zap.include_in_context
Add URL patterns to security testing contexts for automated vulnerability scanning in bug bounty workflows.
Instructions
Include a URL pattern in a context
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| contextName | Yes | Context name | |
| regex | Yes | URL regex pattern to include |
Implementation Reference
- src/tools/zap.ts:472-479 (handler)MCP tool handler for 'zap.include_in_context'. Retrieves ZAP client and delegates to client.includeInContext(contextName, regex), formatting the result.async ({ contextName, regex }: any): Promise<ToolResult> => { const client = getZAPClient(); if (!client) { return formatToolResult(false, null, 'ZAP client not initialized'); } const result = await client.includeInContext(contextName, regex); return formatToolResult(result.success, result.data, result.error); }
- src/tools/zap.ts:457-470 (schema)Input schema defining required parameters: contextName (string) and regex (string) for including URL patterns in ZAP context.inputSchema: { type: 'object', properties: { contextName: { type: 'string', description: 'Context name', }, regex: { type: 'string', description: 'URL regex pattern to include', }, }, required: ['contextName', 'regex'], },
- src/tools/zap.ts:453-480 (registration)Registration of the 'zap.include_in_context' MCP tool using server.tool(), providing description, input schema, and inline handler function.server.tool( 'zap.include_in_context', { description: 'Include a URL pattern in a context', inputSchema: { type: 'object', properties: { contextName: { type: 'string', description: 'Context name', }, regex: { type: 'string', description: 'URL regex pattern to include', }, }, required: ['contextName', 'regex'], }, }, async ({ contextName, regex }: any): Promise<ToolResult> => { const client = getZAPClient(); if (!client) { return formatToolResult(false, null, 'ZAP client not initialized'); } const result = await client.includeInContext(contextName, regex); return formatToolResult(result.success, result.data, result.error); } );
- src/integrations/zap.ts:355-385 (helper)ZAPClient.includeInContext helper method that makes API call to ZAP's /context/action/includeInContext/ endpoint, handling both contextName and contextId.async includeInContext(contextName: string, regex: string): Promise<ZAPScanResult> { try { // First try with contextName, if that fails and we have a numeric contextName, try as contextId try { const response = await this.client.get('/context/action/includeInContext/', { params: { contextName, regex }, }); return { success: true, data: response.data, }; } catch (error: any) { // If contextName fails and it's numeric, try as contextId if (!isNaN(Number(contextName))) { const response = await this.client.get('/context/action/includeInContext/', { params: { contextId: contextName, regex }, }); return { success: true, data: response.data, }; } throw error; } } catch (error: any) { return { success: false, error: error.message || 'Failed to include URL in context', }; } }