get all security alerts from ZAP', inputSchema: { type: 'object', properties: { baseURL: { type: 'string', description: 'Filter alerts by base URL (optional)', }, start: { type: 'number', description: 'Start index for pagination (optional)', }, count: { type: 'number', description: 'Number of alerts to return (optional)', }, riskId: { type: 'string', description: 'Filter by risk level: 0=Informational, 1=Low, 2=Medium, 3=High, 4=Critical (optional)', }, }, },
  • src/tools/zap.ts:202-235 (registration)
    Registration of the 'zap.get_alerts' tool using server.tool() within the registerZAPTools function.
    'zap.get_alerts', { description: 'Get all security alerts from ZAP', inputSchema: { type: 'object', properties: { baseURL: { type: 'string', description: 'Filter alerts by base URL (optional)', }, start: { type: 'number', description: 'Start index for pagination (optional)', }, count: { type: 'number', description: 'Number of alerts to return (optional)', }, riskId: { type: 'string', description: 'Filter by risk level: 0=Informational, 1=Low, 2=Medium, 3=High, 4=Critical (optional)', }, }, }, }, async ({ baseURL, start, count, riskId }: any): Promise<ToolResult> => { const client = getZAPClient(); if (!client) { return formatToolResult(false, null, 'ZAP client not initialized'); } const result = await client.getAlerts(baseURL, start, count, riskId); return formatToolResult(result.success, result.data, result.error); } );
  • src/integrations/zap.ts:206-255 (helper)
    Core helper function in ZAPClient class that queries the ZAP API for alerts, handles various response formats, maps risk/confidence levels, and structures data into ZAPAlert array.
    async getAlerts(baseURL?: string, start?: number, count?: number, riskId?: string): Promise<ZAPScanResult> { try { const params: any = {}; if (baseURL) params.baseurl = baseURL; if (start !== undefined) params.start = start; if (count !== undefined) params.count = count; if (riskId) params.riskId = riskId; const response = await this.client.get('/alert/view/alerts/', { params }); // Handle both array format and object format responses let alertsData: any[] = []; if (Array.isArray(response.data.alerts)) { alertsData = response.data.alerts; } else if (response.data.alerts && typeof response.data.alerts === 'object') { // If alerts is an object, convert to array alertsData = Object.values(response.data.alerts); } else if (Array.isArray(response.data)) { // Some ZAP versions return alerts directly as array alertsData = response.data; } const alerts: ZAPAlert[] = alertsData.map((alert: any) => ({ id: alert.pluginId?.toString() || alert.id?.toString() || '', name: alert.alert || alert.name || 'Unknown Alert', risk: this.mapRisk(alert.risk || alert.riskString || 'Informational'), confidence: this.mapConfidence(alert.confidence || alert.confidenceString || 'Low'), url: alert.url || '', param: alert.param || undefined, attack: alert.attack || undefined, evidence: alert.evidence || undefined, description: alert.description || undefined, solution: alert.solution || undefined, reference: alert.reference || undefined, })); return { success: true, data: { alerts, count: alerts.length, }, }; } catch (error: any) { return { success: false, error: error.message || 'Failed to get alerts', }; } }
  • src/index.ts:49-49 (registration)
    Top-level registration call that invokes registerZAPTools to add all ZAP tools, including zap.get_alerts, to the MCP server.
    registerZAPTools(server);
  • src/integrations/zap.ts:21-33 (schema)
    Type definition for ZAPAlert, used to structure the output data from getAlerts.
    export interface ZAPAlert { id: string; name: string; risk: 'Informational' | 'Low' | 'Medium' | 'High' | 'Critical'; confidence: 'False Positive' | 'Low' | 'Medium' | 'High' | 'Confirmed'; url: string; param?: string; attack?: string; evidence?: string; description?: string; solution?: string; reference?: string; }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/telmon95/VulneraMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server