Schema | HackerOne MCP Server

Describes the environment variables required to run the server.

Name	Required	Description	Default
No arguments

Features and capabilities supported by this server

Capability	Details
`tools`	{ "listChanged": true }

Functions exposed to the LLM to take actions

Name	Description
search_reports	Search and list your HackerOne reports. Filter by keyword, program, severity, or state. Great for finding past reports to reference when drafting new ones.
get_report	Get the full details of a specific HackerOne report by ID. Returns title, vulnerability details, impact, severity, CVSS, timestamps, and program info.
get_report_with_conversation	Get a report with its full triage conversation. Useful for understanding what questions triage asked, how you responded, and what led to resolution. Great for learning what works.
get_report_activities	Get the activity timeline of a report: comments, state changes, bounty awards, and triage responses.
list_programs	List bug bounty programs you have access to on HackerOne.
analyze_report_patterns	Fetch your recent reports and analyze patterns: most common vulnerability types, severity distribution, resolution rates, and programs. Useful for understanding your hunting profile.
get_program_scope	Get the in-scope assets for a bug bounty program. Returns asset types, identifiers, bounty eligibility, and severity caps. Useful when drafting reports to pick the correct asset.
get_program_weaknesses	Get the accepted vulnerability/weakness types for a program. Helps frame reports using the right CWE categories the program cares about.
get_earnings	Get your bounty earnings history. Shows amounts, currency, dates, and which programs paid out.

Interactive templates invoked by user choice

Name	Description
No prompts

Contextual data attached and managed by the client

Name	Description
No resources

HackerOne MCP Server